One correction to last week's newsletter: the title Is Robustness at the Cost of Accuracy should have been Is Robustness the Cost of Accuracy.
Reward learning from human preferences and demonstrations in Atari (Borja Ibarz et al): We have had lots of work on learning from preferences, demonstrations, proxy rewards, natural language, rankings etc. However, most such work focuses on one of these modes of learning, sometimes combined with an explicit reward function. This work learns to play Atari games using both preference and demonstration information. They start out with a set of expert demonstrations which are used to initialize a policy using behavioral cloning. They also use the demonstrations to train a reward model using the DQfD algorithm. They then continue training the reward and policy simultaneously, where the policy is trained on rewards from the reward model, while the reward model is trained using preference information (collected and used in the same way as Deep RL from Human Preferences) and the expert demonstrations. They then present a lot of experimental results. The main thing I got out of the experiments is that when demonstrations are good (near optimal), they convey a lot of information about how to perform the task, leading to high reward, but when they are not good, they will actively hurt performance, since the algorithm assumes that the demonstrations are high quality and the demonstrations "override" the more accurate information collected via preferences. They also show results on efficiency, the quality of the reward model, and the reward hacking that can occur if you don't continue training the reward model alongside the policy.
Rohin's opinion: I'm excited to see work that combines information from multiple sources! In general with multiple sources you have the problem of figuring out what to do when the sources of information conflict, and this is no exception. Their approach tends to prioritize demonstrations over preferences when the two conflict, and so in cases where the preferences are better (as in Enduro) their approach performs poorly. I'm somewhat surprised that they prioritize demos over preferences, since it seems humans would be more reliable at providing preferences than demos, but perhaps they needed to give demos more influence over the policy in order to have the policy learn reasonably quickly. I'd be interested in seeing work that tries to use the demos as much as possible, but detect when conflicts happen and prioritize the preferences in that situation -- my guess is that this would let you get good performance across most Atari games.
Technical AI alignment
Embedded agency sequence
Embedded Agency (full-text version) (Scott Garrabrant and Abram Demski): This is the text version of all of the previous posts in the sequence.
Iterated amplification sequence
The Steering Problem (Paul Christiano): The steering problem refers to the problem of writing a program that uses black-box human-level cognitive abilities to be as useful as a well-motivated human Hugh (that is, a human who is "trying" to be helpful). This is a conceptual problem -- we don't have black-box access to human-level cognitive abilities yet. However, we can build suitable formalizations and solve the steering problem within those formalizations, from which we can learn generalizable insights that we can apply to the problem we will actually face once we have strong AI capabilities. For example, we could formalize "human-level cognitive abilities" as Hugh-level performance on question-answering (yes-no questions in natural language), online learning (given a sequence of labeled data points, predict the label of the next data point), or embodied reinforcement learning. A program P is more useful than Hugh for X if, for every project using a simulation of Hugh to accomplish X, we can efficiently transform it into a new project which uses P to accomplish X.
Rohin's opinion: This is an interesting perspective on the AI safety problem. I really like the ethos of this post, where there isn't a huge opposition between AI capabilities and AI safety, but instead we are simply trying to figure out how to use the (helpful!) capabilities developed by AI researchers to do useful things.
If I think about this from the perspective of reducing existential risk, it seems like you also need to make the argument that AI systems are unlikely to pose an existential threat before they are human-level (a claim I mostly agree with), or that the solutions will generalize to sub-human-level AI systems.
Clarifying "AI Alignment" (Paul Christiano): I previously summarized this in AN #2, but I'll consider it in more detail now. As Paul uses the term, "AI alignment" refers only to the problem of figuring out how to build an AI that is trying to do what humans want. In particular, an AI can be aligned but still make mistakes because of incompetence. This is not a formal definition, since we don't have a good way of talking about the "motivation" of an AI system, or about "what humans want", but Paul expects that it will correspond to some precise notion after we make more progress.
Rohin's opinion: Ultimately, our goal is to build AI systems that reliably do what we want them to do. One way of decomposing this is first to define the behavior that we want from an AI system, and then to figure out how to obtain that behavior, which we might call the definition-optimization decomposition. Ambitious value learning aims to solve the definition subproblem. I interpret this post as proposing a different decomposition of the overall problem. One subproblem is how to build an AI system that is trying to do what we want, and the second subproblem is how to make the AI competent enough that it actually does what we want. I like this motivation-competence decomposition for a few reasons, which I've written a long comment about that I strongly encourage you to read. The summary of that comment is: motivation-competence isolates the urgent part in a single subproblem (motivation), humans are an existence proof that the motivation subproblem can be solved, it is possible to apply the motivation framework to systems without lower capabilities, the safety guarantees degrade slowly and smoothly, the definition-optimization decomposition as exemplified by expected utility maximizers has generated primarily negative results, and motivation-competence allows for interaction between the AI system and humans. The major con is that the motivation-competence decomposition is informal, imprecise, and may be intractable to work on.
