Skip to main content

AI – Standards, Guidelines, Frameworks – an Overview

With the release of ISO/IEC 42001:2023, there has been a noticeable excitement regarding the establishment of a management system designed to effectively oversee the implementation of AI and its associated applications. It is also known that prior to release this management system there were quite a few standards, Guidelines, technical papers were released in last two years and there are a few which are under development.

Also, it is apparent that the standards, methods, and frameworks pertaining to AI must encompass aspects of data and security.

This article delves into the prominent AI/Data/Security related standards, particularly focusing on key ISO/IEC standards (Note: the list provided is for illustrative purpose only and may not be exhaustive).

A further examination reveals that these standards encompass various types of documentation, including Management Systems, Guidelines, Standards, Frameworks, Technical Specifications/Reports, Vocabulary, and more (additional details on the document types can be found on the ISO.ORG website).

(This write-up refers to all such documents as standards for the ease of use.)

Kudos to International Standards Organizations like ISO/IEC and national bodies such as BSI, ANSI, DIN, etc., for their commendable efforts in ensuring the establishment of such standards, contributing significantly to the robustness and trustworthiness of these systems.

Following diagram illustrates these key standards.

The recent release of the AI Management System is noteworthy, given the plethora of guidelines and technical specifications available since 2021 for organizational use. The application of Generative AI, along with the use of Large Language Models (LLMs) in business functions, underscores the need for organizations to adopt these models judiciously. It is crucial to strategically approach the adoption and carefully consider the associated risks.

The risks linked to adoption, particularly concerning data/model bias and system implications, outweigh the benefits. Some of these established standards outline prerequisites such as Management commitment, appropriate structure, relevant tools, enhanced controls, deliberate efforts to reduce bias, ethical practices, improved testing and assessment mechanisms, and robust quality assurance processes.

From a security standpoint, robust cybersecurity practices and effective risk management are imperative. The ISO 27001 (ISMS) standard has played a significant role in recent years, gaining added importance in the context of AI adoption. Standards addressing risks related to AI adoption are pivotal considerations.

On the data front, standards defining the Data Life Cycle Framework or ensuring Data Quality for Analytics in Machine Learning, as well as those pertaining to Process Management for Big Data, are fundamental. These standards play a key role in establishing comprehensive data management practices across the entire data life cycle.

Below is the compiled list of standards

Standards

Institution

Type

Domain

Stage

ISO 31000:2018

ISO/IEC

Guideline

Risk management
Guidelines

Published – Feb 2018 (under Review now)

ISO/IEC FDIS 5339

ISO/IEC

Guideline

Guideline for AI Applications

Under Development

ISO/IEC 42001:2023

ISO/IEC

Management System

Information Technology — Artificial intelligence — Management system

Published – Dec 2023

ISO/IEC 24029-2:2023

ISO/IEC

Assessment

Assessment of the robustness of neural networks Part 2

Published – Aug 2023

ISO/IEC 8183:2023

ISO/IEC

Framework

Artificial intelligence – Data life cycle framework

Published – Jul 2023

ISO/IEC 25059:2023,

ISO/IEC

Quality Models

Quality Models for AI

Published – June 2023
To be revised

ISO/IEC 23894:2023

ISO/IEC

Guideline

guidelines for risk management of AI applications.

Published – Feb 2023

AS ISO/IEC 24668:2022

ISO/IEC

Framework

Process management framework for big data analytics

Published – Nov 2022

ISO/IEC 2382:2015

ISO/IEC

Vocabulary / Terminology

Information technology
Vocabulary

Published – May 2015, Corrected version Oct 2022
(Site states that it is under review currently)

