sAIfe: Towards a Lightweight Threat Modeling Approach to Support Machine Learning Application Development

Resumo

With the growing popularization of the Artificial Intelligence (AI) field, the development of systems that rely on, at least, one of its subareas has also experienced a great increase. The recent adoption of AI techniques in common systems - such as mobile apps and household appliances - requires a higher level of attention, to ensure their safety and proper operation. In this scenario, assuring the adequate functioning of these solutions culminates, in most cases, in ensuring the security of the application and its data throughout the software development life cycle. Software developers, however, often find security-related tasks challenging to learn and execute, and frequently put them aside. Additionally, currently available threat modeling frameworks are difficult to integrate into software development life cycles, which prioritize agility and automation over extensive analysis and documentation. This work, therefore, proposes sAIfe, a new threat modeling method for security analysis of AI applications under development. By providing prescriptive steps, a graphical reference element and ready-made remediation suggestions, this approach aims at simplifying the risk assessment process for the programmer, unveiling possible weaknesses and suggesting respective solutions in a practical way. sAIfe is tested on a real-world AI application, revealing positive results, with many potential issues and mitigation options detected by the method, which are registered in the form of a case study. Finally, a validation with developers in academia is also carried out, returning great feedback on sAIfe’s ease of use and speed of application.