An official website of the European Union How do you know?      
European Commission logo
JRC Publications Repository Menu

Cybersecurity of Artificial Intelligence in the AI Act

cover
Guiding principles to address the cybersecurity requirement for high-risk AI systems
This report focuses on the cybersecurity requirement for high-risk AI systems, as set out in Article 15 of the The European Commission’s proposal for the AI Act. It presents a high level analysis in the context of the rapidly evolving AI landscape, and provides a set of key guiding principles to achieve compliance with the AI Act. The proposed AI Act focuses on AI systems. Although AI models are essential components of AI systems, they do not constitute AI systems on their own. The AI Act cybersecurity requirement applies to the AI system as a whole and not directly to its internal components. In order to ensure compliance, a security risk assessment should be conducted taking into account the design of the system, to identify risks, and implement the necessary mitigation measures. This process requires an integrated and continuous approach using proven cybersecurity practices and procedures combined with AI-specific controls. Although the state of the art for securing AI models has limitations, AI systems may still achieve compliance with the AI Act's cybersecurity requirement as long as their cybersecurity risks are effectively mitigated through other measures not exclusively deployed at AI model level. However, this may not always be possible, and indeed for some high-risk AI systems using emerging AI technologies, it may not be feasible to achieve compliance with the cybersecurity requirement of the AI Act.
Junklewitz, H., Hamon, R., André, A., Evas, T., Soler Garrido, J. and Sanchez Martin, J.I., Cybersecurity of Artificial Intelligence in the AI Act, Publications Office of the European Union, Luxembourg, 2023, doi:10.2760/271009, JRC134461.
2023-09-11
Publications Office of the European Union
JRC134461
978-92-68-07045-1 (online),   
1831-9424 (online),   
EUR 31643 EN,    OP KJ-NA-31-643-EN-N (online),   
https://publications.jrc.ec.europa.eu/repository/handle/JRC134461,   
10.2760/271009 (online),   
https://publications.jrc.ec.europa.eu/repository/bitstream/JRC134461/JRC134461_01.pdf
Language Citation
NameCountryCityType
Datasets
IDTitlePublic URL
Dataset collections
IDAcronymTitlePublic URL
Scripts / source codes
DescriptionPublic URL
Additional supporting files
File nameDescriptionFile type 
Show metadata record  Copy citation url to clipboard  Download BibTeX
Items published in the JRC Publications Repository are protected by copyright, with all rights reserved, unless otherwise indicated. Additional information: https://ec.europa.eu/info/legal-notice_en#copyright-notice