An unaligned benchmark (Paul Christiano): I previously summarized this in Recon #5, but I'll consider it in more detail now. The post argues that we could get a very powerful AI system using model-based RL with MCTS. Specifically, we learn a generative model of dynamics (sample a sequence of observations given actions), a reward model, and a policy. The policy is trained using MCTS, which uses the dynamics model and reward model to create and score rollouts. The dynamics model is trained using the actual observations and actions from the environment. The reward is trained using preferences or rankings (think something like Deep RL from Human Preferences). This is a system we could program now, and with sufficiently powerful neural nets, it could outperform humans.
However, this system would not be aligned. There could be specification failures: the AI system would be optimizing for making humans think that good outcomes are happening, which may or may not happen by actually having good outcomes. (There are a few arguments suggesting that this is likely to happen.) There could also be robustness failures: as the AI exerts more control over the environment, there is a distributional shift. This may lead to the MCTS finding previously unexplored states where the reward model accidentally assigns high reward, even though it would be a bad outcome, causing a failure. This may push the environment even more out of distribution, triggering other AI systems to fail as well.
Paul uses this and other potential AI algorithms as benchmarks to beat -- we need to build aligned AI algorithms that achieve similar results as these benchmarks. The further we are from hitting the same metrics, the larger the incentive to use the unaligned AI algorithm.
Iterated amplification could potentially solve the issues with this algorithm. The key idea is to always be able to cash out the learned dynamics and reward models as the result of (a large number of) human decisions. In addition, the models need to be made robust to worst case inputs, possibly by using these techniques. In order to make this work, we need to make progress on robustness, amplification, and an understanding of what bad behavior is (so that we can argue that it is easy to avoid, and iterated amplification does avoid it).
Rohin's opinion: I often think that the hard part of AI alignment is actually the strategic side of it -- even if we figure out how to build an aligned AI system, it doesn't help us unless the actors who actually build powerful AI systems use our proposal. From that perspective, it's very important for any aligned systems we build to be competitive with unaligned ones, and so keeping these sorts of benchmarks in mind seems like a really good idea. This particular benchmark seems good -- it's essentially the AlphaGo algorithm, except with learned dynamics (since we don't know the dynamics of the real world) and rewards (since we want to be able to specify arbitrary tasks), which seems like a good contender for "powerful AI system".
Fixed point sequence
Fixed Point Exercises (Scott Garrabrant): Scott's advice to people who want to learn math in order to work on agent foundations is to learn all of the fixed-point theorems across the different areas of math. This sequence will present a series of exercises designed to teach fixed-point theorems, and will then talk about core ideas in the theorems and how the theorems relate to alignment research.
Rohin's opinion: I'm not an expert on agent foundations, so I don't have an opinion worth saying here. I'm not going to cover the posts with exercises in the newsletter -- visit the Alignment Forum for that. I probably will cover the posts about how the theorems relate to agent foundations research.
Dimensional regret without resets (Vadim Kosoy)
Learning human intent
Reward learning from human preferences and demonstrations in Atari (Borja Ibarz et al): Summarized in the highlights!
Acknowledging Human Preference Types to Support Value Learning (Nandi, Sabrina, and Erin): Humans often have multiple "types" of preferences, which any value learning algorithm will need to handle. This post concentrates on one particular framework -- liking, wanting and approving. Liking corresponds to the experience of pleasure, wanting corresponds to the motivation that causes you to take action, and approving corresponds to your conscious evaluation of how good the particular action is. These correspond to different data sources, such as facial expressions, demonstrations, and rankings respectively. Now suppose we extract three different reward functions and need to use them to choose actions -- how should we aggregate the reward functions? They choose some desiderata on the aggregation mechanism, inspired by social choice theory, and develop a few aggregation rules that meet some of the desiderata.
