Carnegie Mellon University
Browse

The Essential Role of AISIRT in Flaw and Vulnerability Management

Download (116.35 kB)
online resource
posted on 2025-03-29, 01:12 authored by Lauren McIlvennyLauren McIlvenny, Vijay SarvepalliVijay Sarvepalli

The rapid expansion of artificial intelligence (AI) in 2023 introduced a new wave of security challenges. In response, the Carnegie Mellon University Software Engineering Institute's CERT Division established the first Artificial Intelligence Security Incident Response Team (AISIRT) in November 2023. AISIRT was created to identify, analyze, and respond to AI-related incidents, flaws, and vulnerabilities—particularly in systems critical to defense and national security. We recently collaborated with 33 experts across academia, industry, and government to emphasize the pressing need for better coordination in managing AI flaws and vulnerabilities. In this blog post, we provide background on AISIRT and what we have been doing over the last year, specifically in regard to coordination of flaws and vulnerabilities in AI systems.

History

Publisher Statement

NO WARRANTY. THIS CARNEGIE MELLON UNIVERSITY AND SOFTWARE ENGINEERING INSTITUTE MATERIAL IS FURNISHED ON AN "AS-IS" BASIS. CARNEGIE MELLON UNIVERSITY MAKES NO WARRANTIES OF ANY KIND, EITHER EXPRESSED OR IMPLIED, AS TO ANY MATTER INCLUDING, BUT NOT LIMITED TO, WARRANTY OF FITNESS FOR PURPOSE OR MERCHANTABILITY, EXCLUSIVITY, OR RESULTS OBTAINED FROM USE OF THE MATERIAL. CARNEGIE MELLON UNIVERSITY DOES NOT MAKE ANY WARRANTY OF ANY KIND WITH RESPECT TO FREEDOM FROM PATENT, TRADEMARK, OR COPYRIGHT INFRINGEMENT. [DISTRIBUTION STATEMENT A] This material has been approved for public release and unlimited distribution. Please see Copyright notice for non-US Government use and distribution.

Copyright Statement

Copyright 2025 Carnegie Mellon University.

Usage metrics

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC