A Cybersecurity Risk Analysis Framework for Systems with Artificial Intelligence Components
This addresses the need for better risk analysis in AI systems, driven by regulatory norms like the EU AI Act and NIST framework, but it appears incremental as it builds on existing risk management approaches.
The paper tackles the problem of evaluating cybersecurity risks in systems with AI components, providing a framework to help assess such systems, as demonstrated with an illustrative example on automated driving systems.
The introduction of the European Union Artificial Intelligence Act, the NIST Artificial Intelligence Risk Management Framework, and related norms demands a better understanding and implementation of novel risk analysis approaches to evaluate systems with Artificial Intelligence components. This paper provides a cybersecurity risk analysis framework that can help assessing such systems. We use an illustrative example concerning automated driving systems.