TECHNICAL ISO/IEC TR REPORT 24028 First edition 2020-05 Information technology — Artificial intelligence — Overview of trustworthiness in artificial intelligence Technologies de l'information — Intelligence artificielle — Examen d'ensemble de la fiabilité en matière d'intelligence artificielle iTeh STANDARD PREVIEW (standards.iteh.ai) ISO/IEC TR 24028:2020 https://standards.iteh.ai/catalog/standards/sist/232a318a-44eb-42a2-9b73- 197a06fd04a1/iso-iec-tr-24028-2020 Reference number ISO/IEC TR 24028:2020(E) © ISO/IEC 2020 ISO/IEC TR 24028:2020(E) iTeh STANDARD PREVIEW (standards.iteh.ai) ISO/IEC TR 24028:2020 https://standards.iteh.ai/catalog/standards/sist/232a318a-44eb-42a2-9b73- 197a06fd04a1/iso-iec-tr-24028-2020 COPYRIGHT PROTECTED DOCUMENT © ISO/IEC 2020 All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below or ISO’s member body in the country of the requester. ISO copyright office CPPhone: 401 +41• Ch. 22 de 749 Blandonnet 01 11 8 CH-1214 Vernier, Geneva Fax:Website: +41 22www.iso.org 749 09 47 Email: [email protected] iiPublished in Switzerland © ISO/IEC 2020 – All rights reserved ISO/IEC TR 24028:2020(E) Contents Page Foreword ..........................................................................................................................................................................................................................................v Introduction ................................................................................................................................................................................................................................vi 1 Scope ................................................................................................................................................................................................................................. 1 2 Normative references ...................................................................................................................................................................................... 1 3 Terms and definitions ..................................................................................................................................................................................... 1 4 Overview ....................................................................................................................................................................................................................... 7 5 Existing frameworks applicable to trustworthiness ....................................................................................................... 7 ................................................................................................................................................................................................ 7 ...................................................................................................................................................... 8 5.1 Background ............................................................................................... 8 5.2 Recognition of layers of trust ...........................................................................................................................................10 5.3 Application of software and data ............................................................................................................................................. quality standards 10 5.4 Application of risk management 6 Stakeholders ..........................................................................................................................................................................................................11 5.5 Hardware-assisted approaches ................................................................................................................................................................................11 .............................................................................................................................................................................................................12 6.16.3 GeneralAssets ........................................................................................................................................................................................................... concepts 12 6.2 Types ........................................................................................................................................................................................................... 13 7 Recognition of high-level concerns ................................................................................................................................................13 6.4 Values iTeh STANDARD PR ........................................................................................................EVIEW 13 ............................................................................................................................................................................................................ 14 7.1 Responsibility, accountability(standa andrd governances.iteh.ai) 8 Vulnerabilities, threats and challenges .....................................................................................................................................14 7.2 Safety ........................................................................................................................................................................................................ISO/IEC TR 24028:2020 14 https://standards.iteh.ai/catalo ........................................................................................................................................................g/standards/sist/232a318a-44eb-42a2-9b73- 15 8.1 General ...................................................................................................................................................................................197a06fd04a1/iso-iec-tr-24028-2020 15 8.2 AI specific security threats ................................................................................................................................................................15 8.2.1 General ......................................................................................................................................................15 8.2.2 Data poisoning .................................................................................................................................................................16 8.2.3 Adversarial attacks .....................................................16 8.2.4 Model stealing ..........................................................................................................................................................16 8.2.5 Hardware-focused................................................................................................................................................................................... threats to confidentiality and integrity 16 8.3 AI specific privacy threats .............................................................................................................................................................16 8.3.1 General .............................................................................................................17 8.3.2 Data acquisition ......................................................................................................................................................................17 8.3.3 ................................................................................................................................................................................................................. Data pre-processing and modelling 17 8.3.4 Model query ..................................................................................................................................................................................17 8.4 Bias .............................................................................................................................................................................................18 8.5 Unpredictability ........................................................................................18 8.6 Opaqueness ................................................................................19 8.7 Challenges related to the specification of AI................................................................................................................... systems 19 8.8 Challenges8.8.2 Modelling related .............................................................................................................................................................................to the implementation of AI systems 19 8.8.1 Data acquisition ................................................................................................................................................................. and preparation 21 ............................................................................................................................................................21