ISO/IEC 27001:2022

ISO/IEC

Management System

Information security management systems Requirements

Published – Oct 2022

ISO/IEC 22989

ISO/IEC

Vocabulary / Terminology / Taxonomy

AI concepts and Terminology

Published – July 2022

Amendment is in progress

ISO/IEC 23053:2022

ISO/IEC

Framework

Framework for AI Systems Using ML

Published – June 2022

ISO/IEC 38507:2022

ISO/IEC

Guideline

Governance implications of the use of artificial intelligence by organizations

Published – Apr 2022

ISO/IEC 27701

ISO/IEC

Framework

Privacy Information Management – extension to ISO/IEC 27001

Published – Aug 2019

IEC 62243:2012

IEC

Standard

Artificial Intelligence Exchange and Service Tie to All Test Environments (AI-ESTATE)

Published – Jun 2012

ISO/IEC DIS 5259-1

ISO/IEC

Vocabulary / Terminology / Taxonomy

Data quality for analytics and machine learning

Under Development

 ISO/IEC CD 12792

ISO/IEC

Vocabulary / Terminology / Taxonomy

AI Transparency Taxonomy

Under Development

ISO/IEC TR 27563:2023

ISO/IEC

Technical Report

Use Cases – Security & Privacy in AI

Published – May 2023

ISO/IEC TR 24368:2022

ISO/IEC

Technical Report

overviews of ethical and societal considerations

Published – Aug 2022

ISO/IEC TR 24372:2021

ISO/IEC

Technical Report

Overview of computational approaches for AI systems

Published – Dec 2021

ISO/IEC TR 24027:2021

ISO/IEC

Technical Report

Bias in AI systems and AI aided decision making

Published – Nov 2021

ISO/IEC TR  24030:2021

ISO/IEC

Technical Report

AI Use Cases

Published – May 2021- being revised to ISO/IEC DTR 24030

ISO/TR 24291:2021

ISO/IEC

Technical Report

Applications of ML in Imaging and Medical Applications

Published – Mar 2021

ISO/TR 22100-5:2021

ISO/IEC

Technical Report

Safety of machinery
Relationship with ISO 12100
Part 5: Implications of artificial intelligence machine learning

Published – Jan 2021

ISO/IEC TR 24028:2020

ISO/IEC

Technical Report

Overview of trustworthiness in artificial intelligence

Published – May 2020

ISO/IEC 4213:2022

ISO/IEC

Technical Report

Assessment of machine learning classification performance

Published – Oct 2022

ISO/IEC DTS 25058

ISO/IEC

Technical Specification

Guidance for Quality of AI

Under Publication – 60.00

ISO/IEC TS 12791

ISO/IEC

Technical Specification

Unwanted Bias
Treatment of unwanted bias in classification and regression machine learning tasks

Under Development
Stage: 50.20

ISO/IEC CD TS 8200

ISO/IEC

Technical Specification (DTS)

Controllability of automated AI systems

Under Development

                                                                                                                                                                                                                                                                                                                                                                                                (Stage as of 31st Dec 2023)

Conclusion:

Standards play a pivotal role in implementing strong mechanisms throughout the entire process of planning, establishing an organization, designing, building, assessing, deploying, and continuously monitoring AI systems within an organization. The combination of standards, architectural and technical frameworks, tools, as well as adherence to governing laws and regulations, collectively contributes to the development of resilient, ethical AI solutions that not only benefit humanity at large but also enhance productivity and foster innovation. It is an exciting time and we look forward to development in the area of standards in the coming years.

Acknowledgements:

ISO.Org, AiThougts.Org, AI Standards.org

Insights into AI Landscape – A Preface

AI Landscape and Key Areas of Interest

The AI landscape encompasses several crucial domains, and it’s imperative for any organization aiming to participate in this transformative movement to grasp these aspects. Our objective is to offer our insights and perspective into each of these critical domains through a series of articles on this platform.

We will explore key topics each area depicted in the diagram below.

