The potential of AI, especially generative AI, is immense. However, in the pursuit of progress within these new frontiers of innovation, there needs to be clear industry security standards for building and deploying this technology in a responsible manner. That’s why today we are excited to introduce the Secure AI Framework (SAIF), a conceptual framework for secure AI systems.

  • For a summary of SAIF, click this PDF.
  • For examples of how practitioners can implement SAIF, click this PDF.

Why we’re introducing SAIF now

SAIF is inspired by the security best practices — like reviewing, testing and controlling the supply chain — that we’ve applied to software development, while incorporating our understanding of security mega-trends and risks specific to AI systems.

A framework across the public and private sectors is essential for making sure that responsible actors safeguard the technology that supports AI advancements, so that when AI models are implemented, they’re secure-by-default. Today marks an important first step.

Over the years at Google, we’ve embraced an open and collaborative approach to cybersecurity. This includes combining frontline intelligence, expertise, and innovation with a commitment to share threat information with others to help respond to — and prevent — cyber attacks. Building on that approach, SAIF is designed to help mitigate risks specific to AI systems like stealing the modeldata poisoning of the training data, injecting malicious inputs through prompt injection, and extracting confidential information in the training data. As AI capabilities become increasingly integrated into products across the world, adhering to a bold and responsible framework will be even more critical.

1. Expand strong security foundations to the AI ecosystem

This includes leveraging secure-by-default infrastructure protections and expertise built over the last two decades to protect AI systems, applications and users. At the same time, develop organizational expertise to keep pace with advances in AI and start to scale and adapt infrastructure protections in the context of AI and evolving threat models. For example, injection techniques like SQL injection have existed for some time, and organizations can adapt mitigations, such as input sanitization and limiting, to help better defend against prompt injection style attacks.

illustration of a red hat and black glasses and target crosshairs

2. Extend detection and response to bring AI into an organization’s threat universe

Timeliness is critical in detecting and responding to AI-related cyber incidents, and extending threat intelligence and other capabilities to an organization improves both. For organizations, this includes monitoring inputs and outputs of generative AI systems to detect anomalies and using threat intelligence to anticipate attacks. This effort typically requires collaboration with trust and safety, threat intelligence, and counter abuse teams.

illustration of a skull and shield and sword

3. Automate defenses to keep pace with existing and new threats

The latest AI innovations can improve the scale and speed of response efforts to security incidents. Adversaries will likely use AI to scale their impact, so it is important to use AI and its current and emerging capabilities to stay nimble and cost effective in protecting against them.

4. Harmonize platform level controls to ensure consistent security across the organization

Consistency across control frameworks can support AI risk mitigation and scale protections across different platforms and tools to ensure that the best protections are available to all AI applications in a scalable and cost efficient manner. At Google, this includes extending secure-by-default protections to AI platforms like Vertex AI and Security AI Workbench, and building controls and protections into the software development lifecycle. Capabilities that address general use cases, like Perspective API, can help the entire organization benefit from state of the art protections.

illustration of a light bulb

5. Adapt controls to adjust mitigations and create faster feedback loops for AI deployment

Constant testing of implementations through continuous learning can ensure detection and protection capabilities address the changing threat environment. This includes techniques like reinforcement learning based on incidents and user feedback and involves steps such as updating training data sets, fine-tuning models to respond strategically to attacks and allowing the software that is used to build models to embed further security in context (e.g. detecting anomalous behavior). Organizations can also conduct regular red team exercises to improve safety assurance for AI-powered products and capabilities.

illustration of a magnifying glass

6. Contextualize AI system risks in surrounding business processes

Lastly, conducting end-to-end risk assessments related to how organizations will deploy AI can help inform decisions. This includes an assessment of the end-to-end business risk, such as data lineage, validation and operational behavior monitoring for certain types of applications. In addition, organizations should construct automated checks to validate AI performance.

illustration of a castle tower as a shield

Why we support a secure AI community for everyone

We’ve long advocated for, and often developed, industry frameworks to raise the security bar and reduce overall risk. We’ve collaborated with others to launch the Supply-chain Levels for Software Artifacts (SLSA) framework to improve software supply chain integrity, and our pioneering work on our BeyondCorp access model led to the zero trust principles which are industry standard today. What we learned from these and other efforts is that to succeed in the long term, you have to build a community to support and advance the work. That’s why we’re excited to announce the first steps in our journey to build a SAIF community for everyone.

