695.715.8VL - Assured Autonomy

Fall 2023


Autonomic systems leverage the growing advances in control, computer vision, and machine learning coupled with technological advances in sensing, computation, and communication. While this emerging highly connected, autonomous world is full of promise, it also introduces safety and security risks that are not present in legacy systems. This course focuses on the complexities inherent in autonomous systems and the multifaceted and multilayered approaches necessary to assure their secure and safe operation. As these systems become more pervasive, guaranteeing their safe operation even during unforeseen and unpredictable events becomes imperative. There are currently no real solutions to provide these runtime guarantees necessitating cutting-edge research to provide state awareness, intelligence, control, safety, security, effective human-machine interaction, robust communication, and reliable computation and operation to these systems. This online course in a seminar-style format leads the students to participate in learning activities, record summary presentation of a selection of papers, write a peer-reviewed publication-quality paper, and record a workshop presentation for virtual panel review.

Expanded Course Description

Students are expected to propose and conduct an experiment that will prove their paper’s hypothesis.


Profile photo of David Concepcion.

David Concepcion

Course Structure

The course is divided into topic modules which can be accessed by clicking Course Modules on the left menu. A topic module will have Objectives, Readings, Slides & Links, Lecture. You are encouraged to preview all sections of the module before starting. You should regularly check the Calendar and Announcements for assignment due dates.

Course Topics

Introduction to Assured Autonomy

AI Safety, Trust, Security, and Privacy

Anomaly and Fault Detection

Dataset Shift

Formal Verification and Validation

Test, Evaluation, and Certification

interpretable, Explainable Machine Learning

Human-AI Integration

Ethics, Policy, and Governance

Adversarial Autonomy

Runtime Monitoring and Assurance

Safe Reinforcement LEarning

Mock Symposium

Course Goals

At a strategic level, the goals of this course in assured autonomy are to: 
  1. Foster a comprehensive understanding of the complexities and challenges associated with ensuring secure and safe operation of autonomous systems in cyber-physical environments.
  2. Enable students to conduct in-depth research, develop cutting-edge solutions, and effectively communicate their findings through publication-quality papers and compelling presentations.
  3. Provide students with the opportunity to engage in a collaborative learning environment, simulate the peer-review process, and gain practical experience by presenting their work in a mock symposium, thereby preparing them to contribute to the field of assured autonomy at an advanced level.

Course Learning Outcomes (CLOs)


None. A variety of current papers pertaining to assured autonomy will serve as the texts for the course.

Student Coursework Requirements

It is expected that each module will take approximately 7–10 hours per week to complete. Here is an approximate breakdown: reading the assigned papers (approximately 3–4 hours per week) as well as presenting and leading the discussion on two papers (approximately 2–3 hours per week), and writing a workshop-style paper (approximately 2–3 hours per week).

Course Lectures:

This course will use MS TEAMS to facilitate virtual live course lecture sessions each week. The lectures will follow the Course Calendar. (See the separate Course Calendar document.) 

Class lecture attendance and active participation are opportunities for the student to demonstrate mastery of the course topics.  If you must miss a lecture, please coordinate with the instructor ahead of time.  In addition to watching the lecture recording, the student may be asked to submit a paper with their responses to the questions asked during the lecture.

This course will consist of the following basic student requirements:

Preparation and Participation (20% of Final Grade Calculation)

You are responsible for carefully reading all assigned material and being prepared for discussion. Most readings are from research papers.

Evaluation of preparation and participation is based on contribution to discussions. Your grade for participation will be based on your interaction with classmates. Feel free to agree or disagree with points being raised if you are thoughtful, civil, and constructive. 

As part of the preparation grade, the following submissions are included: Submit 3 paper selections, 3 project topics, 3 literature reviews, draft outline, draft project proposal, draft project paper v.1 and v.2.

Paper Presentations (20% of Final Grade Calculation)

All students in this course must present two papers on the day scheduled. The student will submit four paper titles/links before the assigned date, of which two will be selected in collaboration with the instructor. Presentations must include the following key elements:

  1. Identify the problem being solved (e.g., guaranteeing safe autonomous operation is hard)
  2. Identify the goals with which the authors have decided to solve this (e.g., formal verification, run-time assurance, etc.)
  3. Clearly describe the related work, and why it does not already solve the problem and the stated goals
  4. Provide an overview of the system implementation
  5. Describe the most technical components of the system in more detail
  6. Describe the experimental setup and results
  7. Summarize the conclusions

Presentations should NOT be a simple regurgitation of the material and should include an evaluation of the paper: the authors evaluate the system; you must evaluate the paper.

