Merge pull request #901 from Trusted-AI/development_issue_888

Update set_params in BaseEstimator

Author: beat-buesser

art/estimators/estimator.py

@@ -56,7 +56,7 @@ def __init__(
         clip_values: Optional["CLIP_VALUES_TYPE"],
         preprocessing_defences: Union["Preprocessor", List["Preprocessor"], None] = None,
         postprocessing_defences: Union["Postprocessor", List["Postprocessor"], None] = None,
-        preprocessing: "PREPROCESSING_TYPE" = (0, 1),
+        preprocessing: Union["PREPROCESSING_TYPE", "Preprocessor"] = (0, 1),
     ):
         """
         Initialize a `BaseEstimator` object.
@@ -72,41 +72,81 @@ def __init__(
                used for data preprocessing. The first value will be subtracted from the input and the results will be
                divided by the second value.
         """
-        from art.defences.postprocessor.postprocessor import Postprocessor
         from art.defences.preprocessor.preprocessor import Preprocessor
 
         self._model = model
         self._clip_values = clip_values
 
-        self.preprocessing: List["Preprocessor"] = []
+        self.preprocessing = self._set_preprocessing(preprocessing)
+        self.preprocessing_defences = self._set_preprocessing_defences(preprocessing_defences)
+        self.postprocessing_defences = self._set_postprocessing_defences(postprocessing_defences)
+        self.preprocessing_operations: List["Preprocessor"] = []
+        self._update_preprocessing_operations()
+        self._check_params()
+
+    def _update_preprocessing_operations(self):
+        from art.defences.preprocessor.preprocessor import Preprocessor
+
+        self.preprocessing_operations.clear()
+
+        if self.preprocessing_defences is None:
+            pass
+        elif isinstance(self.preprocessing_defences, Preprocessor):
+            self.preprocessing_operations.append(self.preprocessing_defences)
+        else:
+            self.preprocessing_operations += self.preprocessing_defences
 
-        if preprocessing_defences is None:
+        if self.preprocessing is None:
             pass
-        elif isinstance(preprocessing_defences, Preprocessor):
-            self.preprocessing.append(preprocessing_defences)
+        elif isinstance(self.preprocessing, tuple):
+            from art.preprocessing.standardisation_mean_std.standardisation_mean_std import StandardisationMeanStd
+
+            self.preprocessing_operations.append(
+                StandardisationMeanStd(mean=self.preprocessing[0], std=self.preprocessing[1])
+            )
+        elif isinstance(self.preprocessing, Preprocessor):
+            self.preprocessing_operations.append(self.preprocessing)
         else:
-            self.preprocessing += preprocessing_defences
+            raise ValueError("Preprocessing argument not recognised.")
 
-        self.preprocessing_defences = preprocessing_defences
+    @staticmethod
+    def _set_preprocessing(preprocessing: Union["PREPROCESSING_TYPE", "Preprocessor"]) -> "Preprocessor":
+        from art.defences.preprocessor.preprocessor import Preprocessor
 
         if preprocessing is None:
-            pass
+            from art.preprocessing.standardisation_mean_std.standardisation_mean_std import StandardisationMeanStd
+
+            return StandardisationMeanStd(mean=0.0, std=1.0)
         elif isinstance(preprocessing, tuple):
             from art.preprocessing.standardisation_mean_std.standardisation_mean_std import StandardisationMeanStd
 
-            self.preprocessing.append(StandardisationMeanStd(mean=preprocessing[0], std=preprocessing[1]))
+            return StandardisationMeanStd(mean=preprocessing[0], std=preprocessing[1])
         elif isinstance(preprocessing, Preprocessor):
-            self.preprocessing.append(preprocessing)
+            return preprocessing
         else:
-            self.preprocessing += preprocessing
+            raise ValueError("Preprocessing argument not recognised.")
 
