Software systems are increasingly relying on Artificial Intelligence (AI) and Machine Learning (ML) components. The emerging popularity of AI techniques in various application domains attracts malicious actors and adversaries. Therefore, the developers of AI-enabled software systems need to take into account various novel cyber-attacks and vulnerabilities that these systems may be susceptible to. This paper presents a framework to characterize attacks and weaknesses associated with AI-enabled systems and provide mitigation techniques and defense strategies. This framework aims to support software designers in taking proactive measures in developing AI-enabled software, understanding the attack surface of such systems, and developing products that are resilient to various emerging attacks associated with ML. The developed framework covers a broad spectrum of attacks, mitigation techniques, and defensive and offensive tools. In this paper, we demonstrate the framework architecture and its major components, describe their attributes, and discuss the long-term goals of this research.

翻译：软件系统日益依赖人工智能(AI)和机器学习(ML)组件。各种应用领域对AI技术的日益普及吸引了恶意行为者和对手。因此,AI支持的软件系统的开发者需要考虑到这些系统可能容易受到的各种新颖的网络攻击和脆弱性。本文件提供了一个框架,用以说明与AI支持的系统有关的攻击和弱点,并提供缓解技术和防御战略。这一框架旨在支持软件设计者采取主动措施开发AI支持的软件,了解这些系统的攻击表面,开发能够抵御与ML相关的各种新攻击的产品。开发的框架涵盖广泛的攻击、减缓技术以及防御和攻击工具。在本文件中,我们展示了框架结构及其主要组成部分,描述其属性,并讨论这一研究的长期目标。