Google has revealed its intention to broaden the scope of its Vulnerability Rewards Program (VRP) to compensate researchers for identifying attack scenarios specifically tailored to generative artificial intelligence (AI) systems, with the aim of reinforcing AI safety and security.
Laurie Richardson and Royal Hansen from Google expressed that generative AI presents novel and distinct concerns compared to traditional digital security, such as the risk of unfair bias, model manipulation, or misinterpretation of data (hallucinations).
Some of the encompassed categories within this expansion include prompt injections, the leakage of sensitive data from training datasets, model manipulation, adversarial perturbation attacks capable of inducing misclassifications, and model theft.
In a previous announcement made in July, Google established an AI Red Team as part of its Secure AI Framework (SAIF) to address threats to AI systems.
As a testament to its commitment to secure AI, Google is also taking steps to bolster the AI supply chain through existing open-source security initiatives like Supply Chain Levels for Software Artifacts (SLSA) and Sigstore.
According to Google, digital signatures, such as those offered by Sigstore, enable users to verify the integrity of software, ensuring it hasn’t been tampered with or replaced. Additionally, metadata like SLSA provenance provides insights into the software’s composition and build process, allowing consumers to confirm license compatibility, identify known vulnerabilities, and detect more advanced threats.
This announcement coincides with OpenAI’s introduction of an internal Preparedness team, focused on monitoring, assessing, forecasting, and safeguarding against catastrophic risks related to generative AI, spanning cybersecurity as well as chemical, biological, radiological, and nuclear (CBRN) threats.
Furthermore, Google, OpenAI, Anthropic, and Microsoft have jointly unveiled a $10 million AI Safety Fund, dedicated to advancing research in the realm of AI safety.
