Safe AI for Cyber-Physical Systems
Model Security, Adversarial Robustness, and Trustworthy Methods
Preface
This is a collection of notes and guidelines on Safe AI with a focus on model security, adversarial robustness, and trustworthy practices for modern cyber-physical systems (CPS).
The materials consolidate insights from research and practical applications, highlighting both fundamental concepts and advanced defense strategies.
Each section begins with learning objectives and core readings, with additional resources provided throughout the text.
The notes are intended as a complement to textbooks and formal training, offering targeted coverage of security and robustness challenges in AI and ML systems deployed in CPS.
The intended audience is expected to be familiar with programming and the following concepts and methods:
- probability and statistics for uncertainty quantification
- algorithms and data structures for secure computation
- reinforcement learning for decision-making in CPS
- optimization methods under adversarial constraints
- adversarial machine learning
- evasion attacks
- poisoning attacks
- backdoor attacks
- Optimization & Control
- optimization techniques (convex, non-convex, gradient-based methods)
- model predictive control and decision-making under constraints
- uncertainty modeling and robust control strategies
- robustness techniques
- adversarial training
- defensive distillation
- certified defenses
- adversarial training
- black-box and grey-box testing methods for model evaluation
- explainability, transparency, and safe deployment practices
- research methodology and experimental design for trustworthy AI in CPS
Citation
Kumar, K. (2025). Safe AI for Cyber-Physical Systems: Model Security, Adversarial Robustness, and Trustworthy Methods. Edition 2025-10.
License
This work is licensed under the MIT License.