Cited By
View all- Singh KSaxena RKumar B(2024)AI Security: Cyber Threats and Threat-Informed Defense2024 8th Cyber Security in Networking Conference (CSNet)10.1109/CSNet64211.2024.10851770(305-312)Online publication date: 4-Dec-2024
AI Security Continuum: Concept and Challenges
Pages 269 - 270
Abstract
We propose a conceptual framework, named "AI Security Continuum," consisting of dimensions to deal with challenges of the breadth of the AI security risk sustainably and systematically under the emerging context of the computing continuum as well as continuous engineering. The dimensions identified are the continuum in the AI computing environment, the continuum in technical activities for AI, the continuum in layers in the overall architecture, including AI, the level of AI automation, and the level of AI security measures. We also prospect an engineering foundation that can efficiently and effectively raise each dimension.
References
[1]
AIST, "Machine Learning Quality Management Guideline", https://www.digiarc.aist.go.jp/en/publication/aiqm/, 2023.
[2]
QA4AI Consortium, "QA4AI Guideline", https://www.qa4ai.jp/, 2022.
[3]
MLSE, "Machine Learning System Security Guidelines", https://github.com/mlse-jssst/security-guideline, 2023.
[4]
MITRE, "ATLAS", https://atlas.mitre.org/.
[5]
The European Union Agency for Cybersecurity, "Artificial Intelligence Cybersecurity Challenges", https://www.enisa.europa.eu/publications/artificial-intelligence-cybersecurity-challenges
[6]
Microsoft, "Threat Modeling AI/ML Systems and Dependencies", https://learn.microsoft.com/en-us/security/engineering/threat-modeling-aiml.
[7]
ICO, "AI and data protection risk mitigation and management toolkit", https://ico.org.uk/about-the-ico/ico-and-stakeholder-consultations/ai-and-data-protection-risk-mitigation-and-management-toolkit/.
[8]
NIST, "NIST IR8269: A Taxonomy and Terminology of Adversarial Machine Learning", https://csrc.nist.gov/publications/detail/nistir/8269/draft.
[9]
R. Feldt, et al., "Ways of applying artificial intelligence in software engineering," RAISE 2018
[10]
J. Runpakprakun, et al., "Towards Integrated Model-Based Machine Learning Experimentation Framework," DSA 2023
[11]
J. Husen, et al., "Metamodel-Based Multi-View Modeling Framework for Machine Learning Systems," MODELSWARD 2023
[12]
T. Xia, et al, "Cloud Security and Privacy Metamodel: Metamodel for Security and Privacy Knowledge in Cloud Services," MODELSWARD 2018
[13]
H. Washizaki, et al., "Software Engineering Design Patterns for Machine Learning Applications," IEEE Computer 55(3) 2022
[14]
E. Fernandez, et al., "Abstract security patterns and the design of secure systems," Cybersecurity 5(7) 2022
[15]
T. Kobashi, et al., "Validating Security Design Pattern Applications by Testing Design Models," IJSSE 5(4) 2014
[16]
R. Ishizue, et al., "Improvement in Program Repair Methods using Refactoring with GPT Models," ACM SIGCSE 2024
[17]
H. Washizaki, et al., "A Technique for Automatic Component Extraction from Object-Oriented Programs by Refactoring," SCP 56(1-2) 2005
[18]
H. Takeuchi, et al., "Enterprise Architecture-based Metamodel for a Holistic Business - IT Alignment View on Machine Learning Projects," ICEBE 2023
Recommendations
Security engineering risk analysis (SERA)
SER&IP '16: Proceedings of the 3rd International Workshop on Software Engineering Research and Industrial PracticeIn this presentation, I describe how the SEI's Security Engineering Risk Analysis (SERA) method provides a structure that connects desired system functionality with the underlying software to evaluate the sufficiency of requirements for software ...
Analysing Information Security Risk Ontologies
This research work presents existing security ontologies and identifies relevant security ontology requirements in information systems. Moreover, it proposes a new classification of security ontologies in which, two main families, namely ontologies-...
AI for DevSecOps: A Landscape and Future Opportunities
DevOps has emerged as one of the most rapidly evolving software development paradigms. With the growing concerns surrounding security in software systems, the DevSecOps paradigm has gained prominence, urging practitioners to incorporate security practices ...
Comments
Information & Contributors
Information
Published In
April 2024
307 pages
ISBN:9798400705915
DOI:10.1145/3644815
- Chair:
- Jane Cleland-Huang,
- Co-chair:
- Jan Bosch,
- Program Chair:
- Henry Muccini,
- Program Co-chair:
- Grace Lewis
Copyright © 2024 Copyright held by the owner/author(s).
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the owner/author(s).
Sponsors
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 11 June 2024
Check for updates
Author Tags
Qualifiers
- Poster
Funding Sources
Conference
CAIN 2024
Sponsor:
CAIN 2024: IEEE/ACM 3rd International Conference on AI Engineering - Software Engineering for AI
April 14 - 15, 2024
Lisbon, Portugal
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- View Citations1Total Citations
- 94Total Downloads
- Downloads (Last 12 months)94
- Downloads (Last 6 weeks)23
Reflects downloads up to 02 Mar 2025
Other Metrics
Citations
Cited By
View all- Singh KSaxena RKumar B(2024)AI Security: Cyber Threats and Threat-Informed Defense2024 8th Cyber Security in Networking Conference (CSNet)10.1109/CSNet64211.2024.10851770(305-312)Online publication date: 4-Dec-2024
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in