Where AI Assurance Might Go Wrong: Initial lessons from engineering of critical systems
Reviewed by Pith T0 review T1 audit T2 compute T3 formal T4 kernel pith:PVQQJFE3record.jsonopen to challenge →
read the original abstract
We draw on our experience working on system and software assurance and evaluation for systems important to society to summarise how safety engineering is performed in traditional critical systems, such as aircraft flight control. We analyse how this critical systems perspective might support the development and implementation of AI Safety Frameworks. We present the analysis in terms of: system engineering, safety and risk analysis, and decision analysis and support. We consider four key questions: What is the system? How good does it have to be? What is the impact of criticality on system development? and How much should we trust it? We identify topics worthy of further discussion. In particular, we are concerned that system boundaries are not broad enough, that the tolerability and nature of the risks are not sufficiently elaborated, and that the assurance methods lack theories that would allow behaviours to be adequately assured. We advocate the use of assurance cases based on Assurance 2.0 to support decision making in which the criticality of the decision as well as the criticality of the system are evaluated. We point out the orders of magnitude difference in confidence needed in critical rather than everyday systems and how everyday techniques do not scale in rigour. Finally we map our findings in detail to two of the questions posed by the FAISC organisers and we note that the engineering of critical systems has evolved through open and diverse discussion. We hope that topics identified here will support the post-FAISC dialogues.
This paper has not been read by Pith yet.
Forward citations
Cited by 2 Pith papers
-
Not All Anquan Is the Same: A Terminological Proposal for Chinese Computer Science and Engineering
Chinese computer science writing should adopt 'anbao' for security and keep 'anquan' mainly for safety to resolve terminological overload in discussions of harm and threats.
-
Not All Anquan Is the Same: A Terminological Proposal for Chinese Computer Science and Engineering
Proposes using 'anbao' for security and reserving 'anquan' for safety in Chinese technical writing to reduce conceptual overload in safety-security discussions.
discussion (0)
Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.