The standards being developed should cover the requirements of the full range of stakeholders (including users, affected bystanders and manufacturers etc) over the complete lifetime of the product.
There is currently no standard addressing the cybersecurity of AI systems. In ISO/IEC JTC1 SC27 WG4 27090 is under development; and I contribute directly to this work.
The AI Act is a European regulation promoting the uptake of human-centric and trustworthy AI, while ensuring protection of health, safety, and fundamental rights. Companies can prove conformity with the AI Act by complying with the 10 harmonised standards drafted by CEN-CENELEC. My fellowship contributes to two harmonised standards supporting the AI Act.
A process model for the exchange of information for use” and in a similar submodel template developed within IDTA
Annegrit's priority is the Convenorship of CEN CENELEC JTC21 WG 5, the organisation and project support to work on the AI Act standardisation request for Cybersecurity. This includes a close collaboration with other groups within JTC 21, JTC 13, ISO IEC SC 42 and SC 27 to collect all information of existing and work under development. The main challenge is that JTC 21 and also our WG5 has a diverse structure of experts and knowledge, which makes the work, the effort and efficiency very difficult.