How Google is putting SAIF into action

We’re already taking five steps to support and advance a framework that works for all.

  1. Fostering industry support for SAIF with the announcement of key partners and contributors in the coming months and continued industry engagement to help develop the NIST AI Risk Management Framework and ISO/IEC 42001 AI Management System Standard (the industry’s first AI certification standard). These standards rely heavily on the security tenets in the NIST Cybersecurity Framework and ISO/IEC 27001 Security Management System — which Google will be participating in to ensure planned updates are applicable to emerging technology like AI — and are consistent with SAIF elements.
  2. Working directly with organizations, including customers and governments to help them understand how to assess AI security risks and mitigate them. This includes conducting workshops with practitioners and continuing to publish best practices for deploying AI systems securely.
  3. Sharing insights from Google’s leading threat intelligence teams like Mandiant and TAG on cyber activity involving AI systems. To learn more about some of the ways Google practitioners are leveraging generative AI to identify threats faster, eliminate toil, and better solve for security talent gaps, see here.
  4. Expanding our bug hunters programs (including our Vulnerability Rewards Program) to reward and incentivize research around AI safety and security.
  5. Continuing to deliver secure AI offerings with partners like GitLab and Cohesity, and further develop new capabilities to help customers build secure systems. That includes our commitment to the open source community and we will soon publish several open source tools to help put SAIF elements into practice for AI security.

As we advance SAIF, we’ll continue to share research and explore methods that help to utilize AI in a secure way. We’re committed to working with governments, industry and academia to share insights and achieve common goals to ensure that this profoundly helpful technology works for everyone, and that we as a society get it right.

Source

94 comments
  1. Aw, this was a really nice post. In thought I wish to put in writing like this moreover – taking time and actual effort to make a very good article… but what can I say… I procrastinate alot and not at all appear to get something done.

  2. Attractive section of content. I simply stumbled upon your site and in accession capital to say that I get in fact enjoyed account your weblog posts. Anyway I will be subscribing on your feeds or even I achievement you access constantly rapidly.

  3. I have read several good stuff here. Certainly price bookmarking for revisiting. I surprise how so much attempt you set to create this type of fantastic informative web site.

  4. I have been browsing on-line greater than three hours these days, but I by no means discovered any interesting article like yours. It¦s pretty value enough for me. Personally, if all webmasters and bloggers made excellent content as you probably did, the net might be a lot more useful than ever before.

  5. I’d have to examine with you here. Which is not one thing I usually do! I take pleasure in reading a post that may make folks think. Additionally, thanks for permitting me to comment!

  6. Heya i am for the primary time here. I came across this board and I find It truly useful & it helped me out much. I’m hoping to offer one thing back and help others like you helped me.

  7. What Is LeanBiome? LeanBiome is a natural weight loss supplement that reverses bacterial imbalance in your gut microbiome with the help of nine science-backed lean bacteria species with Greenselect Phytosome, a caffeine-free green tea extract crafted with patented phytosome technology.

  8. I am writing to make you be aware of of the outstanding experience my wife’s child had viewing your web site. She mastered many details, with the inclusion of what it’s like to possess an incredible helping heart to get folks with ease comprehend chosen grueling subject areas. You really did more than people’s expectations. Thanks for coming up with those good, healthy, educational as well as fun tips about your topic to Kate.

  9. I’ve been exploring for a bit for any high-quality articles or blog posts on this kind of area . Exploring in Yahoo I at last stumbled upon this web site. Reading this info So i’m happy to convey that I’ve a very good uncanny feeling I discovered exactly what I needed. I most certainly will make certain to do not forget this site and give it a look regularly.

  10. I discovered your blog site on google and check a few of your early posts. Continue to keep up the very good operate. I just additional up your RSS feed to my MSN News Reader. Seeking forward to reading more from you later on!…

  11. Hmm is anyone else encountering problems with the images on this blog loading? I’m trying to determine if its a problem on my end or if it’s the blog. Any feed-back would be greatly appreciated.

  12. Hi, I think your site might be having browser compatibility issues. When I look at your website in Safari, it looks fine but when opening in Internet Explorer, it has some overlapping. I just wanted to give you a quick heads up! Other then that, fantastic blog!

  13. Excellent post. I was checking constantly this blog and I’m impressed! Very helpful info specifically the last part 🙂 I care for such information much. I was looking for this particular information for a very long time. Thank you and best of luck.

  14. The root of your writing whilst sounding reasonable at first, did not settle properly with me after some time. Someplace within the paragraphs you actually were able to make me a believer but just for a short while. I however have got a problem with your leaps in assumptions and one would do well to fill in those gaps. In the event you actually can accomplish that, I will undoubtedly be impressed.

  15. I do agree with all of the ideas you’ve presented in your post. They are very convincing and will certainly work. Still, the posts are too short for starters. Could you please extend them a bit from next time? Thanks for the post.

  16. I have to point out my passion for your kindness for men and women that must have help with this theme. Your special commitment to passing the message along appeared to be exceedingly informative and has all the time allowed women like me to realize their ambitions. Your new helpful tips and hints means much to me and far more to my office workers. With thanks; from each one of us.

  17. I just couldn’t depart your web site before suggesting that I actually enjoyed the standard information a person provide for your visitors? Is gonna be back often to check up on new posts

  18. Thank you for another wonderful article. Where else could anybody get that type of info in such a perfect way of writing? I have a presentation next week, and I’m on the look for such information.

  19. Greetings from Ohio! I’m bored to death at work so I decided to check out your website on my iphone during lunch break. I love the knowledge you provide here and can’t wait to take a look when I get home. I’m amazed at how fast your blog loaded on my cell phone .. I’m not even using WIFI, just 3G .. Anyways, superb site!

  20. Fitspresso is a brand-new natural weight loss aid designed to work on the root cause of excess and unexplained weight gain. The supplement uses an advanced blend of vitamins, minerals, and antioxidants to support healthy weight loss by targeting the fat cells’ circadian rhythm.

  21. Thanks for the sensible critique. Me & my neighbor were just preparing to do a little research on this. We got a grab a book from our local library but I think I learned more from this post. I am very glad to see such great information being shared freely out there.

  22. I would like to thnkx for the efforts you have put in writing this blog. I’m hoping the same high-grade blog post from you in the upcoming as well. In fact your creative writing skills has encouraged me to get my own web site now. Actually the blogging is spreading its wings fast. Your write up is a good example of it.

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Across the globe, Apple and its teams find new ways to give

The company’s Employee Giving program has raised over $880 million, with more…

Accelerating telco transformation in the era of AI

AI is redefining digital transformation for every industry, including telecommunications. Every operator’s…

New Cisco 800G Innovations Help to Supercharge the Internet for the Future

News Summary: Cisco’s new 28.8T / 36 x 800G line card, powered…

KPMG and Microsoft enter landmark agreement to put AI at the forefront of professional services

Multi-year cloud and AI alliance to supercharge the employee experience and accelerate…

Apple lands historic first Best Picture Oscar nomination for “CODA,”and secures six Academy Award nominations including Best Actor for Denzel Washington in “The Tragedy of Macbeth” and Best Supporting Actor for Troy Kotsur in “CODA”

CUPERTINO, CALIFORNIA Apple today made history, landing six Academy Award nominations in several…

New updates to ensure safer learning at school and at home

The Google for Education team continues to build education services with highly…

Samsung Electronics Introduces Standardized 5G NTN Modem Technology To Power Smartphone-Satellite Communication

Samsung Electronics, a world leader in advanced semiconductor technology, today announced that…

New immersive AR experience brings student creativity to life

Australian artists create a new immersive educational experience, inspiring global cocreation and…