-        self.postprocessing_defences: Optional[List["Postprocessor"]]
-        if isinstance(postprocessing_defences, Postprocessor):
-            self.postprocessing_defences = [postprocessing_defences]
+    @staticmethod
+    def _set_preprocessing_defences(
+        preprocessing_defences: Optional[Union["Preprocessor", List["Preprocessor"]]]
+    ) -> Optional[List["Preprocessor"]]:
+        from art.defences.preprocessor.preprocessor import Preprocessor
+
+        if isinstance(preprocessing_defences, Preprocessor):
+            return [preprocessing_defences]
         else:
-            self.postprocessing_defences = postprocessing_defences
+            return preprocessing_defences
 
-        self._check_params()
+    @staticmethod
+    def _set_postprocessing_defences(
+        postprocessing_defences: Optional[Union["Postprocessor", List["Postprocessor"]]]
+    ) -> Optional[List["Postprocessor"]]:
+        from art.defences.postprocessor.postprocessor import Postprocessor
+
+        if isinstance(postprocessing_defences, Postprocessor):
+            return [postprocessing_defences]
+        else:
+            return postprocessing_defences
 
     def set_params(self, **kwargs) -> None:
         """
@@ -119,9 +159,17 @@ def set_params(self, **kwargs) -> None:
                 if hasattr(BaseEstimator, key) and isinstance(getattr(BaseEstimator, key), property):
                     setattr(self, "_" + key, value)
                 else:
-                    setattr(self, key, value)
+                    if key == "preprocessing":
+                        setattr(self, key, self._set_preprocessing(value))
+                    elif key == "preprocessing_defences":
+                        setattr(self, key, self._set_preprocessing_defences(value))
+                    elif key == "postprocessing_defences":
+                        setattr(self, key, self._set_postprocessing_defences(value))
+                    else:
+                        setattr(self, key, value)
             else:
-                raise ValueError("Unexpected parameter {} found in kwargs.".format(key))
+                raise ValueError("Unexpected parameter `{}` found in kwargs.".format(key))
+        self._update_preprocessing_operations()
         self._check_params()
 
     def get_params(self) -> Dict[str, Any]:
@@ -152,8 +200,8 @@ def _check_params(self) -> None:
             else:
                 self._clip_values = np.array(self._clip_values, dtype=ART_NUMPY_DTYPE)
 
-        if isinstance(self.preprocessing, list):
-            for preprocess in self.preprocessing:
+        if isinstance(self.preprocessing_operations, list):
+            for preprocess in self.preprocessing_operations:
                 if not isinstance(preprocess, Preprocessor):
                     raise ValueError(
                         "All preprocessing defences have to be instance of "
@@ -245,8 +293,8 @@ def _apply_preprocessing(self, x, y, fit: bool) -> Tuple[Any, Any]:
         :return: Tuple of `x` and `y` after applying the defences and standardisation.
         :rtype: Format as expected by the `model`
         """
-        if self.preprocessing:
-            for preprocess in self.preprocessing:
+        if self.preprocessing_operations:
+            for preprocess in self.preprocessing_operations:
                 if fit:
                     if preprocess.apply_fit:
                         x, y = preprocess(x, y)
@@ -322,8 +370,8 @@ def _apply_preprocessing_gradient(self, x, gradients, fit=False):
         :return: Gradients after backward pass through normalization and preprocessing defences.
         :rtype: Format as expected by the `model`
         """
-        if self.preprocessing:
-            for preprocess in self.preprocessing[::-1]:
+        if self.preprocessing_operations:
+            for preprocess in self.preprocessing_operations[::-1]:
                 if fit:
                     if preprocess.apply_fit:
                         gradients = preprocess.estimate_gradient(x, gradients)

art/estimators/pytorch.py

@@ -65,10 +65,6 @@ def __init__(self, device_type: str = "gpu", **kwargs) -> None:
 
         super().__init__(**kwargs)
 
-        from art.defences.preprocessor.preprocessor import PreprocessorPyTorch
-
-        self.all_framework_preprocessing = all([isinstance(p, PreprocessorPyTorch) for p in self.preprocessing])
-
         # Set device
         if device_type == "cpu" or not torch.cuda.is_available():
             self._device = torch.device("cpu")
@@ -114,6 +110,23 @@ def loss(self, x: np.ndarray, y: np.ndarray, **kwargs) -> np.ndarray:
         """
         raise NotImplementedError
 
+    def set_params(self, **kwargs) -> None:
+        """
+        Take a dictionary of parameters and apply checks before setting them as attributes.
+
+        :param kwargs: A dictionary of attributes.
+        """
+        super().set_params(**kwargs)
+        self._check_params()
+
+    def _check_params(self) -> None:
+        from art.defences.preprocessor.preprocessor import PreprocessorPyTorch
+
+        super()._check_params()
+        self.all_framework_preprocessing = all(
+            [isinstance(p, PreprocessorPyTorch) for p in self.preprocessing_operations]
+        )
+
     def _apply_preprocessing(self, x, y, fit: bool = False, no_grad=True) -> Tuple[Any, Any]:
         """
         Apply all preprocessing defences of the estimator on the raw inputs `x` and `y`. This function is should
@@ -142,7 +155,7 @@ def _apply_preprocessing(self, x, y, fit: bool = False, no_grad=True) -> Tuple[A
             StandardisationMeanStdPyTorch,
         )
 
