Risks associated with the application of artificial intelligence

There are undoubtedly significant benefits to integrating Artificial Intelligence (AI) into industrial production processes, particularly in the field of extrusion, as is being driven at CiTEX. However, it is important to be aware of the inherent risks in order to manage them effectively and ensure that our technologies remain both efficient and safe. Here are five of the most important risks to consider:

• Data security and data protection: AI systems in production process a variety of sensitive data, from trade secrets to employees' personal information. Securing this data from unauthorized access and cyberattacks is crucial to avoid financial loss and reputational damage.
• Lack of transparency and decision-making: The way AI systems work can be extremely complex and difficult for humans to understand. This can lead to problems in decision-making, especially in critical production aspects. It is therefore important to develop mechanisms that bring some transparency to the AI's decision-making processes.
• Dependence on technology: The increased integration of AI into production processes leads to an increased dependence on this technology. Failures or malfunctions can affect the entire production chain and lead to financial losses.
• Quality control: Although AI is excellent at identifying patterns and suggesting optimizations, it can be prone to errors, especially with incomplete or faulty training data. This can affect product quality and lead to issues with compliance with industry standards.
• Ethics and compliance: The use of AI must comply with ethical principles and legal regulations. Problems such as bias in algorithms or violations of labor rights through automation can have serious ethical and legal consequences.

Once you are aware of these risks and work to mitigate them through advanced security protocols, transparent processes and ongoing training of your teams, you also consider other procedures that will allow you to mitigate the risk. As cyberattacks become more common, it is no surprise that the “data and infrastructure security” risk is being monitored very closely.

One promising method for assessing and strengthening the security of information technology systems is "red teaming." This is a simulated attack on your own IT system, carried out by specially trained teams, known as "red teams." They act like real attackers to uncover vulnerabilities and security gaps that traditional security audits might miss. Through realistic testing, companies can improve their defense strategies and prepare for potential threats.

The red teaming process is comprehensive and multidimensional. It includes not only penetration testing and exploiting IT vulnerabilities, but also testing the company's responsiveness and resilience to real cyberattacks. The goal is to get a realistic picture of the security situation and prepare the organization for potential threats. Through these practical tests, companies can refine and perfect their defense strategies to prepare themselves against future attacks.

In the dynamic world of extrusion technology, where data and advanced technologies play a central role, IT security is of crucial importance. The fact that artificial intelligence is now involved does not make things any less complicated, because artificial intelligence processes and models in particular must be secure, in terms of IT IoT security but also in themselves as a model.

So how about testing artificial intelligence models using red teaming processes? If we are correctly informed, internal red teaming is already being carried out by most large development companies, but there are no standardized approaches for this, even for AI models of the same type. Should one "only" subject high-risk AI systems to such a test or should they be tested in general? Let's take pipe extrusion as an example. When is an AI model used a risk? Already when the quality does not meet the set standards or only when machines and/or people could be at risk? But if the quality of the extruded pipe for transporting gas does not meet the standards, a poor-quality pipe could put a large number of people at risk if gas leaks. This raises the question of how far do we use AI before, during or after measuring the data in real time? Or do we rely on predictive models to learn from supervised machine learning and data histories and derive certain predictions from them?

For us, the fact is that adversarial testing (which includes red teaming) is not regulated in more detail in the EU AI regulation. The requirement merely refers to codes of conduct and harmonized standards that must now be developed. In order for such tests to be carried out we need,

• clear objectives for the test (preferably along defined standards)
• a clearly defined test process
• clear structures and roles (such as validators, model developers, etc.)

Benefits of Red Teaming

• Red teaming may be able to provide an objective assessment of the security of an AI application by simulating various use cases and identifying vulnerabilities in the model.
• By identifying vulnerabilities and weaknesses, red teaming can help an organization prioritize risks and allocate resources.
• Cost-effectiveness: Identifying and remediating vulnerabilities before a real incident occurs can save organizations significant costs associated with security breaches, regulatory fines, and reputational damage.

Given the integration of artificial intelligence, ensuring security becomes even more complex. It is therefore also in our interest to continue to pursue artificial intelligence models and also to test processes such as red teaming in order to identify and minimize potential risks. However, clear regulations for industry and sectors would be desirable. The codes of conduct and harmonized standards referred to in the AI Act still need to be specifically designed so that they can be implemented and lead to efficient and effective procedures.