Technology peripherals
AI
The world's first 'AI System Security Development Guidelines' were released, proposing four aspects of safety supervision requirements
The world's first 'AI System Security Development Guidelines' were released, proposing four aspects of safety supervision requirements
On November 26, 2023, the cybersecurity regulatory authorities of 18 countries including the United States, the United Kingdom, and Australia jointly issued the world's first "AI System Security Development Guidelines" to achieve Protect AI models from malicious tampering and urge AI companies to pay more attention to "security by design" when developing or using AI models.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), as one of the main participants, stated that the world is experiencing an inflection point in the rapid development of AI technology, and AI technology is likely to be The most impactful technology today. However, ensuring cybersecurity is key to building safe, reliable and trustworthy AI systems. To this end, we have united the cybersecurity regulatory authorities of multiple countries and cooperated with technical experts from companies such as Google, Amazon, OpenAI, and Microsoft to jointly write and publish this guideline, aiming to improve the security of AI technology applications
It is understood that this guideline is the world’s first guidance document for the development safety of AI systems issued by an official organization. The guidelines clearly require that AI companies must prioritize ensuring safe results for customers, actively advocate transparency and accountability mechanisms for AI applications, and build the organization's management structure with safety design as the top priority. The guidelines aim to improve the cybersecurity of AI and help ensure the safe design, development and deployment of AI technology.
In addition, based on the U.S. government’s long-standing experience in cybersecurity risk management, the guidelines require all AI R&D companies to conduct sufficient testing before publicly releasing new AI tools to ensure that security measures have been taken. Measures to minimize social harms (such as prejudice and discrimination) and privacy concerns. The guidelines also require AI R&D companies to commit to facilitating third parties to discover and report vulnerabilities in their AI systems through a bug bounty system, so that vulnerabilities can be quickly discovered and repaired
Specifically, the guidelines released this time are for AI systems Security development puts forward four major regulatory requirements:
1. Give priority to "security by design" and "security by default"
AI development companies have repeatedly emphasized "security by design" in their guidelines ” and the “safe by default” principle. This means they should proactively take measures to protect AI products from attacks. To comply with the guidelines, AI developers should prioritize safety in their decision-making processes and not just focus on product functionality and performance. The guidelines also recommend that products provide the safest default application option and clearly communicate to users the risks of overriding that default configuration. Furthermore, as required by the Code, developers of AI systems should be responsible for downstream application outcomes, rather than relying on customers to control security
Excerpt from the request: “The user (whether the or integrating external AI components) often lack sufficient visibility and expertise to fully understand, assess, or address the risks associated with the AI systems they are using. Therefore, in accordance with the 'safe by design' principle, providers of AI components Should be responsible for the security consequences of users downstream of the supply chain.”
2. Pay close attention to complex supply chain security
AI tool developers often rely on third-party components when designing their own products, such as basic Models, training datasets and APIs. A large supplier network will bring a larger attack surface to the AI system, and any weak link in it may have a negative impact on the security of the product. Therefore, the guidelines require developers to fully assess the security risks when deciding to reference third-party components. When working with third parties, developers should review and monitor the vendor's security posture, require vendors to adhere to the same security standards as their own organization, and implement scanning and quarantine of imported third-party code.
Excerpt from the request: “Developers of mission-critical systems are required to be prepared to switch to alternative solutions if third-party components do not meet security standards. Businesses can use NCSC’s Supply Chain Guidance Resources such as the Software Artifact Supply Chain Level (SLSA), which tracks supply chain and software development life cycle certifications.”
3. Consider the unique risks faced in AI applications
AI systems will generate some unique threats (such as prompt injection attacks and data poisoning) when applied, so developers need to fully consider the unique security factors of AI systems. An important component of a "secure by design" approach to AI systems is to set up safety guardrails for AI model output to prevent the leakage of sensitive data and limit the operation of AI components used for tasks such as file editing. Developers should incorporate AI-specific threat scenarios into pre-release testing and monitor user input for malicious attempts to exploit the system.