1.      Standards, Framework, Assurance: We will address the upcoming International Standards and Frameworks, as well as those currently in effect. Significant efforts in this area are being undertaken by international organizations like ISO, IEEE, BSI, DIN, and others to establish order by defining these standards. This also encompasses Assurance frameworks, Ethics frameworks, and the necessary checks and balances for the development of AI solutions. It’s important to note that many of these frameworks are still in development and are being complemented by Regulations and Laws. Certain frameworks related to Cybersecurity and Privacy Regulations (e.g., GDPR) are expected to become de facto reference points. More details will be provided in the forthcoming comprehensive write-up in Series 1.

2.      Legislations, Laws, Regulations: Virtually all countries have recognized the implications and impact of AI on both professional and personal behavior, prompting many to work on establishing fundamental but essential legislations to safeguard human interests. This initiative began a couple of years ago and has gained significant momentum, especially with the introduction of Generative AI tools and platforms. Europe is taking the lead in implementing legislation ahead of many other nations, and countries like the USA, Canada, China, India, and others are also actively engaged in this area. We will delve deeper into this topic in Series 2.

3.      AI Platforms & Tools: AI Platforms and Tools: An array of AI platforms and tools is available, spanning various domains, including Content Creation, Software Development, Language Translation, Healthcare, Finance, Gaming, Design/Arts, and more. Generative AI tools encompass applications such as ChatGpt, Copilot, Dall-E2, Scribe, Jasper, etc. Additionally, AI chatbots like Chatgpt, Google Bard, Microsoft AI Bing, Jasper Chat, and ChatSpot, among others, are part of this landscape. This section will provide insights into key platforms and tools, including open-source options that cater to the needs of users.

4.      Social Impact:  AI Ethics begins at the strategic planning and design of AI systems. Various frameworks are currently under discussion due to their far-reaching societal consequences, leading to extensive debates on this subject. Furthermore, it has a significant influence on the jobs of the future, particularly in terms of regional outcomes, the types of jobs that will emerge, and those that will be enhanced or automated. The frameworks, standards, and legislations mentioned earlier strongly emphasize this dimension and are under close scrutiny. Most importantly, it is intriguing to observe the global adoption of AI solutions and whether societies worldwide embrace them or remain cautious. This section aims to shed light on this perspective.

5.      Others: Use Cases and Considerations:  In this Section, we will explore several use cases and success stories of AI implementation across various domains. We will also highlight obstacles in the adoption of AI, encompassing factors such as the pace of adoption, the integration of AI with existing legacy systems, and the trade-offs between new solutions and their associated costs and benefits.  We have already published a recent paper on this subject, and we plan to share more insights as the series continues to unfold.

AIML Solutions : Security Considerations

Preface

AI-ML solutions have now become integral part of IT Enabled solutions provided to the businesses.

We examined various life cycle stages including conventional SDLC, which are not entirely suited for data science projects due to its broader scope, experimentation nature, data dependency, creative yet often chaotic, non-linear process, and relatively intangible deliverable (in the form of knowledge, insight).

We also examined DevOps, DevSecOps practices that help repeatability &  provides an overarching ecosystem to continuously build and deploy solutions in a systematic manner. Also, there are the MLOPS practices that cater to the requirements of  building and deploying AIML solutions in the production, in systematic & secured manner. This ecosystem supports continuous experimentation, learn, build, deploy, monitor on the larger scale.

In this part, we discuss the elements of AIML CICD life cycle stages, with key security considerations at every stage. Intent, eventually, is to build a set of practices/processes that will help an organization to securely build & maintain AIML solutions consistently. Towards later half of this write-up, we touch base on overall AIML operations ecosystem, that is essential in building, maintaining and monitoring AIML Solutions.

In subsequent write-ups, we will deal in more details on each of the areas mainly –  planning, effective Testing, Performance Management, Maintenance and currency of  the solutions,  Maturity mechanisms  etc. This will include developing an overall ecosystem comprising of legacy solutions and AIML Solutions and an overall transformation into such ecosystem.

 

AIML CICD Life Cycle 

Below is a high level  functional representation of standard life cycle stages that AIML Projects will adopt in order to deliver an appropriate solution, in a consistent & secured manner. The diagram below illustrates few key security considerations in ML CICD cycle. (More details are available in the table following this diagram).

