Three Challenges to Secure AI Systems in the Context of AI Regulations

This article examines the interplay between artificial intelligence (AI) and cybersecurity in light of future regulatory requirements on the security of AI systems, specifically focusing on the robustness of high-risk AI systems against cyberattacks in the context of the European Union's AI Act. The paper identifies and analyses three challenges: the diversity and complexity of AI technologies, the assessment of AI-specific risks, and the development of AI systems that are secure by design. The discussion highlights the technological limitations and unique vulnerabilities present in AI systems and the absence of established cybersecurity practices tailored to these systems. The contribution of the article is twofold: 1) providing an overview of AI cybersecurity practices; and 2) identifying gaps in current approaches to security conformity assessment for AI systems. Our analysis emphasises the need for continuous alignment between legal requirements and technological capabilities, acknowledging the necessity for further research and development to address the challenges. It concludes that comprehensive cybersecurity practices must evolve to accommodate the unique aspects of AI, with a collaborative effort from various sectors to ensure effective implementation and standardisation.

HAMON Ronan;  JUNKLEWITZ Henrik;  SOLER GARRIDO Josep;  SANCHEZ Ignacio; 

2024-06-21

IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC

JRC136529

2169-3536 (online),   

https://ieeexplore.ieee.org/abstract/document/10506836,    https://publications.jrc.ec.europa.eu/repository/handle/JRC136529,   

10.1109/ACCESS.2024.3391021 (online),