Required excerpt: "The term 'adversarial machine learning' (AML) is used to describe the exploitation of security vulnerabilities in machine learning components, including hardware, software, workflows, and supply chains. AML enables Attackers can induce unexpected behaviors in machine learning systems, including: affecting the classification or regression performance of the model, allowing users to perform unauthorized operations, and extracting sensitive model information."
4. AI system Security development should be continuous and collaborative
The guidelines outline the best security practices for the entire life cycle stages of AI system design, development, deployment, operation and maintenance, and emphasize the continuous monitoring of deployed AI systems. Importance in order to spot model behavior changes and suspicious user input. The principle of "security by design" is a key component of any software update, and the guidelines recommend that developers automatically update by default. Finally, it is recommended that developers take advantage of the vast AI community feedback and information sharing to continuously improve the security of the system
Excerpt from the request: "When needed, AI system developers can Escalate the problem to the larger community, such as issuing an announcement in response to a vulnerability disclosure, including a detailed and complete enumeration of common vulnerabilities. When a security issue is discovered, developers should take action to mitigate and fix the problem quickly and appropriately."
Reference link:
The content that needs to be rewritten is as follows: In November 2023, the United States, the United Kingdom and global partners issued a statement
4 of the Global Artificial Intelligence Safety Guidelines Key points
The above is the detailed content of The world's first 'AI System Security Development Guidelines' were released, proposing four aspects of safety supervision requirements. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1359
52
An AI entrepreneurial idea suitable for programmers
Apr 09, 2024 am 09:01 AM
Hello everyone, I am Casson. Many programmer friends want to participate in the development of their own AI products. We can divide the product form into four quadrants based on the "degree of process automation" and "degree of AI application". Among them: the degree of process automation measures "how much of the service process of the product requires manual intervention" and the degree of AI application measures "the proportion of AI application in the product". First, limit the ability of AI to process an AI picture application. The user passes the application within the application. The complete service process can be completed by interacting with the UI, resulting in a high degree of automation. At the same time, "AI image processing" relies heavily on AI capabilities, so AI application is high. The second quadrant is the conventional application development field, such as developing knowledge management applications, time management applications, and high process automation.
Home appliance industry observation: With the support of AI, will whole-house intelligence become the future of smart home appliances?
Jun 13, 2023 pm 05:48 PM
If artificial intelligence is compared to the fourth industrial revolution, then large models are the food reserves of the fourth industrial revolution. At the application level, it allows the industry to revisit the vision of the Dartmouth Conference in the United States in 1956 and officially begins the process of reshaping the world. According to the definition of major manufacturers, AI home appliances are home appliances with interconnection, human-computer interaction and active decision-making capabilities. AI home appliances can be regarded as the highest form of smart home appliances. However, can the AI-powered whole-house smart model currently on the market become the protagonist of the industry in the future? Will a new competition pattern emerge in the home appliance industry? This article will analyze it from three aspects. Why does the whole house intelligence sound louder than rain? Source: Statista, Zhongan.com, iResearch Consulting, Luotu Technology, National Lock Industry Information Center
Generative AI technology provides strong support for manufacturing companies to reduce costs and increase efficiency
Nov 21, 2023 am 09:13 AM
In 2023, generative artificial intelligence (Artificial Intelligence Generated Content, AIGC for short) has become the hottest topic in the technology field. There is no doubt that for the manufacturing industry, how should they benefit from the emerging technology of generative AI? What kind of inspiration can the majority of small and medium-sized enterprises that are implementing digital transformation get from this? Recently, Amazon Cloud Technology worked with representatives from the manufacturing industry to discuss the current development trends of China's manufacturing industry, the challenges and opportunities faced by the digital transformation of traditional manufacturing, and the innovative reshaping of manufacturing by generative artificial intelligence. Share and in-depth discussion of the current application status of generative AI in the manufacturing industry. Mention China's manufacturing industry
Huawei Yu Chengdong said: Hongmeng may have powerful artificial intelligence large model capabilities
Aug 04, 2023 pm 04:25 PM
Huawei Managing Director Yu Chengdong posted an invitation to the HDC conference on Weibo today, suggesting that Hongmeng may have AI large model capabilities. According to his follow-up Weibo content, the invitation text was generated by the smart voice assistant Xiaoyi. Yu Chengdong said that Hongmeng World will soon bring a smarter and more considerate new experience. According to previously exposed information, Hongmeng 4 is expected to make significant progress in AI capabilities this year, further consolidating AI as the core feature of the Hongmeng system.
