We use cookies to improve user experience and analyze website traffic. By clicking “Accept“, you agree to our website's cookie use as described in our Privacy Policy.
PreferencesDecline AllAccept All

Your Cookie Preferences

We use different types of cookies to optimize your experience on our website. Click on the categories below to learn more about their purposes. You may choose which types of cookies to allow and can change your preferences at any time. Remember that disabling cookies may affect your experience on the website. You can learn more about how we use cookies by visiting our Privacy Policy.

Essential Cookies
Details

These cookies are necessary to the core functionality of our website and some of its features, such as access to secure areas.

Analytics and Customization Cookies
Details

These cookies collect information that can help us understand how our websites are being used. This information can also be used to measure effectiveness in our marketing campaigns or to curate a personalized site experience for you.

Advertising Cookies
Details

These cookies are used to enhance the performance and functionality of our websites but are nonessential to their use. However, without these cookies, certain functionality (like videos)may become unavailable.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Decline AllConfirm my Choices
Back

Essential Cookies

Provider: .providername.com

Name
Purpose
Type
Expires In
__cf_bm
Cloudflare places the cookie on end-user devices that access customer sites protected by Bot Management or Bot Fight Mode.
server_cookie
30 minutes

Provider: .providername.com

Name
Purpose
Type
Expires In
_tibcpv
Used to record unique visitor views of the consent banner.
http_cookie
1 year
Back

Analytics and Customization Cookies

Name
Purpose
Marketo Munchkin
Marketo's custom JavaScript tracking code, called Munchkin, tracks all individuals who visit your website so you can react to their visits with automated marketing campaigns.
Name
Purpose
Google Tag
The Google tag (gtag.js) is a single tag you can add to a website to use a variety of Google products and services (e.g., Google Ads, Google Analytics, Campaign Manager, Display & Video 360, Search Ads 360).
Back

Performance and Functionality Cookies

Name
Purpose
LinkedIn Insight
The LinkedIn Insight Tag is a snippet of JavaScript code that loads a small library of functions you can use to track Linkedin ad-driven visitor activity on your website.
Back

Advertising Cookies

Provider: .providername.com

Name
Purpose
Type
Expires In
__cf_bm
Cloudflare places the cookie on end-user devices that access customer sites protected by Bot Management or Bot Fight Mode.
server_cookie
30 minutes

Provider: .providername.com

Name
Purpose
Type
Expires In
_tibcpv
Used to record unique visitor views of the consent banner.
http_cookie
1 year
October 30, 2023
-
5
minute read

The White House Executive Order on AI: Assessing AI Risk with Automated Testing

Author
Authors
Hyrum Anderson
Hyrum is our CTO.

This morning, President Biden issued a highly anticipated executive order that establishes new actions on the safe, secure, and trustworthy use of artificial intelligence. The White House previously disclosed that it was drafting this action in July when it announced that 15 companies had agreed to voluntary commitments on the safe, secure, and transparent development of AI. This executive order marks the most significant regulatory action taken by the federal government to date, and while it targets federal agencies, the order has significant implications for the private sector as well.

The executive order is a positive step forward to help organizations effectively manage the unique security, ethical, and operational risks that come with AI adoption. Advances in AI have far outpaced companies’ abilities to secure these systems. As an engineering discipline, AI development is nascent compared to traditional software development. We largely don’t have equivalent testing and security habits - in part because the dynamics of AI models makes this a challenging problem.

The executive order puts this into motion by requiring certain elements that were previously voluntary. While there are many parts to the order, AI red teaming is a central component. This is a new motion for most companies, but even those that have the specialized skillset know that manual red teaming doesn’t scale. Companies need to automate the parts that can be automated, which also has the added benefits of standardizing the assessment process and operationalizing risk management frameworks. Ultimately, AI red teaming is about assurance. At Robust Intelligence, we believe that organizations will require novel approaches to meet this new paradigm in AI security and comply with the executive order.