-        if not self.preprocessing:
+        if not self.preprocessing_operations:
             return x, y
 
         if isinstance(x, torch.Tensor):
@@ -158,7 +171,7 @@ def _apply_preprocessing(self, x, y, fit: bool = False, no_grad=True) -> Tuple[A
                     y = torch.tensor(y, device=self._device)
 
             def chain_processes(x, y):
-                for preprocess in self.preprocessing:
+                for preprocess in self.preprocessing_operations:
                     if fit:
                         if preprocess.apply_fit:
                             x, y = preprocess.forward(x, y)
@@ -179,12 +192,12 @@ def chain_processes(x, y):
                 if y is not None:
                     y = y.cpu().numpy()
 
-        elif len(self.preprocessing) == 1 or (
-            len(self.preprocessing) == 2
-            and isinstance(self.preprocessing[-1], (StandardisationMeanStd, StandardisationMeanStdPyTorch))
+        elif len(self.preprocessing_operations) == 1 or (
+            len(self.preprocessing_operations) == 2
+            and isinstance(self.preprocessing_operations[-1], (StandardisationMeanStd, StandardisationMeanStdPyTorch))
         ):
             # Compatible with non-PyTorch defences if no chaining.
-            for preprocess in self.preprocessing:
+            for preprocess in self.preprocessing_operations:
                 x, y = preprocess(x, y)
 
         else:
@@ -218,7 +231,7 @@ def _apply_preprocessing_gradient(self, x, gradients, fit=False):
             StandardisationMeanStdPyTorch,
         )
 
-        if not self.preprocessing:
+        if not self.preprocessing_operations:
             return gradients
 
         if isinstance(x, torch.Tensor):
@@ -232,7 +245,7 @@ def _apply_preprocessing_gradient(self, x, gradients, fit=False):
             gradients = torch.tensor(gradients, device=self._device)
             x_orig = x
 
-            for preprocess in self.preprocessing:
+            for preprocess in self.preprocessing_operations:
                 if fit:
                     if preprocess.apply_fit:
                         x = preprocess.estimate_forward(x)
@@ -249,13 +262,18 @@ def _apply_preprocessing_gradient(self, x, gradients, fit=False):
                     "The input shape is {} while the gradient shape is {}".format(x.shape, gradients.shape)
                 )
 
-        elif len(self.preprocessing) == 1 or (
-            len(self.preprocessing) == 2
-            and isinstance(self.preprocessing[-1], (StandardisationMeanStd, StandardisationMeanStdPyTorch))
+        elif len(self.preprocessing_operations) == 1 or (
+            len(self.preprocessing_operations) == 2
+            and isinstance(self.preprocessing_operations[-1], (StandardisationMeanStd, StandardisationMeanStdPyTorch))
         ):
             # Compatible with non-PyTorch defences if no chaining.
-            defence = self.preprocessing[0]
-            gradients = defence.estimate_gradient(x, gradients)
+            for preprocess in self.preprocessing_operations[::-1]:
+                if fit:
+                    if preprocess.apply_fit:
+                        gradients = preprocess.estimate_gradient(x, gradients)
+                else:
+                    if preprocess.apply_predict:
+                        gradients = preprocess.estimate_gradient(x, gradients)
 
         else:
             raise NotImplementedError("The current combination of preprocessing types is not supported.")

art/estimators/tensorflow.py

@@ -118,10 +118,6 @@ def __init__(self, **kwargs):
 
         super().__init__(**kwargs)
 
-        from art.defences.preprocessor.preprocessor import PreprocessorTensorFlowV2
-
-        self.all_framework_preprocessing = all([isinstance(p, PreprocessorTensorFlowV2) for p in self.preprocessing])
-
     def predict(self, x: np.ndarray, batch_size: int = 128, **kwargs):
         """
         Perform prediction of the neural network for samples `x`.
@@ -160,6 +156,23 @@ def loss(self, x: np.ndarray, y: np.ndarray, **kwargs) -> np.ndarray:
         """
         raise NotImplementedError
 
