AI development is currently in a phase that can be compared to the early days of open-source software. Just like open-source projects, AI models are being built on top of each other, incorporating different elements from various sources. However, this approach raises concerns regarding visibility and security. How can developers be sure that the foundational components of pre-built models are trustworthy, secure, and dependable?
Addressing these challenges, Endor Labs, a software supply chain security company, has introduced a new platform called Endor Labs Scores for AI Models. This platform evaluates over 900,000 open-source AI models available on Hugging Face, a popular AI hub, using 50 predefined metrics. These metrics assess models based on security, activity, quality, and popularity, providing developers with insights into the reliability and safety of the models.
George Apostolopoulos, a founding engineer at Endor Labs, highlighted the complexities of security in AI models, emphasizing the risks associated with downloading binary code from the internet. With numerous vulnerabilities such as malicious code injection and compromised user credentials, ensuring the security of AI models is crucial.
Endor Labs’ platform categorizes models on Hugging Face, offering information on their popularity, security status, creation date, and recent updates. By leveraging data from Hugging Face and existing literature on cyber attacks, the platform aims to provide developers with a comprehensive view of model security.
Looking ahead, Endor Labs plans to expand its platform to other AI hubs beyond Hugging Face and include additional factors in the scoring process as more data is collected. Apostolopoulos emphasized the importance of governance in AI as its deployment becomes more widespread, underscoring the need for transparency and security in the development process.
Drawing parallels between AI development and open-source software, Apostolopoulos noted the similarities in the risks posed by dependencies in both domains. AI models often rely on open-source components, creating a complex dependency graph that can be challenging to manage and secure. The lack of transparency in model weights and the difficulty in verifying a model’s trustworthiness are key concerns for developers.
In addition to security challenges, licensing issues present another obstacle for organizations using AI models. Understanding the intellectual property rights and licensing terms associated with AI models and the datasets they are trained on is essential to avoid legal complications.
Apostolopoulos highlighted the unique characteristics of Large Language Models (LLMs) compared to traditional open-source dependencies, noting their complexity and static nature. Evaluating LLMs requires a deeper understanding due to their binary data structure and the challenges associated with updating and maintaining these models.
In conclusion, while AI development follows a similar path to open-source software, it introduces additional complexities that require careful consideration of security, licensing, and transparency. Endor Labs’ platform aims to address these challenges by providing developers with a comprehensive evaluation of AI models, enabling them to make informed decisions when selecting and using pre-built models.
