Google has launched the Coalition for Secure AI (CoSAI) to enhance AI security measures, building on the Secure AI Framework (SAIF). This coalition includes major tech companies such as Amazon, IBM, Microsoft, NVIDIA, and OpenAI, focusing on collaborative, open-source AI security solutions.
Founding Member Organizations
CoSAI's founding members include:
- Amazon
- Anthropic
- Chainguard
- Cisco
- Cohere
- GenLab
- IBM
- Intel
- Microsoft
- NVIDIA
- OpenAI
- Paypal
- Wiz
The coalition is housed under OASIS Open, an international standards and open-source consortium.
Inaugural Workstreams
CoSAI will initially focus on three key areas:
Software Supply Chain Security for AI Systems:
- Extending SLSA Provenance to AI models.
- Providing guidance on evaluating provenance, managing third-party model risks, and assessing full AI application provenance.
- Expanding on SSDF and SLSA security principles for AI and classical software.
Preparing Defenders for a Changing Cybersecurity Landscape:
- Developing a defender’s framework to help identify investments and mitigation techniques.
- Scaling mitigation strategies with the emergence of offensive cybersecurity advancements in AI models.
AI Security Governance:
- Creating a taxonomy of risks and controls, a checklist, and a scorecard.
- Guiding practitioners in readiness assessments, management, monitoring, and reporting of AI security.
Collaboration and Future Steps
CoSAI will collaborate with organizations like Frontier Model Forum, Partnership on AI, Open Source Security Foundation, and ML Commons to promote responsible AI. The coalition aims to ensure that AI security frameworks evolve alongside AI advancements, with more updates expected in the coming months.