<description>&lt;div class="OutlineElement Ltr SCXW43072570 BCX0"&gt; &lt;p class="Paragraph SCXW43072570 BCX0"&gt;&lt;span class= "TextRun SCXW43072570 BCX0" lang="EN-US" xml:lang="EN-US" data-contrast="auto"&gt;&lt;span class= "NormalTextRun SCXW43072570 BCX0"&gt;How can you ever know whether an LLM is safe to use?&lt;/span&gt; &lt;span class= "NormalTextRun SCXW43072570 BCX0"&gt;Even&lt;/span&gt; &lt;span class= "NormalTextRun SCXW43072570 BCX0"&gt;self-host&lt;/span&gt;&lt;span class= "NormalTextRun SCXW43072570 BCX0"&gt;ed&lt;/span&gt; &lt;span class= "NormalTextRun SCXW43072570 BCX0"&gt;LLM system&lt;/span&gt;&lt;span class= "NormalTextRun SCXW43072570 BCX0"&gt;s&lt;/span&gt; &lt;span class= "NormalTextRun SCXW43072570 BCX0"&gt;are vulnerable to adversarial prompt&lt;/span&gt;&lt;span class="NormalTextRun SCXW43072570 BCX0"&gt;s left on the internet&lt;/span&gt; &lt;span class= "NormalTextRun SCXW43072570 BCX0"&gt;and waiting to be found by&lt;/span&gt; &lt;span class="NormalTextRun SCXW43072570 BCX0"&gt;system&lt;/span&gt; &lt;span class="NormalTextRun SCXW43072570 BCX0"&gt;search engines&lt;/span&gt;&lt;span class= "NormalTextRun SCXW43072570 BCX0"&gt;.&lt;/span&gt; &lt;span class= "NormalTextRun SCXW43072570 BCX0"&gt;These at&lt;/span&gt;&lt;span class= "NormalTextRun SCXW43072570 BCX0"&gt;tacks&lt;/span&gt; &lt;span class= "NormalTextRun SCXW43072570 BCX0"&gt;and others&lt;/span&gt; &lt;span class= "NormalTextRun SCXW43072570 BCX0"&gt;exploit&lt;/span&gt; &lt;span class= "NormalTextRun SCXW43072570 BCX0"&gt;the complexity of&lt;/span&gt; &lt;span class="NormalTextRun SCXW43072570 BCX0"&gt;even&lt;/span&gt; &lt;span class="NormalTextRun SCXW43072570 BCX0"&gt;seemingly secure&lt;/span&gt; &lt;span class="NormalTextRun SCXW43072570 BCX0"&gt;AI systems&lt;/span&gt;&lt;span class= "NormalTextRun SCXW43072570 BCX0"&gt;. &lt;/span&gt;&lt;/span&gt;&lt;span class= "EOP SCXW43072570 BCX0" data-ccp-props="{}"&gt; &lt;/span&gt;&lt;/p&gt; &lt;/div&gt; &lt;div class="OutlineElement Ltr SCXW43072570 BCX0"&gt; &lt;p class="Paragraph SCXW43072570 BCX0"&gt;&lt;span class= "TextRun SCXW43072570 BCX0" lang="EN-US" xml:lang="EN-US" data-contrast="auto"&gt;&lt;span class= "NormalTextRun SCXW43072570 BCX0"&gt;In our latest podcast from the Carnegie Mellon University Software Engineering Institute (SEI), David&lt;/span&gt; &lt;span class= "NormalTextRun SpellingErrorV2Themed SCXW43072570 BCX0"&gt;Schulker&lt;/span&gt; &lt;span class="NormalTextRun SCXW43072570 BCX0"&gt;and Matthew Walsh, both senior data scientists in the SEI's CERT Division, sit down with Thomas Scanlon, lead of&lt;/span&gt; &lt;span class= "NormalTextRun SCXW43072570 BCX0"&gt;the&lt;/span&gt; &lt;span class= "NormalTextRun SCXW43072570 BCX0"&gt;CERT Data Science Technical Program, to discuss their work on System Theoretic Process Analysis, or STPA, a hazard-analysis technique uniquely suitable for dealing with&lt;/span&gt; &lt;span class= "NormalTextRun SCXW43072570 BCX0"&gt;AI&lt;/span&gt; &lt;span class= "NormalTextRun SCXW43072570 BCX0"&gt;complexity&lt;/span&gt; &lt;span class= "NormalTextRun SCXW43072570 BCX0"&gt;when&lt;/span&gt; &lt;span class= "NormalTextRun SCXW43072570 BCX0"&gt;assuring AI systems.&lt;/span&gt;&lt;/span&gt;&lt;span class="EOP SCXW43072570 BCX0" data-ccp-props="{}"&gt; &lt;/span&gt;&lt;/p&gt; &lt;/div&gt;</description>

Software Engineering Institute (SEI) Podcast Series

Members of Technical Staff at the Software Engineering Institute

What Could Possibly Go Wrong? Safety Analysis for AI Systems

OCT 31, 202536 MIN
Software Engineering Institute (SEI) Podcast Series

What Could Possibly Go Wrong? Safety Analysis for AI Systems

OCT 31, 202536 MIN

Description

How can you ever know whether an LLM is safe to use? Even self-hosted LLM systems are vulnerable to adversarial prompts left on the internet and waiting to be found by system search engines. These attacks and others exploit the complexity of even seemingly secure AI systems.

In our latest podcast from the Carnegie Mellon University Software Engineering Institute (SEI), David Schulker and Matthew Walsh, both senior data scientists in the SEI's CERT Division, sit down with Thomas Scanlon, lead of the CERT Data Science Technical Program, to discuss their work on System Theoretic Process Analysis, or STPA, a hazard-analysis technique uniquely suitable for dealing with AI complexity when assuring AI systems.