Page 271 - Cyber Defense eMagazine RSAC Special Edition 2025
P. 271

Defense Tech Perspective

            For defense tech developers these questions are mission-critical. In today’s environment of persistent
            cyber threats and compromised digital infrastructure, engineers aren’t just building software. They are
            building real weapons to be used on a real battlefield. The Preliminary Assessment from the Center for
            Strategic & International Studies (CSIS) shows that 96% of the U.S. civil and military codebases are built
            using open-source software. And it’s no different with general product development in the IT industry
            worldwide.



            3 Starting Points for Open-Source AI in Defense Tech:

               1.  Open-source AI is still an open-source software


            It means it’s fully open like open-source software in general. Open foundation models provide public
            access  to  their  architecture,  allowing  individuals  and  businesses  to  review,  modify,  and  utilize  them
            according to their licensing terms.

            This openness fosters community which meticulously examines model weights, training data, and the
            inference code – all this simplifies maintenance and significantly lowers costs for business. The open
            foundation models can also be customized and incorporated into proprietary solutions.

               2.  Security & Legal Frameworks for open-source AI are still emerging

            While  security  and  legal  approaches  for  traditional  open-source  software  are  well-established,  the
            frameworks for open-source AI are only beginning to take shape.

            And  this  is  not  about  AI  regulations.  It  stems  from  securing  the  core  –  the  source  code  and  its
            components, ways to interfere with and compromise them when embedded into proprietary products.
            The main question each engineer who works with open foundation models should ask themselves is,
            “What is inside? Is it secure?”

               3.  Defense Tech is built using open-source software and is now beginning to integrate open-
                   source AI

            With the rising popularity of open-source AI, the defense tech is standing at the intersection of cutting-
            edge innovation, cybersecurity, and heavily regulated governmental procurements. While it’s crucial for
            all components to be transparent and open for state bodies as the end users, it must be balanced with
            uncompromising  safety  standards.  This raises  critical  security  considerations  as  the  open-source  AI
            safety approaches are more complicated to develop.



            Open-Source Safety Initiatives: Applying Best Practices to Open-Source AI

            During the last few years (2023-2024) there were multiple attempts from the U.S. information and security
            state agencies to gather feedback from the IT industry players and open-source community on their
            suggestions regarding open-source safety measures.





                                                                                                            271
   266   267   268   269   270   271   272   273   274   275   276