WDTA Releases an International Standard on LLM Security for Supply Chain

On September 6, World Digital Technology Academy (WDTA) released an international standard titled “Large Language Model Security Requirements for Supply Chain” at the 2024 INCLUSION · Conference on the Bund in Shanghai. Experts from leading tech companies and institutions — including the Cloud Security Alliance Greater China Region (CSA GCR), Ant Group, Nanyang Technological University in Singapore, Microsoft, Google, Meta, Tencent Cloud, and Baidu — drafted and reviewed the standard. This marks the first international standard on LLM security for the supply chain, representing a significant step forward in industry collaboration on global AI governance.

Peter Major, Vice Chair of United Nations Commission on Science and Technology for Development and Founding Chairman of the WDTA, noted in the conference.

“International cooperation on AI-related standards has become increasingly crucial as artificial intelligence continues to advance and impact various sectors globally. Achieving trustworthy AI is a global endeavor, demanding the creation of effective governance tools and processes that transcend national borders. Global standardization plays a crucial role in this context, providing a key avenue for promoting alignment on best practice and interoperability of AI governance regimes.

WDTA has established the AI STR working group, with members including Microsoft, Google, Anthropic, Ant Group, Baidu and so on. WDTA introduced the AI Safety, Trust, and Responsibility (AI STR) standards. AI STR Certification program is based on the comprehensive WDT AI ATR series standards, designed to provide global assurance of the safety, reliability, and compliance of AI technologies and applications. As AI technology rapidly evolves, this certification addresses the emerging challenges by ensuring secure and responsible AI deployment.

By working together, these organizations aim to develop comprehensive and consistent standards that support the safe, ethical, and effective deployment of AI technologies worldwide. This international cooperation is essential for managing the risks associated with AI while maximizing its benefits for all societies.”

The standard released today is one of the WDTA’s AI STR standards, which outlines comprehensive measures for managing security risks across the supply chain of large language models. This standard covers the entire lifecycle of these models, from development through deployment, ensuring that each phase is rigorously scrutinized for potential vulnerabilities. By adhering to these guidelines, organizations can effectively protect their AI-driven operations from emerging threats and contribute to a more secure digital ecosystem.

According to Li Yuhang (Yale Li), Executive Chairman of WDTA, Chairman of CSA GCR, global AI governance requires collaborative efforts from countries and organizations to ensure that AI technologies are inclusive and fair. Li emphasizes that the operation of large language models (LLMs) relies on an interconnected global supply chain ecosystem, and significant challenges to supply chain security have emerged during their application. The release of this standard provides a comprehensive framework for ensuring the security of LLMs throughout their entire lifecycle. It addresses security challenges within the supply chain, supports the security and sustainability of AI technology development, and enhances the overall trustworthiness for the industry.

Lars Ruddigkeit, a technology strategist from Microsoft, said in the conference, “The great thing about the WDTA standards is that we really involve experts with various backgrounds from around the world. It’s not only me — someone working at Microsoft — but really people from all over the world contribute. The WDTA standard is not aiming to be the first perfect standard; we are aiming to provide the grounding. We want to establish what is the minimum that must be achieved. There’s a lot of ambiguity and uncertainty currently around large language models and other emerging technologies, which makes it hard for institutions, companies, and governments to decide what would be a meaningful standard. For me, the WDTA supply chain standard tries to bring this first road to a safe future on track.”

WDTA is a new international organization established in Geneva, Switzerland, in April 2023, is committed to becoming a leader in global digital technology innovation. As a non-governmental organization (NGO) operating under the United Nations framework, WDTA upholds the core principle of “Speed, Safety, Sharing” (3S). WDTA’s mission is to expedite the establishment of norms and standards in the digital domain, lead innovation and research in digital technology, foster international collaboration, and stay at the forefront of technological advancements.