Machine Learning ( ML ) has established itself a widely adopted technique that complements and even supersedes traditional software engineering and development in the industrial context 1 . ML has been applied in countless industrial scenarios 2 , such as design and manufacturing optimization , predictive maintenance , or material sourcing optimization . ML can even be used to improve cybersecurity in the IoT context 3 . At the same time , using ML also introduces new attack vectors into IoT and IIoT devices . Due to the highly data-driven nature of ML , specific care must be taken to implement a secure ML lifecycle , aligned with the organization ’ s secure software development lifecycle .
The purpose of this document is to draw attention to the fact that ML activities need to be defined in a structured and secure process and couched in a supporting organizational structure . This can differ from standard secure software development and supply chains , as a result of ML ’ s highly data-driven nature .
This document surveys existing recommendations and approaches to implementing a secure ML lifecycle . An analysis of ML lifecycle models is provided alongside known attacks and countermeasures for each of the lifecycle steps , including specific cases of adversarial attacks . We also provide a discussion of the stakeholders involved in the ML process chain . Specific focus is placed on the protection of training data and trained models , both from a data integrity and a commercial ( licensing , IP ) perspective . Our intention is not to produce an exhaustive list of all possible attacks , but rather a realistic lifecycle model , identify the stakeholders involved , and present selected attacks and appropriate countermeasures . This should allow decision makers to apply our observations to their organizational context .
1
Yanming Yang , Xin Xia , David Lo , and John Grundy . 2021 . A Survey on Deep Learning for Software Engineering . ACM Comput . Surv ., December 2021 . DOI :
https :// doi . org / 10.1145 / 3505243
2
Massimo Bertolini , Davide Mezzogori , Mattia Neroni , Francesco Zammori : Machine Learning for industrial applications : A comprehensive literature review . Expert Syst . Appl . 175 : 114820 ( 2021 ).
3
38 March 2022