2023年AI和标准化网络安全报告.docx

《2023年AI和标准化网络安全报告.docx》由会员分享，可在线阅读，更多相关《2023年AI和标准化网络安全报告.docx（32页珍藏版）》请在优知文库上搜索。

1、ABBREVIATIONSAbbreviationDefinitionAlArtificialIntelligenceCEN-CENELECEuropeanCommitteeforStandardisation-EuropeanCommitteeforElectrotechnicalStandardisationCIAConfidentiality,IntegrityandAvailabilityENEuropeanStandardESOEuropeanStarjdardisationOrganisationETSIEuropeanTelecommunicationsStandardsInst

2、ituteGRGroupReportICTInformationAndCommunicationsTechnologyISGIndustrySpecificationGroupISOInternationalOrganizationforStandardizationITInformationTechnologyJTCJointTechnicalCommitteeMLMachineLearningNISTNationalInstituteofStandardsandTechnologyR&DResearchAndDevelopmentSAISecurityofArtificialIntelli

3、genceSCSubmmitteeSDOStandards-DevelopingOrganisationTRTechnicalReportTSTechnicalSpecificationsWlWorkItemABOUTENISATheEuropeanUnionAgencyforCybersecurity,ENISA,istheUnion,sagencydedicatedtoachievingahighcommonlevelofcybersecurityacrossEurope.Establishedin2004andstrengthenedbytheEUCybersecurityAct,the

4、EuropeanUnionAgencyforCybersecuritycontributestoEUcyberpolicy,enhancesthetrustworthinessofICTproducts,servicesandprocesseswithcybersecuritycertificationschemes,cooperateswithMemberStatesandEUbodies,andhelpsEuropeprepareforthecyberchallengesoftomorrow.Throughknowledgesharing,capacitybuildingandawaren

5、essraising,theAgencyworkstogetherwithitskeystakeholderstostrengthentrustintheconnectedeconomy,tobstresilienceoftheUnionsinfrastructure,and,ultimately,tokeepEuropessocietyandcitizensdigitallysecure.MoreinformationaboutENISAanditsworkcanbefoundhere:www.enisa.europa.eu.CONTACTForcontactingtheauthorsple

6、aseuseteam(enisa.europa.euFormediaenquiriesaboutthispaper,pleaseusepressenisa.europa.eu.AUTHORSP.Bezombes,S.Brunessaux,S.CadzowEDITOR(三)ENISA:E.MagonaraS.GorniakP.MagnaboscoE.TsemezogloACKNOWLEDGEMENTSWewouldliketothanktheJointResearchCentreandtheEuropeanCommissionfortheiractivecontributionandcommen

7、tsduringthedraftingstage.Also,wewouldliketothanktheENISAAdHocExpertGrouponArtificialIntelligence(AI)cybersecurityforthevaluablefeed-backandcommentsinvalidatingthisreport.1.EGALNOTICEThispublicationrepresentstheviewsandinterpretationsofENISA,unlessstatedotherwise.Itdoesnotendorsearegulatoryobligation

8、ofENISAorofENISAbodiespursuanttotheRegulation(EU)No2019/881.ENISAhastherighttoalter,updateorremovethepublicationoranyofitscontents.Itisintendedforinformationpurposesonlyanditmustbeaccessiblefreeofcharge.AllreferencestoitoritsuseasawholeorpartiallymustntainENISAasitssource.Third-partysourcesarequoted

9、asappropriate.ENISAisnotresponsibleorliableforthecontentoftheexternalsourcesincludingexternalwebsitesreferencedinthispublication.NeitherENISAnoranypersonactingonitsbehalfisresponsiblefortheusethatmightbemadeoftheinformationcontainedinthispublication.ENISAmaintainsitsintellectualpropertyrightsinrelat

10、iontothispublication.COPYRIGHTNOTICEEuropeanUnionAgencyforCybersecurity(ENISA),2023ThispublicationislicencedunderCC-BY4.0Unlessotherwisenoted,thereuseofthisdocumentisauthorisedundertheCreativeCommonsAttribution4.0International(CCBY4.0)licencehttpsycreativecommons.orglicensesby4.0).Thismeansthatreuse

11、isallowed,providedthatappropriatecreditisgivenandanychangesareindicated.Coverimage.ForanyuseorreproductionofphotosorothermaterialthatisnotundertheENISAcopyright,permissionmustbesoughtdirectlyfromthecopyrightholders.ISBN978-92-9204-616-3,DOI10.2824/277479,TP-03-23-011-EN-C帝用SmTABLEOFCONTENTS1. INTROD

12、UCTION81.1 DOCUMENTPURPOSEANDOBJECTIVES81.2 TARGETAUDIENCEANDPREREQUISITES81.3 STRUCTUREOFTHESTUDY82. SCOPEOFTHEREPORT:DEFINITIONOFAlANDCYBERSECURITYOFAl92.1 ARTIFICIALINTELLIGENCE92.2 CYBERSECURITYOFAl103. STANDARDISATIONINSUPPORTOFCYBERSECURITYOFAI123.1 RELEVANTACTIVITIESBYTHEMAINSTANDARDS-DEVELOP

13、INGORGANISATIONS123.1.1 CEN-CENELEC123.1.2 ETSI133.1.3 ISO-IEC143.1.4 Others144. ANALYSISOFCOVERAGE164.1 STANDARDISATIONINSUPPORTOFCYBERSECURITYOFAl-NARROWSENSE164.2 STANDARDISATIONINSUPPORTOFTHECYBERSECURITYOFAl-TRUSTWORTHINESS194.3 CYBERSECURITYANDSTANDARDISATIONINTHECONTEXTOFTHEDRAFTAlACT215. CON

14、CLUSIONS245.1 WRAP-UP245.2 RECOMMENDATIONS255.2.1 Recommendationstoallorganisations255.2.2 Recommendationstostandards-developingorganisations255.2.3 RecommendationsinpreparationfortheimplementationofthedraftAlAct255.3 FINALOBSERVATIONS26AANNEX:27A.1SELECTIONOFISO27000SERIESSTANDARDSRELEVANTTOTHECYBE

15、RSECURITYOFAl27A.2RELEVANTISO/IECSTANDARDSPUBLISHEDORPLANNED/UNDERDEVELOPMENT31CEN-CENELECJOINTTECHNICALCOMMITTEE21ANDDRAFTAlACTREQUIREMENTSA.4ETSI ACTIVITIES AND DRAFT Al ACT REQUIREMENTS33EXECUTIVESUMMARYTheoverallobjectiveofthepresentdocumentistoprovideanoverviewofstandards(existing,beingdrafted,underconsiderationandplanned)relatedtothecybersecurityofartificialintelligence(Al),assesstheircoverageandidentif