The Workshop on Post-AI Formal Methods at AAAI-26

Jan 26th 2026 | Singapore EXPO

Talks

Invited Talks & Contributed Talks


We are finalizing session times full schedule is coming soon

:
:
:
Days
Hours
Minutes
Seconds
Countdown finished!

Invited Talks

Dr. Soonho Kong

Amazon Web Services

Lean into Verifiable Intelligence


The future of AI lies in "Verifiable Intelligence" through self-verifying and self-improving systems enabled by formal verification tools like Lean that can validate reasoning steps, not just final answers. Current reasoning models are flawed because they focus only on answer correctness while ignoring intermediate reasoning validity, a critical limitation for agentic AI systems that must take reliable actions based on their reasoning. This talk demonstrates that large language models fail as judges of mathematical reasoning, performing barely better than random chance when distinguishing correct from incorrect proofs. This violates Rich Sutton's "Verification Principle" that AI systems can only create knowledge to the extent they can verify it. We argue that Lean offers the solution by enabling complete verification of reasoning steps, creating a virtuous cycle where better AI accelerates formalization of human knowledge, which in turn enables better verifiable AI systems. This represents the next major revolution in knowledge creation, analogous to how digitization and the internet transformed knowledge access and sharing.

Prof. Hana Chockler

King's College London

Using causality for debugging and explainability


In this talk I will look at the application of causality to debugging models and explainability. Specifically, I will talk about actual causality as introduced by Halpern and Pearl, and its quantitative extensions. This theory turns out to be extremely useful in various areas of computer science due to a good match between the results it produces and our intuition. It turns out to be particularly useful for explaining the outputs of large AI systems. I will argue that explainability can be viewed as a debugging technique and illustrate this approach with a number of examples. I will discuss the differences between the traditional view of explainability as a human-oriented technique and the type of explainability we are proposing, which is essentially a window inside the (otherwise black-box) system.

Prof. Jin Song Dong

National University of Singapore

Trusted AI and Reasoning Beyond LLM


The rise of code-centric Large Language Models (LLMs) has reshaped the software engineering world with tools like Copilot, DeepSeek, and OpenAI GPT-5 that can easily generate code. However, there is no correctness guarantee for the code generated by LLMs, which suffer from the hallucination problem. The first part of this talk shows that the program refinement calculus can be used as a formal chain of thought to guide LLM and verify the correctness of the LLM-generated code [POPL'25]. The second part of this talk investigates LLM-aided System Design, where LLM enhanced formal methods agents are proposed [ICML'25]. The third part of this talk shows the weakness of LLM in solving planning and strategy analysis problems where formal reasoning techniques are needed.

Contributed Talks

Track 1 Papers

Provable Repair of Deep Neural Network Defects by Preimage Synthesis and Property Refinement

Jianan Ma, Jingyi Wang, Qi Xuan, and Zhen Wang

Deep neural networks may exhibit dangerous behaviors under various security threats and there exists an ongoing arms race between attackers and defenders. In this work, we propose to utilize recent progress on neural network repair to mitigate these threats and repair various kinds of neural network defects within a unified framework. To push the boundary of existing repairs (suffering from limitations such as lack of guarantees, limited scalability, etc) in addressing more practical contexts, we propose ProRepair, a novel provable repair framework driven by formal preimage synthesis and property refinement. The key ideas are: (i) synthesizing a proxy box to characterize the feature-space preimage, which can guide the subsequent repair step towards the correct outputs, and (ii) performing property refinement to enable surgical corrections and scale to more complex tasks. We evaluate ProRepair across various repair tasks and the results demonstrate it outperforms existing methods.

The CAISAR Platform: Extending the Reach of Machine Learning Specification and Verification

Michele Alberti, François Bobot, Julien Girard-Satabin, Alban Grastien, Aymeric Varasse, and Zakaria Chihani

While existing formal verification tools are increasingly effective at verifying local robustness properties, more complex ones, such as those involving multiple neural networks, remain beyond their capabilities: these properties cannot currently be expressed in their specification languages, nor can they be directly verified. We present CAISAR, an open-source platform for specifying and verifying properties of machine learning models, with particular focus on neural networks and support vector machines. CAISAR provides a high-level language for specifying complex properties and integrates several state-of-the-art verifiers for their automatic verification. Through concrete use cases, we show how CAISAR leverages automated graph-editing techniques to translates high-level specifications into queries for the supported verifiers, bridging the embedding gap between user specifications and the corresponding ones that are actually verified.