As depicted in diagram, the AIML Life Cycle typically has  following Lifecycle stages.

It may vary for different models (Supervised or Unsupervised) or  other techniques such as NLP, Deep Learning and so on.

  1. Problem Definition – Define the problem, stakeholders, environment, what data is available, what are the goals and performance expectations
  2. Data Build – caters to data collection, collation, Annotation – building data pipeline
  3. Model Train, build – Feature Engineering, Model Building, Testing – building model pipeline
  4. Test – Evaluation, Validation or Quality Assurance or testing of the model before deploying
  5. Integrate and Release – Freeze code baseline, Baseline versioning, Release Notes, Release Infra readiness
  6. Deployment – Deploying the Model into the Production – independently or integrated with other applications, as decided by the serving mechanism
  7. Model Serving – Serving mechanism, Serving performance, Adjustments,
  8. Monitoring – Monitoring the performance throughout the life cycle, fine tuning, adjusting or retiring the model basis performance of the model and change in the overall ecosystem

The following section describes briefly, for each stage, the typical tasks that are performed, expected output for that stage and more importantly, security considerations that may be employed for the stage.

Life Cycle Stages – Key Tasks, Output and Security Considerations

Stage

Tasks

Output

Security Considerations

Problem Definition

Brainstorm problems, define
Boundaries, goals, thresholds
Define data sources, type, frequency
define ideal outcome, visualization, usage
Define metrics, success-failures
Define resources
Methodology, proposed models that will be used
Define an overall implementation Project Plan
Evaluate threats, vulnerabilities, remedies

Clearly laid out problem statement, defined data needs, ideal outcome, Infra needs, resource competency, measures of success and goals
Clearly defined Project Plan -defining timelines, schedule, cost, delivery artefacts, release schedule
Threat Management Plan (RATP)

Identify Vulnerabilities, possible attack scenarios, probable risks to the data, Model, Infra and overall system, defining probable mitigation actions – creating an RATP (Risk Analysis and Treatment Plan)

Data build

Collect /Ingest data – from sources
Cleanse – missing, improper values, outliers,
Transform – Labelling, Annotating, Feature Engineering – devise features,  build/extract features, select features
Analyzing – for meaningful, completeness, fairness etc
Build training, Validation, Test Data repositories
Verify data & Data building scripts – static code analysisT

Check for Data biasness

Define data coverage, Prediction Accuracy rule / thresholds

Study data patterns, statistical analysis in order to decide appropriate model

Labelled, Annotated data with explicit features identified
Training, Validation and Test Data Repositories
Vulnerabilities in data, features and data build scripts

Databased, API, Features, Infra, Data in transformation
Data formation, transformation scripts are analysed using static code analysers
Data Privacy (such as GDPR, HIPAA) compliance requirements??

Model Build

Select Appropriate Model/s
Build Model/s by defining a model Pipeline (Code, Unit Test, Security test)
Train Model/s with the training data (will include data pipeline)
Evaluate  with the validation data
Refine Model/s as required
Containerize (Build Package) all into image / build file
Unit test
Store artefacts into artefact repository
Store Version of the model code
Static code analysis

Simulation of run time behaviour – where possible

Trained, Evaluated Model(s)
Container Package
Unit test reports
Training, Evaluation metrics, Reports
Version controlled artefacts – Code, Data, Evaluation reports
Static code analysis report

Application code scans to identify security risks to Software, Libraries, containers & other artefacts and to ensure code coverage and adherence to coding standards – using SAST Tools
Analyses Source Code, Byte Code, binaries
Separate Secure build, Staging, production environments

Test

Deployment on Staging
Model Evaluation with Test Data (Testing with fraud data, data injection tests)
Integration Test
UI Test
API testing
Penetration Test
Model Bias Validation
Test defect remediation
Model Refinement

Test Reports
Remediation Reports
Tested Model(s)

Performing Black Box testing, using DAST tools
Memory consumption, Resource usage, encryption algorithm, privileges, cross-site scripting, SQL injections, third party interfaces, Cookie manipulations etc
Test data Security / anomalies testing,
Model Bias Evaluation

Int. & Release

Freeze Code, Feature List
Appropriate Configuration, versioning of all artefacts
Release Notes creation

Code, Feature list
Release Notes

 

Deploy

Perform Security Audit, remediation
Deployment on Production
Test on deployment (Smoke testing)
Vulnerability testing for Containers??

