SP 800-53 Control Overlays for Securing AI Systems

COSAiS Use Cases

The security of AI systems is closely intertwined with the security of the IT infrastructure on which they run and operate. Many organizations are already implementing SP 800-53 controls and have the institutional processes in place to plan control implementations for their organizations, missions, and systems and to assess the effectiveness of the controls for meeting organizational risk management requirements.

Control overlays offer organizations or communities of interest ways to further customize the controls (or control baselines) for a specific technology or type of system, mission space, environment of operation, to meet specific requirements. The SP 800-53 controls provide a common technical foundation for managing risk to AI systems and components using methods similar to those required for any type of software. Controls can be selected from the SP 800-53 control catalog, modified to address unique risks or applications, supplemented to provide application-specific guidance for implementers, and parameter values for assignment and selection operations can be set. Learn more about control overlays.

Addition details about the proposed use cases are provided in the concept paper.

Questions about the use cases can be sent to [email protected].

Join the NIST Overlays Securing AI Systems Slack Collaboration to contribute to the development of the overlays for these use cases.

Use Case: Adapting and Using Generative AI – Assistant / Large Language Model (LLM)

Purpose: Generative AI creates new content (e.g., text, images, audio, video) based on user prompts by learning from large datasets and identifying patterns in the datasets.

Use Case: Using and Fine-Tuning Predictive AI

Purpose: Predictive AI uses statistical analytics and machine learning to analyze historical data and predict future outcomes, trends, or behaviors. Examples may include recommendation services, classification services, and business workflow efficiency improvements through automated decision-making (e.g., resume review for hiring, credit underwriting).

Use Case: Using AI Agent Systems (AI Agents) – Single Agent

Purpose: AI agent systems have the capability for autonomous decision-making and taking action to operate with limited human supervision to achieve complex goals. Characteristics of AI agent systems include the ability to understand context, reason, plan, adapt, and execute tasks.

Use Case: Using AI Agent Systems (AI Agents) – Multi-Agent

Purpose: Multi-agent AI systems have the capability for autonomous decision-making and have multiple agents working in concert taking action to operate cooperatively with limited human supervision to achieve complex goals. Characteristics of multi-agent AI systems include the ability to understand context, reason, plan, adapt, coordinate actions, and execute tasks.

Use Case: Security Controls for AI Developers

Purpose: NIST developed an SSDF Community Profile: Secure Software Development Practices for Generative AI and Dual-Use Foundation Models (SP 800-218A), which identifies critical-for-security model artifacts and good practices for securing them. NIST CAISI published Managing Misuse Risk for Dual-Use Foundation Models (Draft AI 800-1) as a resource for AI developers. A mapping from the security controls in SP 800-53 to these artifacts and practices in SP 800-218A and in Draft AI 800-1, resources pending, can benefit the community of AI developers and allow for effective risk management built upon existing organizational practices.