2.4 KiB
3.3 AI Infrastructure Testing
The AI Infrastructure Testing category targets vulnerabilities and risks within the technical infrastructure and components that support AI model deployment and operation. This category specifically examines infrastructure-level security, including model supply chains, resource management, boundary controls, plugins, fine-tuning environments, and mechanisms preventing unauthorized model access or misuse.
Infrastructure-level vulnerabilities may lead to critical issues such as unauthorized access, resource exhaustion, or tampering of the model or associated components. Comprehensive infrastructure testing ensures these systems are securely configured, resilient against misuse or exploitation, and capable of safeguarding the AI systems they support.
Scope of This Testing Category
This category evaluates whether the AI infrastructure:
-
Prevents supply chain tampering and unauthorized modifications
→ AITG-INF-01: Testing for Supply Chain Tampering -
Is resilient against resource exhaustion and denial-of-service conditions
→ AITG-INF-02: Testing for Resource Exhaustion -
Maintains secure boundaries and access controls for plugin-based interactions
→ AITG-INF-03: Testing for Plugin Boundary Violations -
Enforces strict controls against misuse of model capabilities and functions
→ AITG-INF-04: Testing for Capability Misuse -
Safeguards environments used for model fine-tuning against poisoning and corruption
→ AITG-INF-05: Testing for Fine-tuning Poisoning -
Prevents theft or leakage of models during the development phase
→ AITG-INF-06: Testing for Dev-Time Model Theft
Each test within the AI Infrastructure Testing category contributes to the foundational security posture required for AI systems, ensuring reliable, secure, and robust infrastructure capable of preventing and mitigating threats throughout the model's lifecycle.