RAI Sandbox

Summary: Given that AI is a high-stakes technology, an RAI sandbox can be applied to isolate AI components from non-AI components by running the AI components separately in a safe and isolated environment using virtual machines.

Type of pattern: Product pattern

Type of objective: Trustworthiness

Target users: Architects, developers

Impacted stakeholders: Data scientists

Relevant AI ethics principles: Human-centered values, fairness, privacy protection and security, reliability and safety

Context: Given AI systems are of high stake, it is risky to run the entire system in the same execution environment.

Problem: How can we minimize the interference of an AI component on the rest of the AI system with other AI components and non-AI components?

Solution: The RAI sandbox can be applied to isolate an AI component from other AI components and non-AI components by running the AI component separately in a safe environment [1]—for example, sandboxing the unverified visual perception component so that the AI component can execute without affecting other components and the output of the AI system. As illustrated in Figure 1, an RAI sandbox is an emulated environment with no access to the rest of the AI system. An emulation environment duplicates all the hardware and software functionality of an AI system. Thus, users can run an AI component safely without affecting the operation of other components. Maximal tolerable probability of violating the RAI requirements should be defined as an ethical margin for the sandbox.

Fig.1 RAI sandbox

Benefits:

  • Increased RAI quality: The RAI sandbox enables the potential RAI risks to be detected within an isolated environment.
  • Safety: The RAI sandbox provides a safe environment to test an AI component without affecting the rest of the AI system.

Drawbacks:

  • Applicability: The RAI sandbox might be hard to use for the RAI risks that are not easy to quantify.
  • Performance penalty: Having an emulation environment that duplicates both hardware and software of the AI system causes extra cost on the required resources or compromises performance with the same resources.

Related patterns:

  • AI mode switcher: AI mode switcher could work with RAI sandbox to react to a predicted RAI risk detected by the sandbox.
  • RAI digital twin: RAI digital twin is running in a simulation environment, while RAI sandbox is an emulation environment with both hardware and software.

Known uses:

  • Fastcase AI Sandbox provides a secure platform for the users to upload dataset and do data analysis in a safe environment.
  • AI Sandbox provides an AI execution and RESTful interfaces that could be used by modern programming languages.
  • The Norwegian data protection agency introduces a regulatory sandbox, which establishes a project environment for AI, where private and public companies can get free guidance on personal data protection.

References:

[1] Lavaei, A., et al. Towards trustworthy AI: safe-visor architecture for uncertified controllers in stochastic cyber-physical systems. in Proceedings of the Workshop on Computation-Aware Algorithmic Design for Cyber-Physical Systems. 2021.