How AI systems can fail and how to protect them

- [Narrator] Artificial intelligence, Agentic AI, and machine learning are transforming our world. They're involved in so many things we do. Everything from helping to keep our crops watered properly to ensure that our food supply chain is working as expected so that dinner can get on our tables. It's also helping to keep us healthy by ensuring that doctors can find early stage disease. This is really important work, and that's why it's even more important that we build these systems as securely, reliably, and resiliently as possible to ensure that these technologies can accomplish their functions safely for all of us. This course explains how and why artificial intelligence and machine learning can fail. We explain why some failures are unintentional, like the self-driving car that can't see road signs during a blizzard, and others are intentional, like an attacker prompting a language model to leak private training data. For reference, we will use the framework published in the joint paper from Microsoft and Harvard University titled "Failure Modes in Machine Learning Systems" to illustrate how and why AI doesn't always do what we expect. Once you have a solid foundation and understanding of why these systems fail and the consequences of that failure, we'll wrap up with a module that summarizes some of the most effective ways to build AI solutions that are resilient and failure resistant. There are four main concerns when approaching AI security, why we need protection, targeted failure, accidental failure, and mitigation. First, we'll look at why it's so important to protect AI. It's no secret the system failure and disruption can result in cascading societal impacts from a lock on 9-1-1 call systems to interruption of the gasoline supply chain on the East Coast. Building a secure system requires a deep understanding of why and how those systems can fail. So, in the second section, we'll take a look at failure modes that occur when an attacker attempts to disrupt system function on purpose. Of course, not all failures are intentional or on purpose. So in our third section, we review the ways that AI can fail when not under attack due to issues like incomplete training. When builders and security professionals know what can go wrong, they're armed with the knowledge needed to create, train, and test failure-resistant AI. We wrap the course with details and guidance on how to build security and resilience into AI systems. While there are no absolutes in life, the approaches outlined in the final section provide mitigation guidance for builders and buyers alike. Each section is designed to be viewed as a standalone unit. However, if you don't already have a robust understanding of what can go wrong with AI systems, we strongly recommend that you review the sections on failure before watching the one on mitigation. The better you understand why and how these systems can fail, the more prepared you'll be to build protections and controls into your AI.