|
Work item:
|
X.sr-ai
|
|
Subject/title:
|
Security requirements for AI systems
|
|
Status:
|
[Carried to next study period]
|
|
Approval process:
|
TAP
|
|
Type of work item:
|
Recommendation
|
|
Version:
|
New
|
|
Equivalent number:
|
-
|
|
Timing:
|
-
|
|
Liaison:
|
ITU-T SG13, ISO/IEC JTC 1/SC 27, ISO/IEC JTC 1/SC 42, ETSI ISG-SAI
|
|
Supporting members:
|
Korea (Republic of), Soonchunhyang University, ETRI, KISA
|
|
Summary:
|
Artificial Intelligence (AI), and Machine Learning (ML) are increasingly being used by whole industries leveraging digital technologies. AI enables industries to provide differentiated products and services to customers and facilitates businesses in achieving more effective decision-making and higher operational performance.
There is a need for identifying security threats arising from the increasing use of AI and the security requirements to effectively address them within AI systems for entire AI system lifecycle to ensure safe use and operation of AI systems. In order to more efficiently identify security threats and provide a set of detailed security requirements in addition to high-level mitigations described in ISO/IEC 27090 for addressing identified security threats, a completely understanding of AI system models and the lifecycle of AI systems is necessary.
AI system lifecycle is composed of six stages: planning, data preparation, model design, model training/development, model deployment, model operation/monitoring & maintenance, which is modified from those provided by OECD (2022) [b-oecd]. This draft Recommendation is based on the AI system model defined by ISO/IEC 27091.
Therefore, the draft Recommendation will provide a set of comprehensive detailed security requirements to address the security threats for organizations using and operating AI systems to effectively address the security threats in AI systems. This draft Recommendation can be used by organizations, which are involved in whole lifecycle of AI systems.
|
|
Comment:
|
incubation queue
|
|
Reference(s):
|
|
|
Historic references:
|
|
Contact(s):
|
|
| ITU-T A.5 justification(s): |
|
|
|
|
First registration in the WP:
2023-09-20 23:29:57
|
|
Last update:
2024-09-03 10:47:45
|
