added code of practice

robvanderveer · web-flow · commit 68c93b704908 · 2025-03-14T11:48:51.000+01:00
diff --git a/content/ai_exchange/content/docs/ai_security_overview.md b/content/ai_exchange/content/docs/ai_security_overview.md
@@ -456,50 +456,55 @@ GenAI References:
 >Permalink: https://owaspai.org/goto/jointguidelines/
 
 Mapping of the UK NCSC /CISA [Joint Guidelines for secure AI system development](https://www.ncsc.gov.uk/collection/guidelines-secure-ai-system-development) to the controls here at the AI Exchange.  
-To see those controls linked to threats, refer to the [Periodic table of AI security](/goto/periodictable/).
+To see those controls linked to threats, refer to the [Periodic table of AI security](/goto/periodictable/).  
+
+Note that the UK Government drove an initiative through their DSIT repartment to build on these joint guidelines and produce the [DSIT Code of Practice for the Cyber Secyrity of AI](https://www.gov.uk/government/publications/ai-cyber-security-code-of-practice/code-of-practice-for-the-cyber-security-of-ai#code-of-practice-principles), which reorganizes things according to 13 principles, does a few tweaks, and adds a bit more governance. The principle mapping is added below, and adds mostly post-market aspects:
+- Principle 10: Communication and processes assoiated with end-users and affected entities
+- Principle 13: Ensure proper data and model disposal
+
 
 1. Secure design
 
-- Raise staff awareness of threats and risks:  
+- Raise staff awareness of threats and risks (DSIT principle 1):  
   #[SECURITY EDUCATE](/goto/seceducate/)
-- Model the threats to your system:  
+- Model the threats to your system (DSIT principle 3):  
   See Risk analysis under #[SECURITY PROGRAM](/goto/secprogram/)
-- Design your system for security as well as functionality and performance:  
+- Design your system for security as well as functionality and performance (DSIT principle 2):  
   #[AI PROGRAM](/goto/aiprogram/ ), #[SECURITY PROGRAM](/goto/secprogram/), #[DEVELOPMENT PROGRAM](/goto/devprogram/), #[SECURE DEVELOPMENT PROGRAM](/goto/secdevprogram/), #[CHECK COMPLIANCE](/goto/checkcompliance/), #[LEAST MODEL PRIVILEGE](/goto/leastmodelprivilege/), #[DISCRETE](/goto/discrete/), #[OBSCURE CONFIDENCE](/goto/obscureconfidence/), #[OVERSIGHT](/goto/oversight/), #[RATE LIMIT](/goto/ratelimit/),  #[DOS INPUT VALIDATION](/goto/dosinputvalidation/), #[LIMIT RESOURCES](/goto/limitresources/), #[MODEL ACCESS CONTROL](/goto/modelaccesscontrol/), #[AI TRANSPARENCY](/goto/aitransparency)
 - Consider security benefits and trade-offs when selecting your AI model  
   All development-time data science controls (currently 13), #[EXPLAINABILITY](/goto/explainability/)
 
 2. Secure Development
 
-- Secure your supply chain:  
+- Secure your supply chain (DSIT principle 7):  
   #[SUPPLY CHAIN MANAGE](/goto/supplychainmanage/)
-- Identify, track and protect your assets:  
+- Identify, track and protect your assets (DSIT principle 5):  
   #[DEVELOPMENT SECURITY](/goto/devsecurity/), #[SEGREGATE DATA](/goto/segregatedata/), #[CONFIDENTIAL COMPUTE](/goto/confcompute/), #[MODEL INPUT CONFIDENTIALITY](/goto/modelinputconfidentiality/), #[RUNTIME MODEL CONFIDENTIALITY](/goto/runtimemodelconfidentiality/), #[DATA MINIMIZE](/goto/dataminimize/), #[ALLOWED DATA](/goto/alloweddata/), #[SHORT RETAIN](/goto/shortretain/), #[OBFUSCATE TRAINING DATA](/goto/obfuscatetrainingdata/) and part of #[SECURITY PROGRAM](/goto/secprogram/)
-- Document your data, models and prompts:  
+- Document your data, models and prompts (DSIT principle 8):  
   Part of #[DEVELOPMENT PROGRAM](/goto/devprogram/)
 - Manage your technical debt:  
   Part of #[DEVELOPMENT PROGRAM](/goto/devprogram/)
 
 3. Secure deployment
 
-- Secure your infrastructure:  
+- Secure your infrastructure (DSIT principle 6):  
   Part of #[SECURITY PROGRAM](/goto/secprogram/) and see ‘Identify, track and protect your assets’
 - Protect your model continuously:  
   #[INPUT DISTORTION](/goto/inputdistortion/), #[FILTER SENSITIVE MODEL OUTPUT](/goto/filtersensitivemodeloutput/), #[RUNTIME MODEL IO INTEGRITY](/goto/runtimemodeliointegrity/), #[MODEL INPUT CONFIDENTIALITY](/goto/modelinputconfidentiality/), #[PROMPT INPUT VALIDATION](/goto/promptinputvalidation/), #[INPUT SEGREGATION](/goto/inputsegregation/)
 - Develop incident management procedures:  
   Part of #[SECURITY PROGRAM](/goto/secprogram/)
 - Release AI responsibly:  
   Part of #[DEVELOPMENT PROGRAM](/goto/devprogram/)
-- Make it easy for users to do the right things:  
-  Part of #[SECURITY PROGRAM](/goto/secprogram/)
+- Make it easy for users to do the right things (DSIT principe 4, called Enable human responsibility for AI systems):  
+  Part of #[SECURITY PROGRAM](/goto/secprogram/), and also involving #[EXPLAINABILITY](/goto/explainability/), documenting prohibited use cases, and #[HUMAN OVERSIGHT](/goto/humanoversight))
 
 4. Secure operation and maintenance
 
-- Monitor your system’s behaviour:  
+- Monitor your system’s behaviour (DSIT principle 12 and similar to DSIT principle 9 - appropriate testing and validation):  
   #[CONTINUOUS VALIDATION](/goto/continuousvalidation/), #[UNWANTED BIAS TESTING](/goto/unwantedbiastesting/)
 - Monitor your system’s inputs:  
   #[MONITOR USE](/goto/monitoruse/), #[DETECT ODD INPUT](/goto/detectoddinput/), #[DETECT ADVERSARIAL INPUT](/goto/detectadversarialinput/)
-- Follow a secure by design approach to updates:  
+- Follow a secure by design approach to updates (DSIT Principle 11: Maintain regular security updates, patches and mitigations):  
   Part of #[SECURE DEVELOPMENT PROGRAM](/goto/secdevprogram/)
 - Collect and share lessons learned:  
   Part of #[SECURITY PROGRAM](/goto/secprogram/) and #[SECURE DEVELOPMENT PROGRAM](/goto/secdevprogram/)
