18 countries including Japan and the United States jointly announce AI safety development guidelines
On November 27, 2023 local time, 18 countries including the United States and Japan jointly announced guidelines for secure AI system development, ``Guidelines for secure AI system development.'' The guidelines call for protecting user privacy and appropriately managing documents during AI development, operation and maintenance.
Guidelines for secure AI system development - NCSC.GOV.UK
Guidelines for secure AI system development - Guidelines-for-secure-AI-system-development.pdf
(PDF file)
About secure AI system development guidelines
(PDF file) https://www.nisc.go.jp/pdf/press/press_Guidelines_for_Secure_AI_System_Development.pdf
The countries and organizations that support the guidelines created this time are as follows.
| Country name | Institution name |
|---|---|
| America | Cybersecurity and Infrastructure Security Agency (CISA) National Security Agency (NSA) Federal Bureau of Investigation (FBI) |
| England | National Cyber Security Agency (NCSC) |
| Japan | Cabinet Cyber Security Center (NISC) |
| Australia | Australian Cyber Security Center (ACSC) |
| Canada | Canadian Center for Cyber Security (CCCS) |
| Chile | chile government |
| czech | National Cyber Information Security Agency (NUKIB) |
| estonia | Information Systems Agency (RIA) National Cyber Security Center (NCSC-EE) |
| France | French Cyber Security Agency (ANSSI) |
| Germany | German Federal Office for Information Security (BSI) |
| Israel | Israel National Cyber Directorate (INCD) |
| Italy | Italian National Cyber Security Agency (ACN) |
| new zealand | National Cyber Security Center |
| Nigeria | National Information Technology Development Agency (NITDA) |
| Norway | National Cyber Security Center (NCSC-NO) |
| Poland | NASK National Laboratory |
| South Korea | National Intelligence Service of the Republic of Korea (NIS) |
| Singapore | Cyber Security Authority of Singapore (CSA) |
The guidelines are divided into four sections: 'Secure Design,' 'Secure Development,' 'Secure Deployment,' and 'Safe Operation and Maintenance,' and each section includes suggestions for improving the AI development cycle and protecting the general public. Contains suggestions for. The main contents of each item are as follows.
・Secure design
Even before development begins, it is necessary to raise the awareness of development staff about the security risks of AI and ways to reduce them. In addition, it is necessary to make decisions regarding security at the same time as deciding on the functions of the AI to be developed.
・Safe development
During the development phase, supply chain security, documentation management, asset protection, and proper technical debt management are required.
・Safe deployment
Appropriate protection must be in place for the infrastructure used to support AI systems, including APIs, models, and data access control rights. It is also important for developers to prepare response and remediation plans in advance in case a security incident occurs and a problem surfaces. Additionally, AI model functionality and trained data must be continuously protected from attackers and should only be released after passing a thorough security assessment.
・Safe operation and maintenance
When monitoring AI operations, signs of misuse must be properly monitored and recorded to meet privacy and data protection requirements. Additionally, updates should be automatically updated on a regular basis to ensure that outdated or vulnerable versions are not used.
Lindy Cameron, CEO of the UK's National Cyber Security Agency said: 'It's about ensuring that it's not just a part of it, but a core part of the whole AI.'
Although the guidelines are not legally binding, CISA Director Jen Easterly said, ``It is extremely important that so many countries have signed on to these guidelines, which prioritize the security of AI systems.'' This is important. These guidelines are the first in which countries agree that `` groundbreaking features, speed to market, and cost reduction are not the only things that are important for AI development and deployment.'' I am.
The Japanese translation of the 'Guidelines for the Development of Secure AI Systems' can be found at the link below.
Guidelines for developing secure AI systems
(PDF file)
Related Posts:
in Software, Posted by log1r_ut