Update 2.0_Threat_Modeling_for_AI_Systems.md

Document/content/2.0_Threat_Modeling_for_AI_Systems.md

@@ -43,7 +43,7 @@ In Stage II of PASTA, we define the architectural scope by aligning it with the
   <img src="/Document/images/AISystemArchitecture.png" alt="Description" width="800"/>
 </p>
 
-*Fig. 1 SAIF Architecture Layers & Components*
+*Fig. 1: SAIF Architecture Layers & Components*
 
 The SAIF Map organizes AI security into four key areas: Application, Model, Infrastructure and Data, allowing scope AI protection across the full AI development lifecycle. The top half highlights the model’s path to deployment and user interaction, focusing on risks and controls most relevant to Model Consumers building AI-powered applications. The bottom half of the SAIF Map illustrates the process of developing a model, focusing on Model Creators, those who train or fine-tune models for their own use or for others. Depending on how AI is used, different risks may have greater relevance.  
 The SAIF Risk Map illustrates where risks are introduced during the AI development lifecycle, often as a result of weaknesses in people, processes, or tools, where they are exposed (i.e., observable or testable by security teams), and where they can ultimately be mitigated through the implementation of appropriate controls. Some of these risk paths manifest primarily in the model usage layers (Application and Model) and relative AI components, others emerge in the model creation layers (Infrastructure and Data), and many span both, underscoring the need for comprehensive security coverage across the entire AI system lifecycle.