  1. Evaluate the problem: is their problem really a problem? How important is this problem? Who is this a problem for? Are there simple alternatives?
  2. Evaluate the goals: are these the correct goals? Will achieving a system that addresses these goals really solve the problem, or just a part of the problem?
  3. Evaluate the related work: is there anything missing? Are they explaining the related work in the broader context?
  4. Evaluate their presentation of the material: are there details missing? Can this system be built by a third party? Is this the correct way to solve the problem?
  5. Evaluate their evaluation: is the experiment setup correct? Are there cofounds? Uncontrolled variables? Missing evaluations? Does this evaluation really evaluate the system about the goals?
  6. Evaluate the conclusion: are these conclusions valid? Does it explain how the system relates to larger conversations within the community, and how does it contribute to the community’s understanding of the larger topic?

Reuse of the author’s slides is allowed and encouraged. However, you must modify the original slides to provide your own evaluation of the paper in the appropriate contexts.

Critiques of the outlines/papers should provide suggestions on the following: 

Course Project (60% of Final Grade Calculation)

This section provides a recipe for making a research contribution to the area of assured autonomy. Each student in the course must complete such a project. Collaboration between students on an application is encouraged because combined brainpower has a higher probability of making impact and getting published. However, each student must complete a different subcomponent of the problem and must submit his/her own project report.

All students in this course must produce a paper by the end of the class. The project will be divided into several steps, each of which will culminate in a workshop or conference-style paper. The topic can address any aspect of assured autonomy. The process will be detailed in the class lectures.

The focus of the paper will be on the framing of your project: identifying the problem and goals, making a hypothesis, and designing an experiment to test that hypothesis. The actual implementation will not be graded. This is to ensure that the project you choose is both well motivated and will produce a compelling conclusion before you spend any time implementing. Thus, you will spend the semester creating a paper that frames a project that you have not necessarily implemented, with the goal of abstracting away the research process so that you can apply it to subsequent projects (including, perhaps, the one that is the subject of your paper).

Although most academic papers submitted to workshops are written in LaTeX, this course will accept MS WORD for ease of editing and review through MS Office suite provided by JHU.  IEEE-Template Selector

LaTex is a tag-based markup language like HTML and the basics can easily be learned by reading a sample file. We will use the IEEE Conference Template (https://www.overleaf.com/latex/templates/ieee-conference-templateexample/nsncsyjfmpxy), which is also a great template to learn from.

This is an outline of the paper expected:

Step 1: Define the application, the problem, your goals, and your hypothesis

Describe a problem related to assuring the safety or security of autonomous systems and the constraints that this application domain dictates. Describe how the problem is or would likely be solved with current technology. Then, identify the limitations (which constraints are violated) or bottlenecks (which constraints are tightest) for the existing solution(s). Be sure to cover the following points:

Step 2: Literature Review – Relate this problem/solution to other problems/solutions

Read all of the papers that provide insight and/or complete solutions to this problem. If one of the existing solutions adequately solves the problem, go back to Step 1. Otherwise, write a section that first summarizes the known facts about this problem and second describes the existing solutions you have found, making a point to indicate for each why it does not completely solve your problem. Be sure to cover the following points:

To find the papers, try searching google and google scholar first. Find a few papers that come very close to your topic, and follow their references.

Step 3: System Proposal – Describe the system that will address your problem/goals

Propose a system to solve your problem. This should include any hardware you may need. Any algorithms you are proposing should be thoroughly described. Each component of the system should be profiled in terms of all application constraints listed in the introduction. If the system does not meet application constraints, go back to Step 1.

Step 4: Experimental Setup – Describe the experiment that will test your hypothesis

Propose an experiment to evaluate how well your system works in comparison with previous technologies. This usually means using the system for the application that was proposed while instrumenting the deployment to collect ground truth and/or evaluation metrics. “Ground truth” must be collected if there are things in your experiment that are not controlled, like user actions or goals. Evaluation metrics must always be collected. Typically, you should collect exactly as many evaluation metrics as there are application constraints listed in the introduction. In this report, you must describe exactly how your system will be used in an application setting, how the important variables will be controlled or measured (ground truth), and how you will collect the evaluation metrics.

 Typically, you will need to run the same experimental setup with two system implementations: one using an existing assurance approach and one using your new approach. This is not always necessary but is highly recommended because it often makes the difference in terms of conference acceptance. You will typically also repeat the same experiment multiple times to provide statistically significant results. You must state how many times you repeat as well as whether you are going to test the effect of any independent variables. Be sure to cover the following points:

Step 5: Experimental Results – Draw plots with the hypothesized data produced by your experiments

Before doing the experiment, add the outline of the section in which you would present the results. Typically, you should first summarize the key results. Then, present more detailed graphs of the evaluation metrics collected from each experiment. Towards the end of the section, or throughout, indicate interesting or unexpected details in the data. Since your data will not be collected yet, most of this text will only be a place holder. However, there are two points you should be sure to nail down in advance: statistical analysis and graphs. At some point, you will need to compare some data sets to indicate improvement; be sure to indicate how you will do this comparison (e.g., a one-sided t-test?). Doing this will ensure that you are, for example, collecting enough readings to draw statistically significant conclusions. You should also put graphs of your actual predicted results; do not just put a blank pair of x and y axes as a place holder for your graphs. This will help you identify which data sets will be interesting, and which will be hard to visualize. It also helps focus your experiment so that you collect exactly the data you need (not too much and not too little). Boring graphs will probably just be summarized with simple statistics, but if all your graphs turn out to be boring revise the experimental setup, system proposal, or even the introduction. Be sure to cover the following points:

