Google's Secure AI Framework
(SAIF)

The potential of AI, especially generative AI, is immense. As innovation moves forward, the industry needs security standards for building and deploying AI responsibly. That’s why we introduced the Secure AI Framework (SAIF), a conceptual framework to secure AI systems.

SAIF Elements Enabling a safer ecosystem Common Questions
Six core elements of SAIF

SAIF is designed to address top-of-mind concerns for security professionals, such as AI/ML model risk management, security, and privacy — helping to ensure that when AI models are implemented, they are secure-by-default.

Expand strong security foundations to the AI ecosystem
Extend detection and response to bring AI into an organization’s threat universe
Automate defenses to keep pace with existing and new threats
Harmonize platform level controls to ensure consistent security across the organization
Adapt controls to adjust mitigations and create faster feedback loops for AI deployment
Contextualize AI system risks in surrounding business processes
Download PDF
Enabling a safer
ecosystem

We’re excited to share the first steps in our journey to build a SAIF ecosystem across governments, businesses and organizations to advance a framework for secure AI deployment that works for all.

Introducing SAIF.Google: Secure AI starts here

SAIF.Google is a new resource hub to help security professionals navigate the evolving landscape of AI security. It provides a collection of AI security risks and controls, including a 'Risk Self-Assessment Report’ to guide practitioners in understanding risks that could affect them and how to implement SAIF in their organizations. These resources will help address the critical need to build and deploy secure AI systems in a rapidly evolving world of AI.

Get started

Coalition for Secure AI: Expanding SAIF with industry allies

We are advancing this work and fostering industry support by forming the ‘Coalition for Secure AI (CoSAI)’, with founding members like Anthropic, Amazon, Cisco, Cohere, Chainguard, GenLab, Google, IBM, Intel, Microsoft, NVIDIA, OpenAI, Paypal, and Wiz, to address critical challenges in implementing secure AI systems.

Bringing SAIF to governments and organizations

We collaborate with governments and organizations to help mitigate AI security risks. Our work with policymakers and standards organizations, such as NIST, contributes to evolving regulatory frameworks. We recently highlighted SAIF's role in securing AI systems, aligning with White House AI commitments.

Additional Resources
  • Enhancing AI Security: Google's AI Red Team

    Explore how Google's AI Red Team, armed with cutting-edge tactics, enhances security for AI systems. Discover key insights and lessons in our latest report.

    Learn more
  • Securing AI Systems with Mandiant

    Mandiant urges proactive security integration in AI systems, aligning with SAIF for robust protection.

    Learn more
  • Android: Secure Development Guidelines

    Secure your organization with Android’s real-time vulnerability alerts and follow secure development guidelines for ML code.

    Learn more
  • Securing AI with Google Cloud

    Google Cloud offers a curated set of resources focusing on cybersecurity, deployment of AI systems, risk governance, and secure transformation, essential for boards of directors.

    Learn more
  • Securing the AI Software Supply Chain

    This whitepaper addresses securing the AI supply chain using provenance information, outlines traditional and AI software risks, and offers practical solutions for organizations.

    Learn more
Common Questions about SAIF

How are SAIF and Responsible AI related?

Google has an imperative to build AI responsibly, and to empower others to do the same. Our AI Principles, published in 2018, describe our commitment to developing technology responsibly and in a manner that is built for safety, enables accountability, and upholds high standards of scientific excellence. Responsible AI is our overarching approach that has several dimensions such as ‘Fairness’, ‘Interpretability’, ‘Security’, and ‘Privacy’ that guide all of Google’s AI product development.

SAIF is our framework for creating a standardized and holistic approach to integrating security and privacy measures into ML-powered applications. It is aligned with the ‘Security’ and ‘Privacy’ dimensions of building AI responsibly. SAIF ensures that ML-powered applications are developed in a responsible manner, taking into account the evolving threat landscape and user expectations.

How is Google putting SAIF into action?

Google has a long history of driving responsible AI and cybersecurity development, and we have been mapping security best practices to new AI innovation for many years. Our Secure AI Framework is distilled from the body of experience and best practices we’ve developed and implemented, and reflects Google’s approach to building ML and gen AI powered apps, with responsive, sustainable, and scalable protections for security and privacy. We will continue to evolve and build SAIF to address new risks, changing landscapes, and advancements in AI.

How can practitioners implement the framework?

See our quick guide to implementing the SAIF framework:

  • Step 1 - Understand the use
    • Understanding the specific business problem AI will solve and the data needed to train the model, will help drive the policy, protocols, and controls that need to be implemented as part of SAIF.
  • Step 2 - Assemble the team
    • Developing and deploying AI systems, just like traditional systems, are multidisciplinary efforts.
    • AI systems are often complex and opaque, have a large number of moving parts, rely on large amounts of data, are resource intensive, can be used to apply judgment-based decisions, and can generate novel content that may be offensive, harmful, or can perpetuate stereotypes and social biases.
    • Establish the right cross-functional team to ensure that security, privacy, risk and compliance considerations are included from the start.
  • Step 3 - Level set with an AI primer
    • As teams embark on evaluating the business use, the various and evolving complexities, risks, and security controls that apply - it is critical that parties involved understand the basics of the AI model development lifecycle, the design and logic of the model methodologies, including capabilities, merits and limitations.
  • Step 4 - Apply the six core elements of SAIF (listed above)
    • These elements are not intended to be applied in chronological order.

Where can I find more information about SAIF and how to apply it to my business or entity?

Stay tuned! Google will continue to build and share Secure AI Framework resources, guidance, and tools, along with other best practices in AI application development.

Why we support a secure AI community for everyone

As one of the first companies to articulate Al principles, we've set the standard for responsible Al. It guides our product development for safety. We’ve advocated for, and developed, industry frameworks to raise the security bar and learnt that building a community to advance the work is essential to succeed in the long term. That’s why we’re excited to build a SAIF community for all.

Cybersecurity

Learn how we keep more people safe online than anyone else in the world.

Learn more