The recently launched Coalition for Secure AI (CoSAI) initiative is a groundbreaking open source project aimed at bolstering the security of artificial intelligence. Comprising a diverse group of stakeholders, CoSAI fosters collaboration in security expertise, best practices, product development, and AI security research with the ultimate goal of ensuring safe integration of AI across organizations at every stage of development and deployment.
Operating under the umbrella of the Organization for the Advancement of Structured Information Systems Open initiative, CoSAI was officially announced at the Aspen Security Forum in July 2024. The founding sponsors of this initiative include tech giants like Amazon, Google, IBM, Intel, Microsoft, Nvidia, and others, who have come together to form a Project Governing Board (PGB) and a Technical Steering Committee to oversee this crucial initiative.
With a mission to improve security in AI technology, build trust in AI, and promote the responsible development of secure-by-design AI systems, CoSAI has laid out three primary objectives. Firstly, the initiative aims to leverage the expertise of the open project community to identify vulnerabilities in AI security and develop solutions to combat security threats like data poisoning, model theft, and inference attacks.
Secondly, CoSAI seeks to establish standardized guidelines, frameworks, and evaluation methodologies to enhance security in AI technology and foster consistency across industries. Thirdly, the coalition is committed to democratizing access to resources and guidance for building secure AI systems by offering technical participation to all developers, irrespective of their experience or budget.
The necessity for an initiative like CoSAI arises from the rapid expansion and adoption of AI technologies, which have brought along various security vulnerabilities. These vulnerabilities include the lack of standardized best practices, potential risks of data poisoning and cyberattacks, the need for collaboration among stakeholders, and the hesitation in adopting AI due to concerns about security.
To address these challenges, CoSAI has set up three main workstreams focusing on AI risk governance, cybersecurity landscape preparedness, and software supply chain security for AI systems. These workstreams aim to provide resources, frameworks, and best practices to enhance the security of AI products and improve accountability and trust in AI systems.
Companies looking to participate in the CoSAI initiative can do so by becoming sponsors, contributing technically to the projects, or simply staying informed through the official website and Github repositories. Participation is encouraged and welcomed, as CoSAI strives to create a collaborative ecosystem where industry leaders, experts, and developers can come together to advance AI technology securely and responsibly.