From Decision Trees to Boolean Logic: A Fast and Unified SHAP Algorithm

Ron Wettenstein and Alexander Nadel

SHapley Additive exPlanations (SHAP) is a key tool for interpreting decision tree ensembles by assigning contribution values to features. The most accurate variant, Background SHAP, uses a background dataset to estimate feature distributions. We introduce WOODELF, a SHAP algorithm that unifies decision trees, game theory, and Boolean logic within a single framework. For each instance, WOODELF constructs a pseudo-Boolean formula that captures their feature values, the structure of the decision tree ensemble, and the entire background dataset. It then leverages this representation to compute Background SHAP in linear time. WOODELF can also compute Shapley interaction values, Banzhaf values, and Banzhaf interaction values. WOODELF runs efficiently on both CPU and GPU. We demonstrate these advantages empirically on two large, commonly used datasets, where WOODELF achieves at least an order-of-magnitude speedup over state-of-the-art methods.


AAAI Main Conference Oral Presentation: Thu 22/01, 9:30-10:30 - ML1 (Garnet 218) & Poster: 22/01

Formal Abductive Latent Explanations for Prototype-Based Networks

Jules Soria, Zakaria Chihani, Julien Girard-Satabin, Alban Grastien, Romain Xu-Darme, and Daniela Cancila

Case-based reasoning networks are models that make predictions based on similarity between the input and prototypical parts of training samples. Such models explain each decision by pointing to the prototypes that contributed the most to the final outcome. While promising, such explanations are sometimes misleading, which hampers their usefulness in safety-critical contexts. Several instances may lead to different predictions and yet have the same explanation. Drawing inspiration from formal eXplainable AI, we propose Abductive Latent Explanations (ALEs), a formalism to express sufficient conditions on the latent representation of the instance that imply the prediction. Our approach combines the inherent interpretability of case-based reasoning models and the guarantees provided by formal XAI. We propose a solver-free algorithm for generating ALEs based on three distinct paradigms, compare them, and present the feasibility of our approach on diverse datasets for image classification.



AAAI Main Conference Poster Presentation: Thu 22/01

Improving Stochastic Action-Constrained Reinforcement Learning via Truncated Distributions

Roland Stolz, Michael Eichelbeck and Matthias Althoff

In reinforcement learning (RL), it is advantageous to consider additional constraints on the action space to ensure safety. Existing work on such action-constrained RL often lacks expressive policy updates, computational efficiency, and predictable runtime. Recent work proposes to use truncated normal distributions for stochastic policy gradient methods. However, the computation of key characteristics, such as the entropy, log-probability, and their gradients, becomes intractable. Hence, prior work approximates these using the non-truncated distributions, which severely degrades performance. We argue that accurate estimation of these characteristics is crucial in the action-constrained RL setting, and propose efficient numerical approximations for them. We also provide an efficient sampling strategy for truncated policy distributions and validate our approach on three benchmark environments, which demonstrate significant performance improvements when using accurate estimations.

Space Explanations of Neural Network Classification

Tomáš Kolárik, Faezeh Labbaf, Martin Blicha, Grigory Fedyukovich, Michael Wand, Natasha Sharygina

We present a novel logic-based concept called Space Explanations for classifying neural networks that gives provable guarantees of the behavior of the network in continuous areas of the input feature space. To automatically generate space explanations, we leverage a range of flexible Craig interpolation algorithms and unsatisfiable core generation. Based on real-life case studies, ranging from small to medium to large size, we demonstrate that the generated explanations are more meaningful than those computed by state-of-the-art.