IMAX Chinese AI art blockbuster moves theaters to classic landmarks
Jun 10, 2023 pm 01:03 PM
IMAX China's AI art blockbuster moves theaters to classic landmark Lijiang Time News Recently, IMAX created China's first AI art blockbuster. With the help of AI technology, IMAX theaters "landed" in the Great Wall, Dunhuang, Guilin Lijiang, and Zhangye Danxia. There are many classic domestic landmarks in the area. This AI art blockbuster was created by IMAX in collaboration with digital artists @kefan404 and NEO Digital. It consists of four paintings. IMAX’s iconic super large screen may be spread on Zhangye Danxia’s colorful nature “canvas”, or it may carry thousands of years of history. Dunhuang, a city with rich cultural heritage, stands next to each other, blending into the landscape of Guilin's Li River, or overlooking the majestic Great Wall among the mountains. People can't help but look forward to the day when their imaginations will come true. Since 2008 in Tokyo, Japan
AI technology accelerates iteration: large model strategy from Zhou Hongyi's perspective
Jun 15, 2023 pm 02:25 PM
Since this year, Zhou Hongyi, the founder of 360 Group, has been inseparable from one topic in all his public speeches, and that is artificial intelligence large models. He once called himself "the evangelist of GPT" and was full of praise for the breakthroughs achieved by ChatGPT, and he was firmly optimistic about the resulting AI technology iterations. As a star entrepreneur who is good at expressing himself, Zhou Hongyi's speeches are often full of witty remarks, so his "sermons" have also created many hot topics and indeed added fuel to the fire of large AI models. But for Zhou Hongyi, being an opinion leader is not enough. The outside world is more concerned about how 360, the company he runs, responds to this new wave of AI. In fact, within 360, Zhou Hongyi has already initiated a change for all employees. In April, he issued an internal letter requesting every employee and every employee of 360
The advantages of AI customer service substitution are fully demonstrated. It will take time for demand matching and popular application.
Apr 12, 2023 pm 07:34 PM
From the era of manual call centers, it has experienced the application of IVR process design, online customer service systems, etc., and has developed to today's artificial intelligence (AI) customer service. As an important window for serving customers, the customer service industry has always stood at the forefront of the times, constantly using new technologies to develop new productivity, and moving towards high efficiency, high quality, high service, and personalized, all-weather customer service. With the increase in the number of customers and the rapid increase in labor service costs, how to use new generation information technologies such as artificial intelligence and big data to promote the transformation of customer service centers in various industries from labor-intensive to intelligent, refined, and refined? Technology transformation and upgrading has become an important issue facing many industries. Benefiting from the continuous advancement of artificial intelligence technology and the rapid development of scenario-based applications,
Why is information equality the most important positive significance that AI brings to mankind? Explore the stories of the future
Sep 21, 2023 pm 06:21 PM
In a world full of future technologies, artificial intelligence has become an indispensable assistant in human life. However, artificial intelligence is not only to facilitate our lives, it is also changing the structure and operation of human society in a quiet way. One of the most important positive implications is that information equality eliminates the digital divide so that everyone can equally enjoy the convenience brought by technology. In the current digital era, informatization has become an important force in promoting social development. However, we are also facing a real problem, that is, there is a digital divide, which prevents some people from enjoying the convenience brought by technology. Therefore, equal rights in informatization are particularly important. It can eliminate the digital divide, allow everyone to equally share the fruits of scientific and technological development, and achieve overall social progress.