Infra-as-code automation scripts verification

Release Deployed on Production
Security Audit reports
Smoke test reports

Infra-as-a-code automation run reports

Infrastructure Security –
Scan Infrastructure-as-Code Templates
Scan Kubernetes Application Manifests
Scan Container Images
Scan Model Algorithms on production, Versions from Staging to Production

Operate (Model Serving)

Monitor Model Performance on live data – Alerts, KPIs, Under/Over fitting, prediction accuracy etc
Learn and refine Model as required
Remove, Retire Models are required
Monitor the integrated functionality
Security Events Management
Monitor triggers, alarms, error logs
Remediation as per SOP – incident management, Automatic event handler

Model Performance Reports, KPIs performance reports
Incidents, events managed, addressed,
Change Management on Models,
Refined Models and artefacts
including list of models removed / Retired

Model Security, Data Security, API Security, Infrastructure Security, Pipeline Security, Output / UI Security


As evident, it is important to plan for security checks right from the beginning and at every stage in order to build an overall secure and unbiased AIML Solutions.

MLOPS – An Ecosystem

While the above section describes life cycle stages of AIML development projects, an Overall MLOps Ecosystem provides for environments/areas for experimenting, building, continuously training, data management, continuously evaluating,  integrating with other applications, deploying (stand alone as micro service or integrated with other customer applications), as represented in the functional diagram below.

 

MLOPS Ecosystem

Typical areas covered are:

  • Requirement Management – Managing frequent requirements / Problem definition – especially for new requirements and the feed that comes for existing models from production serving and new data that might be available
  • Model Development – that includes experimentation, research, development, evaluation and go-no-go decisions, overall model security
  • Data, Feature Management – overall data estate management, management of overall data pipeline, managing meta data related to models, scripts for building data instance and features, overall data security
  • Continuous Training – this environment provides continuous training for existing and newly built models,
  • Continuous evaluation – mechanisms to evaluate models while building or refining, testing the efficacy of the model with test and real data
  • Continuous Deployment – Systematic process & pipelines for Continuous integration and deployment
  • Serving Management – Manage the production serving, verifying methods of serving, capturing results of serving, tuning and refining as required
  • Continuous Monitoring & Improvement – Monitor the health of models, additions or changes to data behaviour, continuously improvement model performance and remove/ retire models as required
  • Repository/Registry Management- Managing overall repositories for Model, Data, Features, pipelines etc. This includes establishing overall version control, baseline traceability and encourage reuse

Following are the examples of outcome from these areas:

  • Models experimented, Data Sets used, Reusable assets, Model code/package/Containers
  • Data Pipeline, Data assets, Features, data connectors
  • Training, Testing data, Training environments, ML Accelerators,
  • Serving Packages, Serving Logs
  • Evaluation metrics, Performance models, Fairness / biasness measurements
  • Overall repository, registry of the models – experimented models, failed / discarded models, metadata,
  • Overall repository of data – reusable data sets, features, ETL scripts,
  • Other artefacts – Code packages, containers, Infra as a code

AIML CICD (along with the security considerations) mentioned in early part of this blog, therefore, becomes part  of this overall ecosystem. This ecosystem plays an important role in managing overall assets generated across multiple AIML Solutions across the life of the solutions.

 

References

  •         Practitioners guide to MLOps: A framework for continuous delivery and automation of machine learning by Google

 

  •         DEVOPS – Secure and Scalable CI/CD pipelines with AWS