Qualitative Analysis of $\omega$-Regular Objectives on Robust MDPs

Ali Asadi, Krishnendu Chatterjee, Ehsan Kafshdar Goharshady, Mehrdad Karrabi, and Ali Shafiee

Robust Markov Decision Processes generalize classical MDPs that consider uncertainties in transition probabilities by defining a set of possible transition functions. An objective is a set of runs (or infinite trajectories) of the RMDP, and the value for an objective is the maximal probability that the agent can guarantee against the adversarial environment. We consider (a) reachability objectives, where given a target set of states, the goal is to eventually arrive at one of them; and (b) parity objectives, which are a canonical representation for $\omega$-regular objectives. In this work, we study the qualitative problem for reachability and parity objectives on RMDPs without making any assumption over the structures of the RMDPs, e.g., unichain or aperiodic. We present efficient algorithms with oracle access to uncertainty sets that solve qualitative problems of reachability and parity objectives, together with experimental results.

PyVeritas: On Verifying Python via LLM-Based Transpilation and Bounded Model Checking for C

Pedro Orvalho and Marta Kwiatkowska

Python has become the dominant language for general-purpose programming, yet it lacks robust tools for formal verification. In contrast, programmers working in languages such as C benefit from mature model checkers, for example CBMC, which enable exhaustive symbolic reasoning and fault localisation. In this paper, we propose PyVeritas, a novel framework that leverages Large Language Models (LLMs) for high-level transpilation from Python to C, followed by bounded model checking and MaxSAT-based fault localisation in the generated C code. PyVeritas enables verification and bug localisation for Python code using existing model checking tools for C. Our empirical evaluation demonstrates that LLM-based transpilation can achieve a high degree of accuracy, up to 90% for some LLMs, enabling effective development environment that supports assertion-based verification and interpretable fault diagnosis for small yet non-trivial Python programs.

Automating the Refinement of Reinforcement Learning Specifications

Tanmay Ambadkar, Đorđe Žikelić and Abhinav Verma

Logical specifications help reinforcement learning algorithms achieve complex tasks. However, when a task is under-specified, agents may fail to learn useful policies. In this work, we explore improving coarse-grained logical specifications through an exploration-guided strategy. We propose AutoSpec, a framework that searches for a logical refinement whose satisfaction implies that of the original specification but provides additional guidance, making it easier for reinforcement learning algorithms to learn useful policies. AutoSpec applies to tasks specified via the SpectRL logic. We exploit the compositional nature of SpectRL specifications and design an algorithm that refines the abstract specification graph by refining existing edges or introducing new ones. We show how AutoSpec integrates with existing algorithms for learning from logical specifications. Our experiments demonstrate that AutoSpec improves the complexity of control tasks solved using refined logical specifications.

Breaking the Safety-Capability Tradeoff: Reinforcement Learning with Verifiable Rewards Maintains Safety Guardrails in LLMs

Dongkyu Cho, Huan Song, Arijit Chowdhury, Haotian An, Yawei Wang, Rohit Thekkanal, Negin Sokhandan, Sharlina Keshava, and Hannah Marlowe

Fine-tuning pretrained large language models (LLMs) lies at the core of modern AI applications. Recent advances in fine-tuning methods—such as reinforcement learning (RL), have led to substantial improvements. However, multiple studies have shown that fine-tuning often degrades model safety, even in models explicitly trained for safety. In particular, LLMs fine-tuned for reasoning consistently exhibit increased safety risks, raising concerns about their deployment. In this work, we demonstrate that reinforcement learning with verifiable rewards (RLVR), a method often combined with SFT, can maintain safety guardrails without compromising reasoning performance. Our empirical evaluations provide quantitative evidence supporting this claim across diverse models and settings. Additionally, we present a theoretical framework that formalizes the safety preserving properties of RLVR, offering deeper insight.

Track 2 Papers

Beyond Verification: Abductive Explanations for Post-AI Assessment of Privacy Leakage

Belona Sonna, Alban Grastien and Claire Benn

Privacy leakage in AI-based decision processes poses significant risks, particularly when sensitive information can be inferred. We propose a formal framework to audit privacy leakage using abductive explanations, which identifies minimal sufficient evidence justifying model decisions and determines whether sensitive information disclosed. Our framework formalizes both individual and system-level leakage, introducing the notion of Potentially Applicable Explanations (PAE) to identify individuals whose outcomes can shield those with sensitive features. This approach provides rigorous privacy guarantees while producing human-understandable explanations, a key requirement for auditing tools. Experimental evaluation on the German Credit Dataset illustrates how the importance of sensitive literal in the model decision process affects privacy leakage.

