{"id":134848,"date":"2023-05-03T12:25:41","date_gmt":"2023-05-03T10:25:41","guid":{"rendered":"https:\/\/www.cde.ual.es\/?p=134848"},"modified":"2023-05-03T12:25:41","modified_gmt":"2023-05-03T10:25:41","slug":"mind-the-gap-in-standardisation-of-cybersecurity-for-artificial-intelligence","status":"publish","type":"post","link":"https:\/\/www.cde.ual.es\/en\/mind-the-gap-in-standardisation-of-cybersecurity-for-artificial-intelligence\/","title":{"rendered":"Mind the Gap in Standardisation of Cybersecurity for Artificial Intelligence"},"content":{"rendered":"

The European Union Agency for Cybersecurity (ENISA) publishes an assessment of standards for the cybersecurity of AI and issues recommendations to support the implementation of upcoming EU policies on Artificial Intelligence (AI).<\/strong><\/p>\n

\"\"<\/a><\/p>\n

What is Artificial Intelligence?<\/strong><\/p>\n

The\u00a0draft AI Act<\/a>\u00a0provides a definition of an AI system as \u201csoftware developed with one or more (\u2026) techniques (\u2026) for a given set of human-defined objectives, that generates outputs such as content, predictions, recommendations, or decisions influencing the environments they interact with.\u201d In a nutshell, these techniques mainly include: machine learning resorting to methods such as deep learning, logic, knowledge-based and statistical approaches.<\/p>\n

It is indeed essential for the allocation of legal responsibilities under a future AI framework to agree on what falls into the definition of an ‘AI system’.<\/p>\n

However, the exact scope of an AI system is constantly evolving both in the legislative debate on the draft AI Act, as well in the scientific and standardisation communities.<\/p>\n

Although broad in contents, this report focuses on machine learning (ML) due to its extensive use across AI deployments. ML has come under scrutiny with respect to vulnerabilities particularly impacting the cybersecurity of an AI implementation.<\/p>\n

AI cybersecurity standards: what\u2019s the state of play?<\/strong><\/p>\n

As standards help mitigate risks, this study unveils existing general-purpose standards that are readily available for information security and quality management in the context of AI. In order to mitigate some of the cybersecurity risks affecting AI systems, further guidance could be developed to help the user community benefit from the existing standards on AI.<\/p>\n\n\n\n
\"\"<\/a><\/p>\n

Cybersecurity of AI and Standardisation<\/a><\/h4>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n
<\/h6>\n

This suggestion has been based on the observation concerning the software layer of AI. It follows that what is applicable to software could be applicable to AI. However, it does not mean the work ends here. Other aspects still need to be considered, such as:<\/p>\n