From eed48478a9b9090879c6fd50fecf7de63eef1b23 Mon Sep 17 00:00:00 2001 From: Matteo Meucci Date: Wed, 18 Jun 2025 11:05:15 +0200 Subject: [PATCH] Update 2.1.1_Architectural_Mapping_of_OWASP_Threats.md --- .../content/2.1.1_Architectural_Mapping_of_OWASP_Threats.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/Document/content/2.1.1_Architectural_Mapping_of_OWASP_Threats.md b/Document/content/2.1.1_Architectural_Mapping_of_OWASP_Threats.md index f025f36..a95050e 100644 --- a/Document/content/2.1.1_Architectural_Mapping_of_OWASP_Threats.md +++ b/Document/content/2.1.1_Architectural_Mapping_of_OWASP_Threats.md @@ -2,7 +2,11 @@ In this chapter, we present a structured mapping of AI security threats from the OWASP Top 10 LLM Risks (2025) and the OWASP AI Exchange Threats onto a modular AI system architecture, grounded in Google’s Secure AI Framework (SAIF). -By examining the AI architecture across its four core layers, data, infrastructure, model, and application, we can visually pinpoint where threats are most likely to materialize as risk exposure, thereby enabling focused and effective security testing. Figure 2.1, titled ‘OWASP AI Threats Mapped to AI Components,’ illustrates this alignment and serves as a reference for mapping threats to the specific components within the AI system.![][image1] +By examining the AI architecture across its four core layers, data, infrastructure, model, and application, we can visually pinpoint where threats are most likely to materialize as risk exposure, thereby enabling focused and effective security testing. Figure 2.1, titled ‘OWASP AI Threats Mapped to AI Components,’ illustrates this alignment and serves as a reference for mapping threats to the specific components within the AI system. + +

+ AI Architecture Threat Model +

**Fig 2.1 Threat Model of OWASP Threats (LLM T10 and AI Exchange) Mapped to Impacted AI Components of a SAIF baseline architecture**