Last month, Sen Warner (D,VA) introduced S 4230, the Secure Artificial Intelligence (Secure A.I.) Act of 2024. The bill would provide for voluntary reporting and tracking of AI security and safety incidents. It would require updating of the Common Vulnerabilities and Exposures Program to better include AI vulnerabilities. It would also establish within the NSA’s Cybersecurity Collaboration Center an AI security center. No new funding is authorized by this bill.
Moving Forward
Neither Warner nor his sole cosponsor {Sen Tillis (R,NC)} are members of the Senate Commerce, Science, and Technology Committee to which this bill was assigned for consideration. This means that there is not likely enough influence to see this bill considered in Committee. I suspect that there would be some level of bipartisan support for this legislation were it to be considered. Unfortunately, like most proposed legislation, this bill is not politically important enough for the Senate to take up the bill under regular order. This leaves the unanimous consent process, which allows a single Senator to stop consideration, or add the language in the bill as an amendment to some more politically important legislation. Both processes are very iffy.
Commentary
As more control system vendors are offering AI enhanced systems to control operational technology (OT), safety and security of such AI enhanced systems is becoming more important. The second part of the definition of ‘artificial intelligence safety incident’ clearly attempts to address OT use of AI. Unfortunately, there is not equivalent OT language in the definition of ‘artificial intelligence security incident’. I would add a new §2(2)(C):
“(C) the ability
of a third party to manipulate an artificial intelligence system in order to
cause the loss of view, or the of loss of control of an operational control
system.”
For more information on the provisions of this bill, see my
article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/s-4230-introduced
- subscription required.
No comments:
Post a Comment