Scope of the US Executive Order

Biden’s sweeping executive order primarily targets federal agencies' deployment of AI, which includes the development of new resources, processes, and entities. This lays the groundwork for adherence by both the private and public sector. Many enterprises have already started to implement AI standards and policies, spurred by proposed legislation and voluntary frameworks - namely the EU AI Act and the NIST AI Risk Management Framework (AI RMF). The Biden Administration has consulted with over 20 countries on AI governance, which signals the global implications of any individual nation’s actions.

The executive order addresses specific focus areas of AI risk, including:

  • Develop new standards for safety and security, including AI red team tests to be set by NIST
  • Protect privacy, including guidelines to evaluate the effectiveness of privacy-preserving techniques
  • Advance civil rights, including enabling the Department of Justice and Federal civil rights offices to investigate and prosecute civil rights violations

The order also creates a new White House AI Council established to oversee the implementation of this executive order and sets timelines for federal agencies to meet the specified requirements. For instance, NIST has 270 days to develop a new companion resource to the AI RMF focused on the use and development of generative AI and the Secretary of Labor has 365 days to publish federal guidance on the use of AI-assisted hiring tools regarding nondiscrimination.

Third-Party Red Teaming

The inclusion of AI red teaming in the executive order was deliberate. It builds on the “external red teaming” language used in the voluntary AI commitments declaration and independent “testing” used in the NIST AI RMF and EU AI Act. This is an acknowledgment that all models carry some level of risk. By thoroughly assessing every model prior to use, companies can determine if the level of risk exceeds their standards or thresholds. Without such assessments, companies may unknowingly open themselves up to unnecessary security, ethical, and operational risk.

NIST has been tasked with setting the criterial for AI red teaming. As a preeminent physical science laboratory attached to the US Department of Commerce, National Institute of Standards and Technology (NIST) standards are designed to enhance economic security and improve our quality of life. Their AI RMF is the most widely adopted framework to date.

We’ll have to wait to see how NIST interprets these evaluations because there’s no single accepted definition of what AI red teaming entails, however the executive order defines AI red teaming as a practice used to "adopt adversarial methods to identify flaws and vulnerabilities, such as harmful or discriminatory outputs from an AI system, unforeseen or undesirable system behaviors, limitations, or potential risks associated with the misuse of the system." AI red teaming as a cybersecurity practice has a history of contentious definitions. Its military roots stem from war gaming, USAF red flag exercises, TSA screening, DARPA challenges, and more. Practically speaking, the primary purpose of AI red teaming is assurance, and it should be conducted at three points in the AI lifecycle:

  • the model level
  • the application level before release
  • continuously after release because an application’s behavior depends on new data that is always changing

It’s important to note that red teaming is not limited to security and privacy vulnerabilities. This practice should be used to identify ethical and operational weaknesses as well, such as bias, toxicity, hallucinations, factual inconsistency, and more.

Where to Start

Starting an AI red team may seem daunting, but there are certain practices and tools that can help you get started an increase your effectiveness. Automated solutions, such as the one offered by Robust Intelligence, should be used for the elements that can be automated. For example, automation is best used for focused testing at the system component level on fine-tuned models and the like, whereas manual, open-ended testing is best done at the system level to find novel failure modes between components.

It’s also helpful to aspire to a 90/10 rule, meaning you should spend less than 10% of your time getting 90% of testing completed through tooling and automation. The rest of your time budget (90% or more) is to get the last 10% of corner cases through manual trial and error.

An automated approach to AI red teaming has the added benefit for providing an organizational-level standard. When considering solutions, you should consider the following capabilities:

  • Identify risks early in development - use hundreds of specialized tests, as well as algorithmically-generated red teaming attacks, to automatically identify model vulnerabilities and unintended behavior
  • Spot new risks in production models - continue testing models periodically and analyzes the outputs over time
  • Validate models quickly - translate statistical test results into clearly defined outputs that meet major AI risk frameworks and regulatory requirements
  • Enforce custom AI risk standards - tune parameters and add custom tests to meet your needs

In Summary

The AI executive order is a significant milestone, and not just for federal agencies or those doing business with the government. The new resources, processes, and entities will lay the groundwork for enterprises to accelerate adoption of AI red teaming, which in turn will give companies the confidence to deploy more AI-powered applications and realize the full potential of AI.

