Simon Fraser University
Engaging the World

Course Outlines

Summer 2026 - CMPT 419 D100

Special Topics in Artificial Intelligence (3)

Trustworthy Deep Learning

Class Number: 3072

Delivery Method: In Person

Overview

  • Course Times + Location:

    May 11 – Aug 10, 2026: Tue, 4:30–5:20 p.m.
    Burnaby

    May 11 – Aug 10, 2026: Thu, 3:30–5:20 p.m.
    Burnaby

Description

CALENDAR DESCRIPTION:

Current topics in artificial intelligence depending on faculty and student interest.

COURSE DETAILS:

Special Topics Title: Trustworthy Machine Learning

Deep learning, represented by large language models, is revolutionizing human lives. However, trustworthiness threats in deep learning widely exist, posing great challenges to AI safety, security, and reliability. This course introduces state-of-the-art frontiers on deep learning research for a wide range of trustworthiness issues, including threat discovery, mitigation, and certification methods through seminar-style presentations and hands-on projects.

This is a seminar-style course for trustworthy deep learning. The first half of the course is an overview of deep learning and preliminaries for trustworthy AI methods, including training of neural networks, common neural network architectures, large language models, the definition of AI attacks, defences, and certification and verification in the context of AI. The second half of the course visits representative and recent research papers in the field through student presentations, covering topics like evasion attacks and defences, robustness certification, differential privacy, membership inference attacks, watermarks, detection of AI-generated contents, machine unlearning, prompt injection attacks, model stealing, and finetuning attacks. The course will be tentatively graded by 30% paper presentation, 20% lecture notes, and 50% course project. The course project is the implementation and improvement of a simple neural network verifier under a given framework.

There are no formal pre-requisites; however, we recommend that student complete CMPT 310 & CMPT 410 prior to taking this course. Background in algorithms, calculus, linear algebra (e.g., MATH 151, MATH 152, MATH 232, CMPT 225), CMPT 410/726 strongly recommended.

COURSE-LEVEL EDUCATIONAL GOALS:

Students will gain exposure to the following state-of-the-art research topics:

  1. Deep learning basics
  2. Language model basics
  3. Deep learning safety and security basics
  4. Robustness: Evasion attacks, data poisoning attacks, defences, and certifications
  5. Privacy: Differential privacy, membership inference attacks, machine unlearning, watermarking, model stealing, and AI content generation
  6. Alignment: Fine-tuning from human feedback, finetuning attacks, prompt injection attacks
  7. Implementation of neural network verifier

The course will aim to develop the following skills:
- reading and summarizing the latest research papers in trustworthy and responsible AI
- advanced application of deep learning frameworks (e.g., PyTorch), especially for neural network verification
- presentation skills of professional research topics

Grading

NOTES:

Readings, assignments, and class structure will be discussed in class. Readings will involve a mix of research papers and other materials.

Materials

MATERIALS + SUPPLIES:

Materials will be provided by the instructor. There will be no primary reference material -- rather, we will read an assortment of research papers, book chapters, etc.

Before the course, the Deep Learning (https://www.deeplearningbook.org/) book by Ian Goodfellow, Yoshua Bengio, and Aaron Courville is recommended. 
Also available via SFU Library: https://sfu-primo.hosted.exlibrisgroup.com/primo-explore/search?vid=SFUL

Please note: This version of the textbook is approved for student use and is provided free of charge for personal viewing and educational use. All copyrighted materials should be used in accordance with the terms of use set out by the relevant rights holders.

REQUIRED READING NOTES:

Your personalized Course Material list, including digital and physical textbooks, are available through the SFU Bookstore website by simply entering your Computing ID at: shop.sfu.ca/course-materials/my-personalized-course-materials.

Department Undergraduate Notes:

The following are default policies in the School of Computing Science. Please check your course syllabus whether the instructor has chosen a different policy for your class, otherwise the following policies apply.
 
  • Students must attain an overall passing grade on the weighted average of exams in the course in order to get a C- or higher.
  • All student requests for accommodations for their religious practices must be made in writing by the end of the first week of classes, or no later than one week after a student adds a course. After considering a request, an instructor may provide a concession or may decline to do so. Students requiring accommodations as a result of a disability can contact the Centre for Accessible Learning (caladmin@sfu.ca).

Registrar Notes:

ACADEMIC INTEGRITY: YOUR WORK, YOUR SUCCESS

At SFU, you are expected to act honestly and responsibly in all your academic work. Cheating, plagiarism, or any other form of academic dishonesty harms your own learning, undermines the efforts of your classmates who pursue their studies honestly, and goes against the core values of the university.

To learn more about the academic disciplinary process and relevant academic supports, visit: 


RELIGIOUS ACCOMMODATION

Students with a faith background who may need accommodations during the term are encouraged to assess their needs as soon as possible and review the Multifaith religious accommodations website. The page outlines ways they begin working toward an accommodation and ensure solutions can be reached in a timely fashion.