I-Corps: Securing the Machine Learning Lifecycle and Providing Artificial Intelligence Assurance

The broader impact of this I-Corps project is the development of a framework to securely develop Artificial Intelligence/Machine Learning (AI/ML). As the vulnerability of the AI/ML lifecycle becomes increasingly apparent, organizations that rely on the consistency and integrity of their AI/ML are faced with the difficult task of assuring AI/ML security.

Along with challenges involved with tailoring the concept of zero trust into such environments, assuring security also needs to be accomplished quickly. The cost to develop and implement a single AI/ML model can reach hundreds of thousands of dollars, and the malicious alteration of AI/ML models, model features, and training data that effectively poison AI/ML can negate the return on this substantial investment.

Such poisoning attacks are a nascent threat that is expected to become widespread as malicious actors gain technical ability. This susceptibility of AI/ML to poisoning attacks poses a severe national security concern as AI/ML has become central to mission-critical defense and intelligence capacities.

This I-Corps project is based on the development of a lifecycle management tool utilizing blockchain technology. The proposed innovation will enable users to store, train, and deploy data, AI/ML models, and model features, with each transaction or attempted transaction. These transactions will be immutably logged to provide an audit trail, ensuring that nothing stored on the blockchain can be surreptitiously altered.

These project goals are to determine how the use of blockchain technology may enhance the security of the AI/ML lifecycle. The technology may be used to analyze the AI/ML lifecycle security concerns and foci of stakeholders including intelligence agencies, academia, commercial businesses, and machine learning engineers. The project will also help determine if practical solutions exist for engineers to secure the machine learning lifecycle, examine economic models that inform the tradeoff of security, cost efficiency, awareness of virtual structure as it relates to the concept of “Zero AI Trust”, and test usability in machine learning lifecycle management tools.

This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.