OpenAI正通过引入更强大的AI技术来提升其人工智能模型的安全性和可靠性。他们采用“红队”测试方法，通过人工和AI参与者共同探索潜在风险和漏洞。OpenAI发布了两份重要文件，详细介绍了外部参与策略和自动化红队测试的新方法。这种方法旨在通过识别模型错误并训练模型以更安全的方式运作，来提升AI系统的安全性，并确保其符合社会价值观和期望。此外，文章还探讨了自动化红队测试的优势和局限性，以及如何管理潜在的信息风险。

🤔 **红队测试：OpenAI的安全保障关键**：OpenAI利用“红队”测试，通过人工和AI参与者探索新系统中潜在的风险和漏洞，以确保AI模型的安全性和可靠性，例如DALL·E 2图像生成模型的早期测试就采用了这种方法。

🤝 **外部专家参与：提升测试全面性**：OpenAI鼓励外部专家参与红队测试，例如自然科学、网络安全和地区政治等领域的专家，以确保评估覆盖必要的广度，并提供更全面的风险评估。

🤖 **自动化红队测试：提升效率和规模**：OpenAI正在探索自动化红队测试，通过AI生成各种场景（如非法建议），并训练红队模型进行评估，以更有效地识别模型错误和潜在风险，并鼓励更全面、多样的安全评估。

⚠️ **风险管理：信息风险与模型演进**：红队测试也存在局限性，例如只能捕捉特定时间点的风险，且可能产生信息风险，因此需要严格的协议和负责任的披露来管理这些风险，并确保AI技术与社会价值观和期望相一致。

A critical part of OpenAI’s safeguarding process is “red teaming” — a structured methodology using both human and AI participants to explore potential risks and vulnerabilities in new systems.

Historically, OpenAI has engaged in red teaming efforts predominantly through manual testing, which involves individuals probing for weaknesses. This was notably employed during the testing of their DALL·E 2 image generation model in early 2022, where external experts were invited to identify potential risks. Since then, OpenAI has expanded and refined its methodologies, incorporating automated and mixed approaches for a more comprehensive risk assessment.

“We are optimistic that we can use more powerful AI to scale the discovery of model mistakes,” OpenAI stated. This optimism is rooted in the idea that automated processes can help evaluate models and train them to be safer by recognising patterns and errors on a larger scale.

In their latest push for advancement, OpenAI is sharing two important documents on red teaming — a white paper detailing external engagement strategies and a research study introducing a novel method for automated red teaming. These contributions aim to strengthen the process and outcomes of red teaming, ultimately leading to safer and more responsible AI implementations.

As AI continues to evolve, understanding user experiences and identifying risks such as abuse and misuse are crucial for researchers and developers. Red teaming provides a proactive method for evaluating these risks, especially when supplemented by insights from a range of independent external experts. This approach not only helps establish benchmarks but also facilitates the enhancement of safety evaluations over time.

The human touch

OpenAI has shared four fundamental steps in their white paper, “OpenAI’s Approach to External Red Teaming for AI Models and Systems,” to design effective red teaming campaigns:

Composition of red teams: The selection of team members is based on the objectives of the campaign. This often involves individuals with diverse perspectives, such as expertise in natural sciences, cybersecurity, and regional politics, ensuring assessments cover the necessary breadth.

Access to model versions: Clarifying which versions of a model red teamers will access can influence the outcomes. Early-stage models may reveal inherent risks, while more developed versions can help identify gaps in planned safety mitigations.

Guidance and documentation: Effective interactions during campaigns rely on clear instructions, suitable interfaces, and structured documentation. This involves describing the models, existing safeguards, testing interfaces, and guidelines for recording results.

Data synthesis and evaluation: Post-campaign, the data is assessed to determine if examples align with existing policies or require new behavioural modifications. The assessed data then informs repeatable evaluations for future updates.

A recent application of this methodology involved preparing the OpenAI o1 family of models for public use—testing their resistance to potential misuse and evaluating their application across various fields such as real-world attack planning, natural sciences, and AI research.

Automated red teaming

Automated red teaming seeks to identify instances where AI may fail, particularly regarding safety-related issues. This method excels at scale, generating numerous examples of potential errors quickly. However, traditional automated approaches have struggled with producing diverse, successful attack strategies.

OpenAI’s research introduces “Diverse And Effective Red Teaming With Auto-Generated Rewards And Multi-Step Reinforcement Learning,” a method which encourages greater diversity in attack strategies while maintaining effectiveness.

This method involves using AI to generate different scenarios, such as illicit advice, and training red teaming models to evaluate these scenarios critically. The process rewards diversity and efficacy, promoting more varied and comprehensive safety evaluations.

Despite its benefits, red teaming does have limitations. It captures risks at a specific point in time, which may evolve as AI models develop. Additionally, the red teaming process can inadvertently create information hazards, potentially alerting malicious actors to vulnerabilities not yet widely known. Managing these risks requires stringent protocols and responsible disclosures.

While red teaming continues to be pivotal in risk discovery and evaluation, OpenAI acknowledges the necessity of incorporating broader public perspectives on AI’s ideal behaviours and policies to ensure the technology aligns with societal values and expectations.

See also: EU introduces draft regulatory guidance for AI models

Want to learn more about AI and big data from industry leaders? Check out AI & Big Data Expo taking place in Amsterdam, California, and London. The comprehensive event is co-located with other leading events including Intelligent Automation Conference, BlockX, Digital Transformation Week, and Cyber Security & Cloud Expo.

Explore other upcoming enterprise technology events and webinars powered by TechForge here.

The post OpenAI enhances AI safety with new red teaming methods appeared first on AI News.