Follow us on
Member Login
sign out
[ICT] - AUG 4, 2021, Assessment Methods for Machine Learning Algorithm out for Public Comments
Uploading Date: 2021-10-26 10:34:37



On August 4, 2021, the National Information Security Standardization Technical Committee of China (SAC/TC 260) issued a nationally recommended standard, Information Security Technology-Security Specification and Assessment Methods for Machine Learning and Algorithms (hereinafter referred to as “the Standard”) to call for public comments.


The Standard was proposed and developed by SAC/TC 260, and was drafted in accordance with Directives for standardization-Part 1: Rules for the structure and drafting of standardizing documents.


The Standard gives the terms and definitions related to machine learning algorithm. It also specifies the security requirements and confirmation methods of machine learning algorithm in different stages (including design and development, verification and test, deployment and operation, maintenance and upgrading, and decommissioning and offline process). The document clarifies the implementation of security assessments on machine learning algorithm as well. Within the Standard, a security assessment index system, machine learning algorithms. security risks and sample of attacks can also be found.


Machine learning algorithm security includes both the security of the algorithm itself and the security of the algorithm application. Therefore, according to the machine algorithm application in real life, the Standard divides the security requirements of machine learning algorithm into 2 levels, which are applicable to different scenarios as follows:


  • --Basic level: applicable to machine learning algorithms in all scenarios;

  • --Enhancement level: applicable to important fields such as public services, transportation, financial services, health care, welfare and education. Additional security requirements are necessary for the decision-making of key matters including the security of people's lives and properties and protection of individual rights.


This document applies to the security assessment of algorithms in machine learning systems. Machine learning system developers and operators can also use the Standard to carry out self-assessment and make improvements during the development and operation process. It is recommended that relevant enterprises assess the algorithm at different stages when they deal with machine learning systems, and make compliance adjustments if necessary according to the corresponding security requirements. BESTAO will follow up on the release of the final document and keep track of its revision to provide the latest information.


If you need more information or any help on the topic, please contact:

assistant@bestao-consulting.com


Follow us on:
Email: