Abstract: Cybersecurity ensures the trustworthy and reliable functioning of digital systems. Currently, companies spend about 10% of their IT budget on cybersecurity. Thus, security and threat modelling become increasingly relevant also for technologies in artificial intelligence. However, existing AI threat models have faced criticism regarding their practicality. Common issues include, but are not limited to, unrealistic assumptions, a focus on isolated models rather than full AI pipelines, and perturbation techniques that lack real-world applicability.

To address these gaps, one approach is to measure how AI systems are deployed in practice and assess their exposure to known attack vectors. An orthogonal strategy involves collecting empirical data on real-world AI incidents through systematic reporting. Lastly, AI applications can be threat modelled from the earliest stages. To this end, we examine a real-world application of AI, the electric grid, and review caveats and implications for AI security.

Dr. Kathrin Grosse