RMF: A Risk Measurement Framework for Machine Learning Models
This work addresses security measurement for ML models in safety-critical applications like autonomous vehicles, but it appears incremental as it adapts an existing standard without major breakthroughs.
The paper tackles the problem of measuring security risks in machine learning models, particularly for autonomous vehicles, by proposing a framework based on ISO/IEC 27004:2016 that uses risk indicators to evaluate damage and attacker effort, but it does not provide a single risk value, requiring interpretation of four different values.
Machine learning (ML) models are used in many safety- and security-critical applications nowadays. It is therefore important to measure the security of a system that uses ML as a component. This paper focuses on the field of ML, particularly the security of autonomous vehicles. For this purpose, a technical framework will be described, implemented, and evaluated in a case study. Based on ISO/IEC 27004:2016, risk indicators are utilized to measure and evaluate the extent of damage and the effort required by an attacker. It is not possible, however, to determine a single risk value that represents the attacker's effort. Therefore, four different values must be interpreted individually.