Identifying the Supply Chain of AI for Trustworthiness and Risk Management in Critical Applications
By: Raymond K. Sheh, Karen Geappen
Potential Business Impact:
Finds hidden dangers in AI's building blocks.
Risks associated with the use of AI, ranging from algorithmic bias to model hallucinations, have received much attention and extensive research across the AI community, from researchers to end-users. However, a gap exists in the systematic assessment of supply chain risks associated with the complex web of data sources, pre-trained models, agents, services, and other systems that contribute to the output of modern AI systems. This gap is particularly problematic when AI systems are used in critical applications, such as the food supply, healthcare, utilities, law, insurance, and transport. We survey the current state of AI risk assessment and management, with a focus on the supply chain of AI and risks relating to the behavior and outputs of the AI system. We then present a proposed taxonomy specifically for categorizing AI supply chain entities. This taxonomy helps stakeholders, especially those without extensive AI expertise, to "consider the right questions" and systematically inventory dependencies across their organization's AI systems. Our contribution bridges a gap between the current state of AI governance and the urgent need for actionable risk assessment and management of AI use in critical applications.
Similar Papers
Surveying the Operational Cybersecurity and Supply Chain Threat Landscape when Developing and Deploying AI Systems
Cryptography and Security
Protects AI from new kinds of computer attacks.
AI Supply Chains: An Emerging Ecosystem of AI Actors, Products, and Services
Computers and Society
Makes AI development and rules easier to understand.
Autonomous AI-based Cybersecurity Framework for Critical Infrastructure: Real-Time Threat Mitigation
Cryptography and Security
Protects power, water, and hospitals from hackers.