Re: [Rats] ETSI Specification group on Securing Artificial Intelligence
"Diego R. Lopez" <diego.r.lopez@telefonica.com> Tue, 08 October 2019 06:29 UTC
Return-Path: <diego.r.lopez@telefonica.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CF5CB120074 for <rats@ietfa.amsl.com>; Mon, 7 Oct 2019 23:29:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.992
X-Spam-Level:
X-Spam-Status: No, score=-1.992 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, T_FILL_THIS_FORM_SHORT=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=telefonica.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id upGS1PbSPEjY for <rats@ietfa.amsl.com>; Mon, 7 Oct 2019 23:29:41 -0700 (PDT)
Received: from EUR01-HE1-obe.outbound.protection.outlook.com (mail-eopbgr130110.outbound.protection.outlook.com [40.107.13.110]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4B28412000F for <rats@ietf.org>; Mon, 7 Oct 2019 23:29:41 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=hA6Tk18BvNjo+Lz2dqADtm72xwM2gTUZarzPGTL2z5PGXucpiakOCGo4N7LDRbvbj4rolDe0R1tw3at2CwFMAdORU2st8SZ9ynYvemHVGtiNVPAIIxVA/kCLByB7ICcorXKZpWwEWQHpctRpxjzbYitrOr7Mtw5xC5VKzA/wEZM17355LLaGcPLtLSIIgD9myrLtgNEzqUSrZH3Tw/C/Y5J5/ivvSXHq0GKupKWcwEs4wI6RVNF+lRbBT31uWVu+BAxupFrlWxD+Sz7P7jqViY1i/QGlTbLijRvQxN2CkS6YQC1HEvacwqNvwOh7FRQi2xssSzxvko1u5l2RZWdcXw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=aiJLZ3FowXMCMuHdP/GxJdd6sS5xABLuqcuY5fPpO0w=; b=giEcXhTEBLK35QyMK4ghIeaJAUCVD0zMypTCqB2nIBYQMSUoBQ4TsC0xp9TqBvkPwlybfHCXR1oj383Q79mR/7zABNpD+5JBT+hFHEXKnOR9yVd6EFXrUlEW7DQNZRDWLrJh/8d4+t1IzgUg389wuQRjY41nKi2n6fXDIAxo7eYcM7NJD3FzI3LHeXthYnWvrJaC2nnj1l90D+9QeCNRqD70BcTKo8RpR0sSakQhVDcg+z3hPbMykSCtTazlSzlDdHtWrdj94BnRzhD4pVzGOA/GAvxVFiVZmDQUkuxGNLT1G3x+X3WNXcbAh5feAuwe7Lz99NI08jMn8BdpzTg8tQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=telefonica.com; dmarc=pass action=none header.from=telefonica.com; dkim=pass header.d=telefonica.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=telefonica.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=aiJLZ3FowXMCMuHdP/GxJdd6sS5xABLuqcuY5fPpO0w=; b=wIkFRTLDKed1PYzvb38B/Di7DzA+ovNWvXIB/3x+kQKzGfKukYpXlBuc45gxnf21beO1TBBC3ZfhiBexu9dqsHMHqBrkHM++tqzwVH8akei+A8Xzm55TCr7GwUNuRdhR9uXXRwXaSriiEv9Z+9W+hTRRBOV2accapiCevrg2LFs=
Received: from DB3PR0602MB3788.eurprd06.prod.outlook.com (52.134.70.148) by DB3PR0602MB3739.eurprd06.prod.outlook.com (52.134.71.15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2327.25; Tue, 8 Oct 2019 06:29:38 +0000
Received: from DB3PR0602MB3788.eurprd06.prod.outlook.com ([fe80::9d2e:16e6:f054:a752]) by DB3PR0602MB3788.eurprd06.prod.outlook.com ([fe80::9d2e:16e6:f054:a752%7]) with mapi id 15.20.2327.026; Tue, 8 Oct 2019 06:29:38 +0000
From: "Diego R. Lopez" <diego.r.lopez@telefonica.com>
To: Michael Richardson <mcr+ietf@sandelman.ca>, "rats@ietf.org" <rats@ietf.org>
Thread-Topic: [Rats] ETSI Specification group on Securing Artificial Intelligence
Thread-Index: AQHVehdswcjlcskFsEijZBGwm6RuKKdQWQIA
Date: Tue, 08 Oct 2019 06:29:38 +0000
Message-ID: <C7886565-D8F9-4462-931D-7427804F4345@telefonica.com>
References: <14767.1570126937@dooku.sandelman.ca>
In-Reply-To: <14767.1570126937@dooku.sandelman.ca>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.10.e.190909
authentication-results: spf=none (sender IP is ) smtp.mailfrom=diego.r.lopez@telefonica.com;
x-originating-ip: [95.127.226.10]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 8ab34122-4cfd-4e98-4d4d-08d74bb8e52c
x-ms-office365-filtering-ht: Tenant
x-ms-traffictypediagnostic: DB3PR0602MB3739:
x-ms-exchange-purlcount: 4
x-microsoft-antispam-prvs: <DB3PR0602MB3739150C8DF928A880DC42C3DF9A0@DB3PR0602MB3739.eurprd06.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 01842C458A
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(4636009)(346002)(39860400002)(376002)(396003)(136003)(366004)(40134004)(199004)(189003)(40154002)(33656002)(305945005)(6306002)(99286004)(14444005)(7736002)(6436002)(2501003)(229853002)(36756003)(6486002)(6512007)(66574012)(5660300002)(14454004)(45080400002)(478600001)(25786009)(66066001)(8936002)(256004)(81166006)(81156014)(966005)(8676002)(6246003)(76176011)(2616005)(486006)(476003)(446003)(11346002)(316002)(786003)(102836004)(58126008)(86362001)(110136005)(15974865002)(26005)(6506007)(6116002)(3846002)(2906002)(71190400001)(71200400001)(186003)(66446008)(64756008)(66556008)(66476007)(66946007)(76116006)(91956017); DIR:OUT; SFP:1102; SCL:1; SRVR:DB3PR0602MB3739; H:DB3PR0602MB3788.eurprd06.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: telefonica.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: dCg4ABIfCVt/OBIr+D9XAxnNlayVoUTq/rIZhaDflUJ5NbAlMQ3+6GLXiCKroqE85/MUe88CEqWRWdyV1qtAJfwlsJ51y8XJdEXNbkywEMsCG5lJOU2suxCYEjaeTK6EILGWaTNmbbw4zkZfCC1uRMllRWzQq77GcRc6b7Q0qkRIlhXROsQqG5CQHlbTOlOmVWwgAiWiwYAcPrDOl2PxNXJBynxnEtUN8QG1DY55TM1jKhJJnq2Yj0i3Mcs68XbEPpzPFjVIsciGMQBrvKO1kORVeyU7KFJmJXUMbA3F+gCd28isOVhL5io2EY6NKv2mHD5rF+V5GxWEC4U9ere6YtsxI8tUAC+zEitaVgRT23oxjDjdmcLKYWpaFY6J0acFNRJXiMhyu8ymM2fdamtMm2rBy0m/R4p/OBNlesgEKNefNqOBcQyzSelu1N+/sukS6dNsxEgi62HQVKeUfIplVg==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <090B730DD631D14CA608BDE621C32BC4@eurprd06.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: telefonica.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 8ab34122-4cfd-4e98-4d4d-08d74bb8e52c
X-MS-Exchange-CrossTenant-originalarrivaltime: 08 Oct 2019 06:29:38.5504 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 9744600e-3e04-492e-baa1-25ec245c6f10
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: cu8kIHiqBcEVJUbiknBzygp6JXTf+d5TIhf/ocZhGMVKKAxIuit+QbvPBXBY3p8Z4CsZiUsrjbmvdknAIJ1WzvRqr7yimyutHQIjdYU8cFQ=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB3PR0602MB3739
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/YqelasvdMR2LI0PrA3DVTnz6AxQ>
Subject: Re: [Rats] ETSI Specification group on Securing Artificial Intelligence
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote Attestation Procedures <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Oct 2019 06:29:45 -0000
Hi, I have been somehow involved in the shaping of both SAI and RATS, and happy to be of any help if required... Be goode, -- "Esta vez no fallaremos, Doctor Infierno" Dr Diego R. Lopez Telefonica I+D https://www.linkedin.com/in/dr2lopez/ e-mail: diego.r.lopez@telefonica.com Tel: +34 913 129 041 Mobile: +34 682 051 091 ---------------------------------- On 03/10/2019, 20:21, "RATS on behalf of Michael Richardson" <rats-bounces@ietf.org on behalf of mcr+ietf@sandelman.ca> wrote: {via a circuitous path, this came to me. There have been use cases proposed for TEEP and RATS that relate to protecting Machine Learning algorithms. I'm wondering if there are any liasons to this ETSI ISG which might want to more clearly articulate the RAGTS use case} ---- ETSI announce the creation of a new Industry Specification Group on Securing Artificial Intelligence (ISG SAI). The group will develop technical specifications to mitigate threats arising from the deployment of AI throughout multiple ICT-related industries. This includes threats to artificial intelligence systems from both conventional sources and other AIs. The ETSI Securing Artificial Intelligence group was initiated to anticipate that autonomous mechanical and computing entities may make decisions that act against the relying parties either by design or as a result of malicious intent. The conventional cycle of networks risk analysis and countermeasure deployment represented by the Identify-Protect-Detect-Respond cycle needs to be re-assessed when an autonomous machine is involved. The intent of the ISG SAI is therefore to address 3 aspects of artificial intelligence in the standards domain: * Securing AI from attack e.g. where AI is a component in the system that needs defending * Mitigating against AI e.g. where AI is the ‘problem’ or is used to improve and enhance other more conventional attack vectors * Using AI to enhance security measures against attack from other things e.g. AI is part of the ‘solution’ or is used to improve and enhance more conventional countermeasures. The purpose of the ETSI ISG SAI is to develop the technical knowledge that acts as a baseline in ensuring that artificial intelligence is secure. Stakeholders impacted by the activity of ETSI’s group include end users, manufacturers, operators and governments. Three main activities will be undertaken and confirmed during the first meeting of the group. 1) *AI Threat Ontology *Currently, there is no common understanding of what constitutes an attack on AI and how it might be created, hosted and propagated. The work to be undertaken here will seek to define what would be considered an AI threat and how it might differ from threats to traditional systems. Hence, the AI Threat Ontology specification seeks to align terminology across the different stakeholders and multiple industries. ETSI specifications will define what is meant by these terms in the context of cyber and physical security and with a narrative that should be readily accessible to all. This threat ontology will address AI as system, attacker and defence. 2) *Securing AI Problem Statement *This specification will be modelled on the ETSI GS NFV-SEC 001 “Security Problem Statement” which has been highly influential in guiding the scope of ETSI NFV and enabling “security by design” for NFV infrastructures. It will define and prioritize potential AI threats along with recommended actions. The recommendations contained in this specification will be used to define the scope and timescales for the follow-up work. 3) *Data Supply Chain Report *Data is a critical component in the development of AI systems, both raw data, and information and feedback From other AI systems and humans in the loop. However, access to suitable data is often limited, causing a need to resort to less suitable sources of data. Compromising the integrity of data has been demonstrated to be a viable attack vector against an AI system. This report will summarize the methods currently used to source data for training AI, along with a review of existing initiatives for developing data sharing protocols and analyse requirements for standards for ensuring integrity in the shared data, information and feedback, as well as the confidentiality of these. The founding members of the new ETSI group include BT, Cadzow Communications, Huawei Technologies, NCSC and Telefónica. The first meeting of ISG SAI will be held in Sophia Antipolis on 23 October. Come and join to shape the future path for secure artificial intelligence! *Contact *Claire Boyer Mob: +33 (0)6 87 60 84 40 Email: claire.boyer@etsi.org <mailto:claire.boyer@etsi.org> -------- Weitergeleitete Nachricht -------- Betreff: [ISG_SAI] Press release: ETSI launches specification group on Securing Artificial Intelligence Datum: Wed, 2 Oct 2019 08:47:01 +0000 Von: Sonia Compans <Sonia.Compans@ETSI.ORG> Antwort an: ISG_SAI Securing Artificial Intelligence <ISG_SAI@LIST.ETSI.ORG> An: ISG_SAI@LIST.ETSI.ORG Dear SAI, We launched the press release announcing the ISG creation. Do not hesitate to forward https://www.etsi.org/newsroom/press-releases/1650-2019-10-etsi-launches-specification-group-on-securing-artificial-intelligence Sonia *Sonia Compans****–*Technical Officer *ETSI*● www.etsi.org <http://www.etsi.org/> ●_sonia.compans@etsi.org <mailto:sonia.compans@etsi.org>_ Phone: +33 (0)4 92 94 43 36 ●Mobile: +33 (0)6 67 15 58 49 Watch the new ETSI video _Cybersecurity: join the players <https://youtu.be/H7pTWOVX0dg>_ ** <https://youtu.be/H7pTWOVX0dg>** This email may contain confidential information and is intended for the use of the addressee only. Any unauthorized use may be unlawful. If you receive this email by mistake, please advise the sender immediately by using the reply facility in your email software. Thank you for your co-operation.** ________________________________ Este mensaje y sus adjuntos se dirigen exclusivamente a su destinatario, puede contener información privilegiada o confidencial y es para uso exclusivo de la persona o entidad de destino. Si no es usted. el destinatario indicado, queda notificado de que la lectura, utilización, divulgación y/o copia sin autorización puede estar prohibida en virtud de la legislación vigente. Si ha recibido este mensaje por error, le rogamos que nos lo comunique inmediatamente por esta misma vía y proceda a su destrucción. The information contained in this transmission is privileged and confidential information intended only for the use of the individual or entity named above. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this transmission in error, do not read it. Please immediately reply to the sender that you have received this communication in error and then delete it. Esta mensagem e seus anexos se dirigem exclusivamente ao seu destinatário, pode conter informação privilegiada ou confidencial e é para uso exclusivo da pessoa ou entidade de destino. Se não é vossa senhoria o destinatário indicado, fica notificado de que a leitura, utilização, divulgação e/ou cópia sem autorização pode estar proibida em virtude da legislação vigente. Se recebeu esta mensagem por erro, rogamos-lhe que nos o comunique imediatamente por esta mesma via e proceda a sua destruição
- [Rats] ETSI Specification group on Securing Artif… Michael Richardson
- Re: [Rats] ETSI Specification group on Securing A… Diego R. Lopez