Artificial Intelligence Risk Management Framework (AI RMF 1.0)

NIST AI 風險管理框架 (AI RMF 1.0)

美國國家標準與技術研究院（National Institute of Standards and Technology，NIST）於2023年1月26日發布了人工智能風險管理框架（AI Risk Management Framework，AI RMF 1.0）。這個框架旨在幫助組織更好地管理與人工智能相關的風險，提高AI系統的可信賴性。

框架概述

NIST AI RMF 是一個自願性框架，旨在改善組織在設計、開發、使用和評估AI產品、服務和系統時納入可信賴性考量的能力。

可信賴AI的特性

根據NIST的框架，可信賴的AI系統應具備以下特性：

1. Valid & Reliable (有效性和可靠性)：

   • Validation is the confirmation, through the provision of objective evidence, that the requirements for a specific intended use or application have been fulfilled

     • 透過提供客觀證據，確認特定預期用途或應用的要求已滿足
     • 你所預期的功能要正確

   • Reliability is defined in the same standard as the "ability of an item to perform as required, without failure, for a given time interval, under given conditions"

     • 在給定的時間間隔和給定的條件下，產品按要求無故障運行的能力
     • 產品運行結果要一致，且無故障
   • 這是可信賴性的必要條件，是其他可信賴性特性的基礎
   • 確保AI系統在預期用途中有效運作並產生可靠結果

2. Safe (安全性)：

   • Safe: AI systems should "not under defined conditions, lead to a state in which human life, health, property, or the environment is endangered".

     • 在特定條件下不應導致人類生命、健康、財產或環境受到威脅
   • 確保AI系統不會對人類、環境或其他系統造成不合理的安全風險

3. Secure and Resilient (安全和彈性)：

   • Resilient: AI systems can withstand unexpected adverse events or unexpected changes in their environment or use – or if they can maintain their functions and structure in the face of internal and external change and degrade safely and gracefully when this is necessary.

     • 可以承受無預期的攻擊或變化，還能運作

   • Secure: AI systems that can maintain confidentiality, integrity, and availability through protection mechanisms that prevent unauthorized access and use.

     • AI系統能維持機密性、完整性和可用性
   • 保護AI系統免受未授權訪問、使用、修改、中斷或破壞
   • 確保系統在面對變化或攻擊時能夠維持運作

4. Accountable & Transparent (問責和透明)：

   • Transparency: It reflects the extent to which information about an AI system and its outputs is available to individuals interacting with such a system – regardless of whether they are even aware that they are doing so.

   • 確保AI系統的決策過程可追溯、可解釋，並且責任明確

5. Explainable and Interpretable (可解釋和可解讀)：

   • Explainability: It refers to a representation of the mechanisms underlying AI systems’ operation.

     • How
     • 系統如何設計，如何運作，如何產出結

   • Interpretability: It refers to the meaning of AI systems’ output in the context of their designed functional purposes

     • What and Why
     • output是什麼，為什麼output是這樣
   • 確保AI系統的決策和行為可以被人類理解和解釋

6. 隱私增強（Privacy-Enhanced）：

   • Privacy refers generally to the norms and practices that help to safeguard human autonomy, identity, and dignity.

     • 有助於維護人類自主、認同和尊嚴的規範和實踐

   • These norms and practices typically address freedom from intrusion, limiting observation, or individuals’ agency to consent to disclosure or control of facets of their identities (e.g., body, data, reputation).

     • 這些規範和實踐通常涉及免受侵犯、限制觀察或個人同意披露或控制其身份資訊（例如身體、數據、聲譽）的自由)
   • 保護個人數據和隱私，確保AI系統符合隱私法規和標準

7. 公平性和有害偏見管理（Fair with Harmful Bias Managed）：

   • Fairness includes concerns for equality and equity by addressing issues such as harmful bias and discrimination.

   • 確保AI系統不會產生或放大不公平的偏見
   • 管理可能導致歧視或不公平結果的有害偏見

檢討

1. 既有資訊系統，確保安全性的機制，有哪些威脅
2. 組織導入 AI，對他們有利，但是是雙面的，會帶來哪些 threats vector 呢
3. 大量文獻中，所謂的 threats vector 有哪些？
4. 如何建立起，problems 變成可以 step by step 的方式解決，找到要閱讀的文獻
5. 應該閱讀的 papers 列下來，現在是 linear search，沒有效率的閱讀 paper
6. 去找閱讀 paper 的方法，如何有效率的完成目標，又能清處理解在說什麼
7. Windows 裝 EndNote，整理好