|
Work item:
|
X.2211 (ex X.sr-AI)
|
|
Subject/title:
|
Security requirements for artificial intelligence systems
|
|
Status:
|
Determined on 2026-06-10 [Issued from previous study period]
|
|
Approval process:
|
TAP
|
|
Type of work item:
|
Recommendation
|
|
Version:
|
New
|
|
Equivalent number:
|
-
|
|
Timing:
|
2026-Q2 (Medium priority)
|
|
Liaison:
|
ITU-T SG13, ISO/IEC JTC 1/SC 27, ISO/IEC JTC 1/SC 42, ETSI ISG-SAI
|
|
Supporting members:
|
Korea (Republic of), Soonchunhyang University, ETRI, KISA
|
|
Summary:
|
Artificial intelligence (AI), and machine learning (ML) are increasingly being adopted across industries leveraging digital technologies. AI enables them to deliver differentiated products and services to customers, facilitates more effective decision-making and improve operational efficiency.
There is a need to identify security threats arising from the increasing use of AI and to establish security requirements to effectively address those threats throughout the entire AI system life cycle. To efficiently identify security threats and provide detailed security requirements, in addition to the high-level mitigations described in [b-ISO/IEC 27090], a thorough understanding of AI system models and the AI system life cycle is necessary.
The AI system life cycle is composed of six stages: planning, data preparation, model design, model training/development, model deployment, operation/monitoring and maintenance, which is adapted from [b-OECD]. This Recommendation is based on the AI system model defined by [b-ISO/IEC 27091]. Therefore, it provides a set of comprehensive detailed security requirements to address the security threats across the AI system lifecycle.
This Recommendation can be used by organizations involved in entire AI system life cycle.
|
|
Comment:
|
-
|
|
Reference(s):
|
|
|
Historic references:
|
|
Contact(s):
|
|
| ITU-T A.5 justification(s): |
|
|
|
|
First registration in the WP:
2023-09-20 23:29:57
|
|
Last update:
2026-06-26 15:22:44
|