Eticas AI Risk Taxonomy:开放基础设施赋能AI审计操作化

The Eticas AI Risk Taxonomy: Open Infrastructure for Operationalizing AI Audits

精选理由

这篇论文真正解决了AI审计“光列风险但不教你怎么测”的痛点,用GPT-4实测PII泄露,给了一个可复现的评分样例。分类法开源了,想搞审计的可以直接用。

AI 摘要

该论文指出至少74种现有AI风险分类法几乎都止步于风险目录,缺乏实操。Eticas AI Risk Taxonomy v2.0.0 提出从概念到可衡量发现的桥梁,涵盖10个类别、20个子组、76个活跃子类别,并映射到18个外部框架。以GPT-4-0314上的PII泄露风险为例,在对抗性条件增强下披露率从0%升至84%,对应SYSTEMIC模式E级评分。分类法和子组以CC BY 4.0开源发布,提供稳定URI和SKOS/JSON-LD分发。

原文 · arXiv cs.AI

The Eticas AI Risk Taxonomy: Open Infrastructure for Operationalizing AI Audits

The rapid deployment of AI systems across high-stakes domains has created urgent demand for standardized evaluation, yet the field remains fragmented across competing risk taxonomies that catalog risks without showing how an audit is executed. At least 74 AI risk taxonomies exist, and almost all stop at the catalog. The hard part of auditing is not naming a risk but operationalizing it: turning it into a test run against a real system, a measured value, a calibrated severity, and a defensible grade. This paper leads with that bridge. We present the operationalization layer Eticas has built and run, shown end to end on a single risk (PII leakage) against a public benchmark, and then the open taxonomy that makes the method scale. On GPT-4-0314, a disclosure risk that seven external frameworks require be controlled is measured at 0%, 51%, and 84% disclosure as adversarial conditioning increases, mapping through calibrated severity bands to a subcategory grade of E with a SYSTEMIC pattern. Around this example, the Eticas AI Risk Taxonomy v2.0.0 organizes 76 active subcategories across 10 categories and 20 sub-groups, with mappings to 18 external frameworks across compliance, reference, and academic tiers. Its category and sub-group layer is published under CC BY 4.0 as open semantic infrastructure with stable URIs and SKOS/JSON-LD distributions, and a worked subcategory example shows the operational layer down to its severity thresholds. The contribution is the demonstrated bridge from concept to graded finding, anchored by a clean separation of risks from the mechanisms by which they surface, and framed by an open-core model in which the conceptual scaffold is open and the methodology calibration is the practitioner layer. This is the infrastructure the AI auditing field needs: shared, open, and demonstrably operable.