ETSI Technical Specification sets international benchmark for securing Artificial Intelligence

Sophia Antipolis, France, 23 April 2025

Today, ETSI unveils its latest technical specification which sets a benchmark for securing Artificial Intelligence (AI) systems against the backdrop of rising cybersecurity threats.

'ETSI TS 104 223 - Securing Artificial Intelligence (SAI); Baseline Cyber Security Requirements for AI Models and Systems' new specification offers reliable and implementable cybersecurity guidance that delivers protection for end users. Taking a whole lifecycle approach, a set of 13 core principles, expanding to a total of 72 trackable principles, have been defined across 5 lifecycle phases to raise the security level of all AI systems.

The specification details transparent, high-level principles and provisions for securing AI. It provides stakeholders in the AI supply chain—from developers and vendors to integrators and operators—with a robust set of baseline security requirements, helping to protect AI systems from evolving cyber threats.

AI presents unique challenges compared to traditional software, including risks such as data poisoning, model obfuscation, indirect prompt injection, and vulnerabilities tied to complex data management. In taking these differences into account, ETSI TS 104 223 offers targeted guidance that integrates established practises in cybersecurity and AI with novel approaches.

The specification was developed by the ETSI Technical Committee (TC) on Securing Artificial Intelligence (SAI), which includes representatives from international organisations, government bodies, and cybersecurity experts. This cross-disciplinary collaboration ensures that the requirements are both globally relevant and practically implementable.

In addition to the primary specification document, ETSI will also publish a practical implementation guide for Small Medium Enterprises (SMEs) and other stakeholders. This guide will include case studies across a variety of deployment environments to assist organisations in applying the security requirements effectively.

"In an era where cyber threats are growing in both volume and sophistication and negatively impacting organizations of every kind, it is vital that the design, development, deployment, and operation and maintenance of AI models is protected from malicious and unwanted inference,” said Scott Cadzow, Chair of ETSI's Technical Committee for Securing Artificial Intelligence. “Security must be a core requirement, not just in the development phase, but throughout the lifecycle of the system. This new specification will help do just that—not only in Europe, but around the world. This publication is a global first in setting a clear baseline for securing AI and sets TC SAI on the path to giving trust in the security of AI for all its stakeholders".

About ETSI

ETSI provides members with an open and inclusive environment to support the timely development, ratification and testing of globally applicable standards for ICT‑enabled systems, applications and services across all sectors of industry and society. We are a not-for-profit body with more than 900 member organizations worldwide, drawn from 62 countries and five continents. Members comprise a diversified pool of large and small private companies, research entities, academia, government and public organizations. ETSI is one of only three bodies officially recognized by the EU as a European Standards Organization (ESO).

Contact
Email: Press@etsi.org

We use cookies or similar technologies to collect data about your use of this website and to improve your experience when using it. To find out how to disable our cookies, please visit our Privacy Policy.
I accept cookies from this site. Accept