Software Engineering Institute

Grace A. Lewis

Principal Researcher

Grace A. Lewis is the lead for the SEI Tactical and AI-enabled Systems initiative and the principal investigator for three research projects in the field of Software Engineering for Machine Learning (SE4ML):

Characterizing and Detecting Mismatch in ML-Enabled Systems

A problem with deployment of ML systems in production environments is that their development and operation involve three perspectives, with three different and often completely separate workflows and people: the data scientist builds the model; the software engineer integrates the model into a larger system; and then operations staff deploy, operate, and monitor the system. Because these perspectives operate separately and often speak different languages, there are opportunities for mismatch between the assumptions made by each perspective with respect to the elements of the ML-enabled system, and the actual guarantees provided by each element. We conducted a study with practitioners to identify and validate mismatches and their consequences. In parallel we conducted a multi-vocal literature study to identify best practices for software engineering of ML systems that could address the identified mismatches. The result of the gap analysis between the outcome of the two tasks is a set of machine-readable descriptors that contain attributes of system elements that need to be made explicit and shared between stakeholders to avoid mismatch. These descriptors can be used by system stakeholders for information awareness and evaluation activities; and by automated mismatch detectors at design time and run time for cases in which attributes lend themselves to automation.

Automating Mismatch Detection and Testing in ML Systems

This project is a continuation of the previous project and is building on the set of developed descriptors for elements of ML-enabled system, to validate these descriptors at larger scale and provide automation to improve consistent and timely detection of mismatches. A suite of tools is being developed to (1) automate mismatch detection, and (2) demonstrate how the descriptors can be extended to support testing of ML components, particularly for production-readiness.

Predicting Inference Degradation in Production ML Systems

The inference quality of deployed ML models changes over time due to differences between characteristics of training and production data. State of engineering practice in industry relies on periodic retraining and model redeployment strategies to evade inference degradation, as opposed to monitoring for inference degradation. However, this strategy is not appropriate for all types of systems, environments, and organizations. The goal of this project is to develop a set of empirically-validated metrics that are better predictors of when a model’s inference quality will degrade below a threshold due to different types of data drift and requires retraining. Develop a set of empirically-validated metrics that are predictors of when a model’s inference quality will degrade below a threshold due to different types of data drift, and therefore requires retraining. These metrics will be able to determine (1) when a model really needs to be retrained so as to avoid spending resources on unnecessary retraining, and (2) when a model needs to be retrained before its scheduled retraining time so as to minimize the time that the model is producing sub-optimal results.

Grace also led the following research projects related to Edge Computing and IoT Security:

Kalki: High-Assurance Software-Defined IoT Security

This project developed an IoT security platform that operates, with high assurance, in a resilient and trustworthy manner even in the presence of a powerful and realistic attacker who can compromise IoT devices, control nodes, and other intermediaries. The software-defined IoT security platform is composed of (i) a high-assurance control node that monitors security-relevant events and alters the "security postures" of IoT devices to enforce specific policies; (ii) trusted data nodes that execute these security postures for each IoT device using "micro-middleboxes." The Kalki IoT security platform is available on GitHub.

Authentication and Authorization of IoT Devices in Tactical Environments

This project evaluated adapted, and implemented an IETF proposal for authentication and authorization in constrained environments (ACE) such that it is resilient to high-priority threats of tactical environments (e.g., node impersonation and capture) that are currently not addressed in ACE. The SEI-ACE implementation is available on GitHub.

Tactical Cloudlets

Tactical cloudlets are forward-deployed, discoverable computing nodes that can be hosted on vehicles and other platforms to provide computation and data services at the edge, where there is limited (or no) connectivity to the cloud. The tactical cloudlet software is available as KD-Cloudlet on GitHub. Tactical cloudlets include a novel mechanism for secure key generation and exchange for establishing trust between cloudlets and mobile clients, as well as secure service migration between cloudlets.