+    def set_params(self, **kwargs) -> None:
+        """
+        Take a dictionary of parameters and apply checks before setting them as attributes.
+
+        :param kwargs: A dictionary of attributes.
+        """
+        super().set_params(**kwargs)
+        self._check_params()
+
+    def _check_params(self) -> None:
+        from art.defences.preprocessor.preprocessor import PreprocessorTensorFlowV2
+
+        super()._check_params()
+        self.all_framework_preprocessing = all(
+            [isinstance(p, PreprocessorTensorFlowV2) for p in self.preprocessing_operations]
+        )
+
     def _apply_preprocessing(self, x, y, fit: bool = False) -> Tuple[Any, Any]:
         """
         Apply all preprocessing defences of the estimator on the raw inputs `x` and `y`. This function is should
@@ -186,7 +199,7 @@ def _apply_preprocessing(self, x, y, fit: bool = False) -> Tuple[Any, Any]:
             StandardisationMeanStdTensorFlowV2,
         )
 
-        if not self.preprocessing:
+        if not self.preprocessing_operations:
             return x, y
 
         if isinstance(x, tf.Tensor):
@@ -201,7 +214,7 @@ def _apply_preprocessing(self, x, y, fit: bool = False) -> Tuple[Any, Any]:
                 if y is not None:
                     y = tf.convert_to_tensor(y)
 
-            for preprocess in self.preprocessing:
+            for preprocess in self.preprocessing_operations:
                 if fit:
                     if preprocess.apply_fit:
                         x, y = preprocess.forward(x, y)
@@ -215,12 +228,14 @@ def _apply_preprocessing(self, x, y, fit: bool = False) -> Tuple[Any, Any]:
                 if y is not None:
                     y = y.numpy()
 
-        elif len(self.preprocessing) == 1 or (
-            len(self.preprocessing) == 2
-            and isinstance(self.preprocessing[-1], (StandardisationMeanStd, StandardisationMeanStdTensorFlowV2))
+        elif len(self.preprocessing_operations) == 1 or (
+            len(self.preprocessing_operations) == 2
+            and isinstance(
+                self.preprocessing_operations[-1], (StandardisationMeanStd, StandardisationMeanStdTensorFlowV2)
+            )
         ):
             # Compatible with non-TensorFlow defences if no chaining.
-            for preprocess in self.preprocessing:
+            for preprocess in self.preprocessing_operations:
                 x, y = preprocess(x, y)
 
         else:
@@ -254,7 +269,7 @@ def _apply_preprocessing_gradient(self, x, gradients, fit=False):
             StandardisationMeanStdTensorFlowV2,
         )
 
-        if not self.preprocessing:
+        if not self.preprocessing_operations:
             return gradients
 
         if isinstance(x, tf.Tensor):
@@ -270,7 +285,7 @@ def _apply_preprocessing_gradient(self, x, gradients, fit=False):
                 gradients = tf.convert_to_tensor(gradients, dtype=config.ART_NUMPY_DTYPE)
                 x_orig = x
 
-                for preprocess in self.preprocessing:
+                for preprocess in self.preprocessing_operations:
                     if fit:
                         if preprocess.apply_fit:
                             x = preprocess.estimate_forward(x)
@@ -287,13 +302,20 @@ def _apply_preprocessing_gradient(self, x, gradients, fit=False):
                     "The input shape is {} while the gradient shape is {}".format(x.shape, gradients.shape)
                 )
 
-        elif len(self.preprocessing) == 1 or (
-            len(self.preprocessing) == 2
-            and isinstance(self.preprocessing[-1], (StandardisationMeanStd, StandardisationMeanStdTensorFlowV2))
+        elif len(self.preprocessing_operations) == 1 or (
+            len(self.preprocessing_operations) == 2
+            and isinstance(
+                self.preprocessing_operations[-1], (StandardisationMeanStd, StandardisationMeanStdTensorFlowV2)
+            )
         ):
             # Compatible with non-TensorFlow defences if no chaining.
-            defence = self.preprocessing[0]
-            gradients = defence.estimate_gradient(x, gradients)
+            for preprocess in self.preprocessing_operations[::-1]:
+                if fit:
+                    if preprocess.apply_fit:
+                        gradients = preprocess.estimate_gradient(x, gradients)
+                else:
+                    if preprocess.apply_predict:
+                        gradients = preprocess.estimate_gradient(x, gradients)
 
         else:
             raise NotImplementedError("The current combination of preprocessing types is not supported.")