To learn more about using automated red teaming to satisfy AI risk standards and regulatory compliance, visit our website or request a demo.

Author
Authors
Hyrum Anderson
Hyrum is our CTO.
Share article
Social

Follow us on LinkedIn

Newsletter

Subscribe to our newsletter

Thank you!
You have successfully subscribed to our list
Oops! Something went wrong while submitting the form.

Related articles

April 26, 2024
-
5
minute read

AI Cyber Threat Intelligence Roundup: April 2024

For:
April 2, 2024
-
3
minute read

Robust Intelligence Partners with CrowdStrike to Bring Our Real-Time AI Security Telemetry to Falcon LogScale

For:
March 28, 2024
-
4
minute read

AI Governance Policy Roundup (March 2024)

For:
+   More Articles

Related articles

July 24, 2023
-
6
minute read

Leading AI Companies Commit to AI Risk Management: What the White House Agreement Means for Enterprises

For:
August 9, 2023
-
4
minute read

Robust Intelligence partners with MITRE to Tackle AI Supply Chain Risks in Open-Source Models

For:
June 20, 2023
-
5
minute read

Why We Need Risk Assessments for Generative AI

For:
Model Compliance Assessment
+   More Articles

Ready to learn more?

See why we’re the enterprise choice for AI application security.
Get a Demo
October 30, 2023
-
5
minute read

The White House Executive Order on AI: Assessing AI Risk with Automated Testing

Author
Authors
Hyrum Anderson
Hyrum is our CTO.

This morning, President Biden issued a highly anticipated executive order that establishes new actions on the safe, secure, and trustworthy use of artificial intelligence. The White House previously disclosed that it was drafting this action in July when it announced that 15 companies had agreed to voluntary commitments on the safe, secure, and transparent development of AI. This executive order marks the most significant regulatory action taken by the federal government to date, and while it targets federal agencies, the order has significant implications for the private sector as well.

The executive order is a positive step forward to help organizations effectively manage the unique security, ethical, and operational risks that come with AI adoption. Advances in AI have far outpaced companies’ abilities to secure these systems. As an engineering discipline, AI development is nascent compared to traditional software development. We largely don’t have equivalent testing and security habits - in part because the dynamics of AI models makes this a challenging problem.

The executive order puts this into motion by requiring certain elements that were previously voluntary. While there are many parts to the order, AI red teaming is a central component. This is a new motion for most companies, but even those that have the specialized skillset know that manual red teaming doesn’t scale. Companies need to automate the parts that can be automated, which also has the added benefits of standardizing the assessment process and operationalizing risk management frameworks. Ultimately, AI red teaming is about assurance. At Robust Intelligence, we believe that organizations will require novel approaches to meet this new paradigm in AI security and comply with the executive order.

Scope of the US Executive Order

Biden’s sweeping executive order primarily targets federal agencies' deployment of AI, which includes the development of new resources, processes, and entities. This lays the groundwork for adherence by both the private and public sector. Many enterprises have already started to implement AI standards and policies, spurred by proposed legislation and voluntary frameworks - namely the EU AI Act and the NIST AI Risk Management Framework (AI RMF). The Biden Administration has consulted with over 20 countries on AI governance, which signals the global implications of any individual nation’s actions.

The executive order addresses specific focus areas of AI risk, including:

  • Develop new standards for safety and security, including AI red team tests to be set by NIST
  • Protect privacy, including guidelines to evaluate the effectiveness of privacy-preserving techniques
  • Advance civil rights, including enabling the Department of Justice and Federal civil rights offices to investigate and prosecute civil rights violations

The order also creates a new White House AI Council established to oversee the implementation of this executive order and sets timelines for federal agencies to meet the specified requirements. For instance, NIST has 270 days to develop a new companion resource to the AI RMF focused on the use and development of generative AI and the Secretary of Labor has 365 days to publish federal guidance on the use of AI-assisted hiring tools regarding nondiscrimination.

Third-Party Red Teaming

The inclusion of AI red teaming in the executive order was deliberate. It builds on the “external red teaming” language used in the voluntary AI commitments declaration and independent “testing” used in the NIST AI RMF and EU AI Act. This is an acknowledgment that all models carry some level of risk. By thoroughly assessing every model prior to use, companies can determine if the level of risk exceeds their standards or thresholds. Without such assessments, companies may unknowingly open themselves up to unnecessary security, ethical, and operational risk.

NIST has been tasked with setting the criterial for AI red teaming. As a preeminent physical science laboratory attached to the US Department of Commerce, National Institute of Standards and Technology (NIST) standards are designed to enhance economic security and improve our quality of life. Their AI RMF is the most widely adopted framework to date.

We’ll have to wait to see how NIST interprets these evaluations because there’s no single accepted definition of what AI red teaming entails, however the executive order defines AI red teaming as a practice used to "adopt adversarial methods to identify flaws and vulnerabilities, such as harmful or discriminatory outputs from an AI system, unforeseen or undesirable system behaviors, limitations, or potential risks associated with the misuse of the system." AI red teaming as a cybersecurity practice has a history of contentious definitions. Its military roots stem from war gaming, USAF red flag exercises, TSA screening, DARPA challenges, and more. Practically speaking, the primary purpose of AI red teaming is assurance, and it should be conducted at three points in the AI lifecycle:

  • the model level
  • the application level before release
  • continuously after release because an application’s behavior depends on new data that is always changing

It’s important to note that red teaming is not limited to security and privacy vulnerabilities. This practice should be used to identify ethical and operational weaknesses as well, such as bias, toxicity, hallucinations, factual inconsistency, and more.

Where to Start

Starting an AI red team may seem daunting, but there are certain practices and tools that can help you get started an increase your effectiveness. Automated solutions, such as the one offered by Robust Intelligence, should be used for the elements that can be automated. For example, automation is best used for focused testing at the system component level on fine-tuned models and the like, whereas manual, open-ended testing is best done at the system level to find novel failure modes between components.

It’s also helpful to aspire to a 90/10 rule, meaning you should spend less than 10% of your time getting 90% of testing completed through tooling and automation. The rest of your time budget (90% or more) is to get the last 10% of corner cases through manual trial and error.

An automated approach to AI red teaming has the added benefit for providing an organizational-level standard. When considering solutions, you should consider the following capabilities:

  • Identify risks early in development - use hundreds of specialized tests, as well as algorithmically-generated red teaming attacks, to automatically identify model vulnerabilities and unintended behavior
  • Spot new risks in production models - continue testing models periodically and analyzes the outputs over time
  • Validate models quickly - translate statistical test results into clearly defined outputs that meet major AI risk frameworks and regulatory requirements
  • Enforce custom AI risk standards - tune parameters and add custom tests to meet your needs

In Summary

The AI executive order is a significant milestone, and not just for federal agencies or those doing business with the government. The new resources, processes, and entities will lay the groundwork for enterprises to accelerate adoption of AI red teaming, which in turn will give companies the confidence to deploy more AI-powered applications and realize the full potential of AI.

To learn more about using automated red teaming to satisfy AI risk standards and regulatory compliance, visit our website or request a demo.

Author
Authors
Hyrum Anderson
Hyrum is our CTO.
Share article
Newsletter

Subscribe to our newsletter

Thank you!
You have successfully subscribed to our list
Oops! Something went wrong while submitting the form.
Blog

Related articles

February 2, 2023
-
3
minute read

Secure Cloud Deployment with Robust Intelligence

For:
June 7, 2022
-
4
minute read

Avoiding Risk in Computer Vision Models

For:
March 28, 2024
-
4
minute read

AI Governance Policy Roundup (March 2024)

For:
July 24, 2023
-
6
minute read

Leading AI Companies Commit to AI Risk Management: What the White House Agreement Means for Enterprises

For:
August 9, 2023
-
4
minute read

Robust Intelligence partners with MITRE to Tackle AI Supply Chain Risks in Open-Source Models

For:
June 20, 2023
-
5
minute read

Why We Need Risk Assessments for Generative AI

For:
Model Compliance Assessment
+   More Articles

Achieve AI Integrity Today

Request a Demo