New global standard aims to build security around large language models

Abstract graphic of data cubes with binary background

blackdovfx/Getty Images

A new global standard has been released to help organizations manage the risks of integrating large language models (LLMs) into their systems and address the ambiguities around these models. 

The framework offers guidelines for different phases across the lifecycle of LLMs, spanning “development, deployment, and maintenance,” according to the World Digital Technology Academy (WDTA), which released the document on Friday. The Geneva-based non-government organization (NGO) operates under the United Nations and was established last year to drive the development of standards in the digital realm. 

Also: Understanding RAG: How to integrate generative AI LLMs with your business knowledge

“The standard emphasizes a multi-layered approach to security, encompassing network, system, platform and application, model, and data layers,” WDTA said. “It leverages key concepts such as the Machine Learning Bill of Materials, zero trust architecture, and continuous monitoring and auditing. These concepts are designed to ensure the integrity, availability, confidentiality, controllability, and reliability of LLM systems throughout their supply chain.”

Dubbed the AI-STR-03 standard, the new framework aims to identify and assess challenges with integrating artificial intelligence (AI) technologies, specifically LLMs, within current IT ecosystems, WDTA said. This is essential as these AI models may be used in products or services operated fully or partially by third parties, but not managed by them. 

Also: Business leaders are losing faith in IT, according to this IBM study. Here’s why

Security requirements related to the system structure of LLMs — referred to as supply chain security requirements, encompass requirements for the network layer, system layer, platform and application layer, model layer, and data layer. These ensure the product and its systems, components, models, data, and tools are protected against tampering or unauthorized replacement throughout the lifecycle of LLM products. 

WDTA said this involves the implementation of controls and continuous monitoring at each stage of the supply chain. It also addresses common vulnerabilities in middleware security to prevent unauthorized access and safeguards against the risk of poisoning training data used by engineers. It further enforces a zero-trust architecture to mitigate internal threats. 

Also: Safety guidelines provide necessary first layer of data protection in AI gold rush

“By maintaining the integrity of every stage, from data acquisition to supplier deployment, consumers using LLMs can ensure the LLM products remain secure and trustworthy,” WDTA said. 

LLM supply chain security requirements also address the need for availability, confidentiality, control, reliability, and visibility. These collectively work to ensure data transmitted along the supply chain is not disclosed to unauthorized individuals, ultimately establishing transparency, so consumers understand how their data is managed. 

It also provides visibility of the supply chain so, for instance, if a model is updated with new training data, the status of the AI model — before and after the training data was added — is properly documented and traceable. 

Addressing ambiguity around LLMs

The new framework was drafted and reviewed by a working group that comprises several tech companies and institutions, including Microsoft, Google, Meta, Cloud Security Alliance Greater China Region, Nanyang Technological University in Singapore, Tencent Cloud, and Baidu. According to WDTA, It is the first international standard that attends to LLM supply chain security. 

Also: Transparency is sorely lacking amid growing AI interest

International cooperation on AI-related standards is increasingly crucial as AI continues to advance and impact various sectors worldwide, the WDTA added. 

“Achieving trustworthy AI is a global endeavor, demanding the creation of effective governance tools and processes that transcend national borders,” the NGO said. “Global standardization plays a crucial role in this context, providing a key avenue for promoting alignment on best practice and interoperability of AI governance regimes.”

Also: Enterprises will need AI governance as large language models grow in number

Microsoft’s technology strategist Lars Ruddigkeit said the new framework does not aim to be perfect but provides the foundation for an international standard. 

“We want to establish what is the minimum that must be achieved,” Ruddigkeit said. “There’s a lot of ambiguity and uncertainty currently around LLMs and other emerging technologies, which makes it hard for institutions, companies, and governments to decide what would be a meaningful standard. The WDTA supply chain standard tries to bring this first road to a safe future on track.”

READ MORE HERE