The potential of AI, especially generative AI, is immense. However, in the pursuit of progress within these new frontiers of innovation, there needs to be clear industry security standards for building and deploying this technology in a responsible manner. That’s why today we are excited to introduce the Secure AI Framework (SAIF), a conceptual framework for secure AI systems.
- For a summary of SAIF, click here.
- For examples of how practitioners can implement SAIF, click here.
Why we’re introducing SAIF now
SAIF is inspired by the security best practices — like reviewing, testing and controlling the supply chain — that we’ve applied to software development, while incorporating our understanding of security mega-trends and risks specific to AI systems.
A framework across the public and private sectors is essential for making sure that responsible actors safeguard the technology that supports AI advancements, so that when AI models are implemented, they’re secure-by-default. Today marks an important first step.
Over the years at Google, we’ve embraced an open and collaborative approach to cybersecurity. This includes combining frontline intelligence, expertise, and innovation with a commitment to share threat information with others to help respond to — and prevent — cyber attacks. Building on that approach, SAIF is designed to help mitigate risks specific to AI systems like stealing the model, data poisoning of the training data, injecting malicious inputs through prompt injection, and extracting confidential information in the training data. As AI capabilities become increasingly integrated into products across the world, adhering to a bold and responsible framework will be even more critical.
And with that, let’s take a look at SAIF and its six core elements: