Existing robustness theory yields error bounds that fail to converge to the true error of the Bayes-optimal classifier, thereby undermining theoretical connections between robustness and generalization. Method: We identify this fundamental limitation and propose a novel, model-dependent, tight, and asymptotically convergent robust error bound. Our bound is rigorously grounded in local robustness modeling and theoretical derivation, guaranteeing—under increasing sample size—that it converges asymptotically to the true robust error of the Bayes-optimal classifier. Contribution/Results: Empirically validated on multiple deep networks pretrained on ImageNet, our bound is consistently non-vacuous and exhibits stable convergence as sample size grows. This breakthrough overcomes key limitations of classical robustness theory, offering a more reliable and interpretable generalization guarantee for robust learning.

Robustness and generalization ability of machine learning models are of utmost importance in various application domains. There is a wide interest in efficient ways to analyze those properties. One important direction is to analyze connection between those two properties. Prior theories suggest that a robust learning algorithm can produce trained models with a high generalization ability. However, we show in this work that the existing error bounds are vacuous for the Bayes optimal classifier which is the best among all measurable classifiers for a classification problem with overlapping classes. Those bounds cannot converge to the true error of this ideal classifier. This is undesirable, surprizing, and never known before. We then present a class of novel bounds, which are model-dependent and provably tighter than the existing robustness-based ones. Unlike prior ones, our bounds are guaranteed to converge to the true error of the best classifier, as the number of samples increases. We further provide an extensive experiment and find that two of our bounds are often non-vacuous for a large class of deep neural networks, pretrained from ImageNet.