This chapter explores the evolving landscape of AI system security, emphasizing the dual imperative of technical robustness and ethical governance. It systematically reviews emerging threats such as adversarial attacks, model extraction, data poisoning, and prompt injection, highlighting their growing sophistication and societal risks. To counteract these challenges, the chapter presents a layered defense approach encompassing adversarial training, differential privacy, runtime monitoring, and formal verification. It further contextualizes the importance of AI-specific standards and frameworks—including the NIST AI RMF, ISO/IEC 42001, OWASP Top 10, and the EU AI Act—in institutionalizing risk-based security practices. A key contribution is the introduction of anti-requirements as a novel governance tool that defines explicit system constraints, particularly in safety-critical and dual-use scenarios. These anti-requirements are classified into safety constraints, fairness boundaries, and privacy guards, illustrating their role in safeguarding against harm, bias, and data misuse. The chapter argues that the integration of technical safeguards with governance principles is essential for enabling trustworthy, resilient, and accountable AI systems in real-world deployments.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Security as an Ethical Imperative in AI Systems

  • Roberto Andrade,
  • Carlos Ayala,
  • Paulina Morillo

摘要

This chapter explores the evolving landscape of AI system security, emphasizing the dual imperative of technical robustness and ethical governance. It systematically reviews emerging threats such as adversarial attacks, model extraction, data poisoning, and prompt injection, highlighting their growing sophistication and societal risks. To counteract these challenges, the chapter presents a layered defense approach encompassing adversarial training, differential privacy, runtime monitoring, and formal verification. It further contextualizes the importance of AI-specific standards and frameworks—including the NIST AI RMF, ISO/IEC 42001, OWASP Top 10, and the EU AI Act—in institutionalizing risk-based security practices. A key contribution is the introduction of anti-requirements as a novel governance tool that defines explicit system constraints, particularly in safety-critical and dual-use scenarios. These anti-requirements are classified into safety constraints, fairness boundaries, and privacy guards, illustrating their role in safeguarding against harm, bias, and data misuse. The chapter argues that the integration of technical safeguards with governance principles is essential for enabling trustworthy, resilient, and accountable AI systems in real-world deployments.