Step 6: Conclusions – Discuss what you have learned about your hypothesis, and why it matters

Draw conclusions from your study. This means more than just summarizing the experimental results; quantify the benefits in terms of the application, i.e., in terms of improved safety, security, explainability of ML/AI, etc. Also generalize your problem and solution; does this approach solve a general class of problems (possibly with an enumerable set of modifications) or is it only applicable to this specific problem. Finally, identify some open problems based on either limitations of your experimental setup or on unexplained observations during the experiment.




Grading Policy

Final grades will be determined by the following weighting:

Preparation and Participation (20% of Final Grade Calculation)

Paper Presentations (20% of Final Grade Calculation)

Course Project (60% of Final Grade Calculation)

Grade Area%
Project outline & peer review10
Solution Proposal Presentation 10.
Draft Paper10.
Draft paper peer review10.
Project Final Paper10.
Symposium Presentation10.

EP uses a +/- grading system (see “Grading System”, Graduate Programs catalog, p. 10).

Score RangeLetter Grade
100-97= A+
96-93= A
92-90= A−
89-87= B+
86-83= B
82-80= B−
79-77= C+
76-73= C
72-70= C−
69-67= D+
66-63= D
<63= F

Academic Policies

Deadlines for Adding, Dropping and Withdrawing from Courses

Students may add a course up to one week after the start of the term for that particular course. Students may drop courses according to the drop deadlines outlined in the EP academic calendar (https://ep.jhu.edu/student-services/academic-calendar/). Between the 6th week of the class and prior to the final withdrawal deadline, a student may withdraw from a course with a W on their academic record. A record of the course will remain on the academic record with a W appearing in the grade column to indicate that the student registered and withdrew from the course.

Academic Misconduct Policy

All students are required to read, know, and comply with the Johns Hopkins University Krieger School of Arts and Sciences (KSAS) / Whiting School of Engineering (WSE) Procedures for Handling Allegations of Misconduct by Full-Time and Part-Time Graduate Students.

This policy prohibits academic misconduct, including but not limited to the following: cheating or facilitating cheating; plagiarism; reuse of assignments; unauthorized collaboration; alteration of graded assignments; and unfair competition. Course materials (old assignments, texts, or examinations, etc.) should not be shared unless authorized by the course instructor. Any questions related to this policy should be directed to EP’s academic integrity officer at ep-academic-integrity@jhu.edu.

Students with Disabilities - Accommodations and Accessibility

Johns Hopkins University values diversity and inclusion. We are committed to providing welcoming, equitable, and accessible educational experiences for all students. Students with disabilities (including those with psychological conditions, medical conditions and temporary disabilities) can request accommodations for this course by providing an Accommodation Letter issued by Student Disability Services (SDS). Please request accommodations for this course as early as possible to provide time for effective communication and arrangements.

For further information or to start the process of requesting accommodations, please contact Student Disability Services at Engineering for Professionals, ep-disability-svcs@jhu.edu.

Student Conduct Code

The fundamental purpose of the JHU regulation of student conduct is to promote and to protect the health, safety, welfare, property, and rights of all members of the University community as well as to promote the orderly operation of the University and to safeguard its property and facilities. As members of the University community, students accept certain responsibilities which support the educational mission and create an environment in which all students are afforded the same opportunity to succeed academically. 

For a full description of the code please visit the following website: https://studentaffairs.jhu.edu/policies-guidelines/student-code/

Classroom Climate

JHU is committed to creating a classroom environment that values the diversity of experiences and perspectives that all students bring. Everyone has the right to be treated with dignity and respect. Fostering an inclusive climate is important. Research and experience show that students who interact with peers who are different from themselves learn new things and experience tangible educational outcomes. At no time in this learning process should someone be singled out or treated unequally on the basis of any seen or unseen part of their identity. 
If you have concerns in this course about harassment, discrimination, or any unequal treatment, or if you seek accommodations or resources, please reach out to the course instructor directly. Reporting will never impact your course grade. You may also share concerns with your program chair, the Assistant Dean for Diversity and Inclusion, or the Office of Institutional Equity. In handling reports, people will protect your privacy as much as possible, but faculty and staff are required to officially report information for some cases (e.g. sexual harassment).

Course Auditing

When a student enrolls in an EP course with “audit” status, the student must reach an understanding with the instructor as to what is required to earn the “audit.” If the student does not meet those expectations, the instructor must notify the EP Registration Team [EP-Registration@exchange.johnshopkins.edu] in order for the student to be retroactively dropped or withdrawn from the course (depending on when the "audit" was requested and in accordance with EP registration deadlines). All lecture content will remain accessible to auditing students, but access to all other course material is left to the discretion of the instructor.