AI for Distributed Systems Design: Scalable Cloud Optimization Through Repeated LLMs Sampling And Simulators

Jacopo Tagliabue

We explore AI-driven distributed-systems policy design by combining stochastic code generation from large language models (LLMs) with deterministic verification in a domain-specific simulator. Using a Function-as-a-Service runtime (Bauplan) and its open-source simulator (Eudoxia) as a case study, we frame scheduler design as an iterative generate-and-verify loop: an LLM proposes a Python policy, the simulator evaluates it on standardized traces, and structured feedback steers subsequent generations. This setup preserves interpretability while enabling targeted search over a large design space. We detail the system architecture and report preliminary results on throughput improvements across multiple models. Beyond early gains, we discuss the limits of the current setup and outline next steps; in particular, we conjecture that AI will be crucial for scaling this methodology by helping to bootstrap new simulators.

FastNFA: A High-Performance FPRAS Implementation for the #NFA Problem

Alberto Heissl, Vinh-Hien D. Huynh, Juan Guevara, Kuldeep S. Meel, and Timothy van Bremen

The #NFA problem asks for the number of words of a fixed length n accepted by a non-deterministic finite automaton. We present FastNFA, a practical tool for solving the #NFA problem at scale in practice. FastNFA computes randomized approximations for the #NFA problem, and comes with rigorous (ϵ, δ)-guarantees on the accuracy of the estimates produced. Our experimental results show that FastNFA scales well beyond naïve implementations of existing theoretical algorithms, solving a full order of magnitude more benchmarks within a fixed timeout.

IndiMathBench: Autoformalizing Mathematical Reasoning Problems with a Human Touch

Param Biyani, Shashank Kirtania, Yasharth Bajpai, Sumit Gulwani, and Ashish Tiwari

We introduce INDIMATHBENCH, a human-verified benchmark designed to evaluate mathematical theorem proving, curated using an AI-powered human-assisted pipeline for formalizing natural language problems in Lean. INDIMATHBENCH is composed of 312 formal Lean 4 theorems paired with their corresponding informal problem statements, sourced from Indian Mathematics Olympiads. Through category-based retrieval, iterative compiler feedback, and multi-model ensembles, our pipeline generates candidate formalizations that experts efficiently validate via an interactive dashboard with automated quality summaries. Evaluation across multiple frontier models demonstrates that autoformalization remains challenging, with substantial gaps between syntactic validity and semantic correctness, while theorem proving success rates remain low even with iterative refinement, demonstrating that INDIMATHBENCH presents a challenging testbed for mathematical reasoning.

Reinforcement Learning with $\omega$-Regular Objectives and Constraints

Dominik Wagner, Leon Witzman and Luke Ong

Reinforcement learning (RL) commonly relies on scalar rewards with limited ability to express temporal, conditional, or safety-critical goals, and can lead to reward hacking. Temporal logic expressible via the more general class of $\omega$-regular objectives addresses this by precisely specifying rich behavioural properties. We address both limitations simulatenously by combining $\omega$-regular objectives with explicit constraints, allowing safety requirements and optimisation targets to be treated separately. We develop a model-based RL algorithm based on linear programming, which in the limit produces a policy maximizing the probability of satisfying an $\omega$-regular objective while also adhering to $\omega$-regular constraints within specified thresholds. Furthermore, we establish a translation to constrained limit-average problems with optimality-preserving guarantees.

Adaptive Selection of Symbolic Languages for Improving LLM Logical Reasoning

Xiangyu Wang, Haocheng Yang, Fengxiang Cheng, and Fenrong Liu

Large Language Models (LLMs) still struggle with complex logical reasoning. To improve LLMs' logical reasoning abilities, a large group of approaches employ external logical solvers, which first translate logical reasoning problems in natural language (NL) into a pre-defined type of symbolic language (SL) expressions and then leverage existing solvers for inference. However, the solution of the same logical reasoning problem can vary significantly when expressed and solved in different SLs. To our knowledge, this is the first paper to propose a method to improve the logical reasoning performance of LLMs by adaptively selecting the most suitable SL for each problem prior to translation. Specifically, we prompt LLMs to adaptively select the most suitable SL among first-order logic, logic programming, and Boolean satisfiability formalisms. Experimental results on benchmarks show that our method significantly outperforms translating all into a single SL and randomly selecting the SL.