Rohin's opinion: I'm excited to see work on dealing with conflicting preference information, particularly from multiple data sources. To my knowledge, there isn't any work on this -- while there is work on multimodal input, usually those inputs don't conflict, whereas this post explicitly has several examples of conflicting preferences, which seems like an important problem to solve. However, I would aim for a solution that is less fixed (i.e. not one specific aggregation rule), for example by an active approach that presents the conflict to the human and asks how it should be resolved, and learning an aggregation rule based on that. I'd be surprised if we ended up using a particular mathematical equation presented here as an aggregation mechanism -- I'm much more interested in what problems arise when we try to aggregate things, what criteria we might want to satisfy, etc.
Evaluating Robustness of Neural Networks with Mixed Integer Programming (Anonymous): I've only read the abstract so far, but this paper claims to find the exact adversarial accuracy of an MNIST classifier within an L infinity norm ball of radius 0.1, which would be a big step forward in the state of the art for verification.
On a Formal Model of Safe and Scalable Self-driving Cars (Shai Shalev-Shwartz et al)
ImageNet-trained CNNs are biased towards texture; increasing shape bias improves accuracy and robustness (Anonymous) (summarized by Dan H): This paper empirically demonstrates the outsized influence of textures in classification. To address this, they apply style transfer to ImageNet images and train with this dataset. Although training networks on a specific corruption tends to provide robustness only to that specific corruption, stylized ImageNet images supposedly lead to generalization to new corruption types such as uniform noise and high-pass filters (but not blurs).
AI strategy and policy
AI development incentive gradients are not uniformly terrible (rk): This post considers a model of AI development somewhat similar to the one in Racing to the precipice paper. It notes that under this model, assuming perfect information, the utility curves for each player are discontinuous. Specifically, the models predict deterministically that the player that spent the most on something (typically AI capabilities) is the one that "wins" the race (i.e. builds AGI), and so there is a discontinuity at the point where the players are spending equal amounts of money. This results in players fighting as hard as possible to be on the right side of the discontinuity, which suggests that they will skimp on safety. However, in practice, there will be some uncertainty about which player wins, even if you know exactly how much each is spending, and this removes the discontinuity. The resulting model predicts more investment in safety, since buying expected utility through safety now looks better than increasing the probability of winning the race (whereas before, it was compared against changing from definitely losing the race to definitely winning the race).
Rohin's opinion: The model in Racing to the precipice had the unintuitive conclusion that if teams have more information (i.e. they know their own or other’s capabilities), then we become less safe, which puzzled me for a while. Their explanation is that with maximal information, the top team takes as much risk as necessary in order to guarantee that they beat the second team, which can be quite a lot of risk if the two teams are close. While this is true, the explanation from this post is more satisfying -- since the model has a discontinuity that rewards taking on risk, anything that removes the discontinuity and makes it more continuous will likely improve the prospects for safety, such as not having full information. I claim that in reality these discontinuities mostly don't exist, since (1) we're uncertain about who will win and (2) we will probably have a multipolar scenario where even if you aren't first-to-market you can still capture a lot of value. This suggests that it likely isn't a problem for teams to have more information about each other on the margin.
That said, these models are still very simplistic, and I mainly try to derive qualitative conclusions from them that my intuition agrees with in hindsight.
Other progress in AI
Learning Latent Dynamics for Planning from Pixels (Danijar Hafner et al) (summarized by Richard): The authors introduce PlaNet, an agent that learns an environment's dynamics from pixels and then chooses actions by planning in latent space. At each step, it searches for the best action sequence under its Recurrent State Space dynamics model, then executes the first action and replans. The authors note that having a model with both deterministic and stochastic transitions is critical to learning a good policy. They also use a technique called variational overshooting to train the model on multi-step predictions, by generalising the standard variational bound for one-step predictions. PlaNet approaches the performance of top model-free algorithms even when trained on 50x fewer episodes.
Richard's opinion: This paper seems like a step forward in addressing the instability of using learned models in RL. However, the extent to which it's introducing new contributions, as opposed to combining existing ideas, is a little unclear.
Modular Architecture for StarCraft II with Deep Reinforcement Learning (Dennis Lee, Haoran Tang et al)
Approximating CNNs with Bag-of-local-Features models works surprisingly well on ImageNet (Anonymous) (summarized by Dan H): This paper proposes a bag-of-features model using patches as features, and they show that this can obtain accuracy similar to VGGNet architectures. They classify each patch and produce the final classification by a majority vote; Figure 1 of the paper tells all. In some ways this model is more interpretable than other deep architectures, as it is clear which regions activated which class. They attempt to show that, like their model, VGGNet does not use global shape information but instead uses localized features.
Formal Limitations on The Measurement of Mutual Information (David McAllester and Karl Stratos)