Artificial Intelligence & Machine Learning
,
Government
,
Industry Specific
Action Aims to Ensure That Domestic Defense Industry Keeps Up With AI Developments
The U.S. federal government is preparing to start collecting reports from foundational artificial intelligence model developers including details about their cybersecurity defenses and red-teaming efforts.
See Also: Strengthen Cybersecurity with Zero Trust Principles
President Joe Biden in a November executive order invoked executive powers that allow the government to require model developers to disclose information, including “any ongoing or planned activities related to training, developing or producing” AI models that could be used for military and civilian purposes – so-called “dual use” technology.
In a request for comment set for official publication on Wednesday, the Department of Commerce advises industry it intends to soon start collecting data.
“As AI is progressing rapidly, it holds both tremendous promise and risk,” said Secretary of Commerce Gina Raimondo.
The collected information will allow the government to ensure that the domestic defense industry keeps pace with developments in AI and whether it needs to take action “to stimulate development of dual-use foundation models or to support the development of specific types of models.”
Information supplied by AI developers will also allow the federal government to “counteract the dangerous capabilities identified or to ensure that adequate safeguards are in place to prevent the theft or misuse of dual-use foundation models by foreign adversaries or non-state actors.”
The government will also collect results of mandatory red-teaming exercises designed to mitigate cyberattacks.
The types of data the U.S. government will collect are set out in the executive order, so Commerce isn’t collecting industry reaction to those requirements. The department does have leeway when it comes to some of the reporting formalities. It proposes reporting on a quarterly basis and says it would accept simple affirmations of no changes should the status quo hold from one three-month period to the next. The request for comment solicits comments on the frequency of reporting “as well as alternative for achieving timely reporting of the required information.”
Given that the data supplied by developers will be very sensitive, Commerce also said it welcomes thoughts on how the data should be safety collected and stored.
It also invited responses to the technical definition of a dual-use foundation model whose training run triggers reporting requirements. The current definition is more than 10 to the power of 26 computational operations per second, although models trained primarily on biological sequence data would have a lower threshold of 10 to the power of 23 computational operations per second.
The government definition of a “large-scale computing cluster” is a set of machines connected at a rate of more than 300 gigabits per second and with a theoretical maximum performance greater than 10 to the power of 20 computational operations per second.