mirror of
https://github.com/OWASP/www-project-ai-testing-guide.git
synced 2026-07-15 23:47:19 +02:00
Update 4.0_Appendix_and_References.md
This commit is contained in:
@@ -1,7 +1,7 @@
|
||||
|
||||
# **4. Appendixes and References**
|
||||
|
||||
## **Introduction**
|
||||
### **Introduction**
|
||||
|
||||
This chapter provides all supporting materials that complement the main body of the OWASP AI Testing Guide.
|
||||
The appendixes offer structured frameworks, threat models, risk lifecycles, and domain-specific guidance that reinforce the methodology proposed in the guide.
|
||||
@@ -14,9 +14,7 @@ These resources serve three primary goals:
|
||||
|
||||
The chapter concludes with a complete **References** section that documents all sources used throughout the guide.
|
||||
|
||||
---
|
||||
|
||||
## **4.1 Appendix A: Rationale for Using SAIF (Secure AI Framework)**
|
||||
### **4.1 Appendix A: Rationale for Using SAIF (Secure AI Framework)**
|
||||
|
||||
Appendix A introduces the rationale for adopting the **Secure AI Framework (SAIF)** as a foundational model for trustworthy AI development and testing.
|
||||
|
||||
@@ -29,9 +27,7 @@ SAIF provides:
|
||||
|
||||
This appendix explains why AI requires a framework beyond traditional software testing paradigms.
|
||||
|
||||
---
|
||||
|
||||
## **4.2 Appendix B: Distributed, Immutable, Ephemeral (DIE) Threat Identification**
|
||||
### **4.2 Appendix B: Distributed, Immutable, Ephemeral (DIE) Threat Identification**
|
||||
|
||||
This appendix presents the **DIE model**—Distributed, Immutable, Ephemeral—as a lens for identifying threats in cloud-native and modern AI environments.
|
||||
|
||||
@@ -44,9 +40,7 @@ AI systems often include:
|
||||
These characteristics create unique attack surfaces.
|
||||
The DIE framework helps testers recognize threats such as: supply-chain injection, poisoned artifacts, workflow manipulation, and cloud environment exploitation.
|
||||
|
||||
---
|
||||
|
||||
## **4.3 Appendix C: Risk Lifecycle for Secure AI Systems**
|
||||
### **4.3 Appendix C: Risk Lifecycle for Secure AI Systems**
|
||||
|
||||
Appendix C describes the **AI-specific risk lifecycle**, reflecting the dynamic and evolving nature of AI systems.
|
||||
|
||||
@@ -60,9 +54,7 @@ The lifecycle includes:
|
||||
|
||||
Special attention is given to phenomena unique to AI systems, such as data drift, model drift, and feedback-loop risks.
|
||||
|
||||
---
|
||||
|
||||
## **4.4 Appendix D: Threat Enumeration to AI Architecture Components**
|
||||
### **4.4 Appendix D: Threat Enumeration to AI Architecture Components**
|
||||
|
||||
This appendix provides a structured mapping of **threats across AI architectural components**, including:
|
||||
|
||||
@@ -79,9 +71,7 @@ For each component, the appendix details:
|
||||
|
||||
This enumeration forms the basis for the testing procedures defined earlier in the guide.
|
||||
|
||||
---
|
||||
|
||||
## **4.5 Appendix E: Mapping AI Threats Against AI System Vulnerabilities (CVEs & CWEs)**
|
||||
### **4.5 Appendix E: Mapping AI Threats Against AI System Vulnerabilities (CVEs & CWEs)**
|
||||
|
||||
Appendix E connects AI-specific threats to established vulnerability taxonomies such as:
|
||||
|
||||
@@ -92,9 +82,7 @@ Appendix E connects AI-specific threats to established vulnerability taxonomies
|
||||
This mapping demonstrates how threats like model extraction, prompt injection, and training data leakage relate to traditional software weakness classes.
|
||||
The goal is to integrate AI-security testing with existing enterprise vulnerability management workflows.
|
||||
|
||||
---
|
||||
|
||||
## **4.6 Appendix F: Domain-Specific Testing**
|
||||
### **4.6 Appendix F: Domain-Specific Testing**
|
||||
|
||||
This appendix outlines considerations for **testing AI systems in specific industry domains**, including:
|
||||
|
||||
@@ -107,9 +95,7 @@ This appendix outlines considerations for **testing AI systems in specific indus
|
||||
Each domain presents unique risks, regulatory frameworks, and operational constraints.
|
||||
The appendix provides guidance on tailoring AI testing strategies to sector-specific requirements and workflows.
|
||||
|
||||
---
|
||||
|
||||
## **4.7 References**
|
||||
### **4.7 References**
|
||||
|
||||
The final section compiles all sources cited throughout this guide, including standards, academic research, industry papers, and open-source projects.
|
||||
These references provide the foundational material supporting the frameworks, methodologies, and recommendations outlined in the OWASP AI Testing Guide.
|
||||
|
||||
Reference in New Issue
Block a user