1、DRAFT FOR REVIEW 0 Assurance of Third-Party AI Systems for UK National Security Rosamund Powell and Marion Oswald January 2024 Rosamund Powell and Marion Oswald 1 About CETaS.2 Acknowledgements.2 Executive Summary.3 Introduction.6 1.Understanding Third-Party AI Systems:Origins,Benefits,and Risks.10

2、1.1 Defining third-party AI.10 1.2 Cross-cutting risks and benefits.11 1.3 AI supply chain risks.12 2.Why Assurance?.13 2.1 What is AI assurance?.13 2.2 Challenges to effective AI assurance.13 3.A Model of AI Assurance for UK National Security.16 3.1 Co-creation of the assurance case.17 3.1.1 Existi

3、ng methods for documenting AI system properties.17 3.1.2 Companion guidance on evidentiary standards.25 3.2 System card template for UK national security.31 3.2.1 Summary information.32 3.2.2 Mission properties and legal compliance.33 3.2.3 The supply chain.35 3.2.4 Performance and security.37 3.2.5

4、 Ethical considerations.40 3.2.6 Iterative requirements.41 3.3 Assessing evidence.44 3.3.1 Skills to review system cards.44 3.3.2 The process of evidence assessment.46 3.3.3 Contractual protections.47 4.Implementation Considerations for Hypothetical Case Studies.50 5.Recommendations for Implementing

5、 AI Assurance.54 6.Conclusion.57 Appendix 1:Compiled System Card Template.59 Appendix 2:Glossary of Key Terms.67 About the Authors.68 Assurance of Third-Party AI Systems for UK National Security 2 About CETaS The Centre for Emerging Technology and Security(CETaS)is a research centre based at The Ala

6、n Turing Institute,the UKs national institute for data science and artificial intelligence.The Centres mission is to inform UK security policy through evidence-based,interdisciplinary research on emerging technology issues.Connect with CETaS at cetas.turing.ac.uk.This research was supported by The A