Deployable Autonomous AI Agent

The outcome must contribute to:

• a stronger, more competitive and technologically independent European Defence Technological and Industrial Base (EDTIB) when it comes to solutions for next generation cyber defence capabilities;
• enhanced security for the EU, its Member States and EDF associated countries (Norway) by ensuring capable defence measures against AI-based cyber attacks;
• alleviating human resource availability problems;
• advanced preparedness to counter emerging threats for critical infrastructure providers and to enhance military mobility.

Artificial intelligence (AI) begins to transform cybersecurity. Recent advances in machine learning (ML) techniques could enable ground-breaking capabilities in the future, including defences that automatically interdict attackers and reshape networks to mitigate offensive operations. ML combined with AI could shape cyber operations in ways that drive more aggressive and destabilising engagements between state actors. Therefore, it is valuable to anticipate how adversaries might adapt their tactics and strategies, and to determine what challenges might emerge for defenders.

The field of AI is at a critical crossroad. Globalisation and industrialisation of AI is intensifying, while the ethical and regulatory issues of these technologies are multiplied. AI has moved from an emerging technology to a mature technology, which is no longer dealing with a speculative part of scientific research, but instead something that has real-world impact, both positive and negative. The importance of AI in cyber operations has been noticed by many nations. AI is a strategic technology that could prove incredibly consequential for the competitiveness of the EU, its Member States and EDF associated countries (Norway).

Specific objective

Today’s conversations on AI in military affairs concentrate on various variants of “narrow” artificial intelligence. Current discussions on AI often primarily concentrate on ML, which is the process of using algorithms to learn from data. Much of the most exciting progress in recent years has leveraged deep learning, a technique that involves the use of layers of artificial neural networks, which are inspired by the structure of the human brain.

At a basic level, AI involves software that leverages data for learning but also requires hardware to harness the power of significant computing capabilities to enable that process. It is inherently challenging to define what AI is or can achieve when the field is so dynamic and evolving so rapidly. For the time being, AI/ML techniques are often limited by the availability of data, although this may change with advances in the use of synthetic data, real-life cyber exercises, data lakes and techniques that leverage reinforcement learning, such as the capability to learn from self-play alone.

The main challenge of this topic is to establish an investigative approach on an area of autonomous deployable AI creation, with the intention to broaden artificial intelligence perspective in cyber defence in the EU.

The proposals must focus on the development of an autonomous and adaptive deployable AI agent. All proposed activities must ultimately support the creation of an AI agent that is able to conduct automated and semi-automated incident management on different cyber defence systems for the entire process of the incident management cycle. The solutions must support human operators, analysts and decision-makers at technical, tactical, operational, strategic and political level. In addition, solutions are expected to contribute to enhanced cyber situational awareness, increased military infrastructure resilience and improved protection against AI-based and other advanced cyber threats.

The work should identify gaps for achieving an autonomous AI agent for military systems. The final result should build on a general-purpose AI agent that can be deployed in different operating environments.

The work should also address the gap of learning data sets through the use of live-fire exercises, data lake concepts and self-learning algorithms. Access to the data sets should be planned in a decentralised way to allow the solution to be deployable. This implies, that new architectures and solutions should be considered in achieving decentralisation, utilising and enhancing for example AI-powered edge computing.

The assessment of the proposed solution must be evaluated during live-fire exercises with a method allowing comparison of the developed AI agent against actual defending teams. This means using learning data from different exercises, but also data feeds from the exercise itself, where the AI agent is competing.

Types of activities

The following table lists the types of activities which are eligible for this topic, and whether they are mandatory or optional (see Article 10(3) EDF Regulation):

The proposals must cover at least the following tasks as part of the mandatory activities:

• Studies:
  • the proposed activities must include feasibility studies drawing upon real-world scenarios and live-fire exercises in order to ensure that developed solution and techniques are fit-for-purpose.
• Design:
  • the proposed solutions must include creation of AI-based techniques for detecting and understanding adversarial activity;
  • the proposed solution must include creation of AI-based techniques for building knowledge about own protected ICT systems (e.g. a “cyber record” with current and historical information). This must include collecting, linking and fusing different kinds of information about the system hardware, software, and the relationship between them. Previously used analysis should enhance the more generalised AI solution.
• System prototyping:
  • the proposed solutions must demonstrate the creation of AI-based information collection and storage systems that dynamically adapts its collection and storage strategy to the situation as continuously analysed and perceived by the system;
  • the proposed solutions must be able to conduct automated and semi-automated incident management on different cyber defence systems for the entire process of the incident management cycle.
• Testing:
  • the proposed solutions must be tested in a live fire-exercise against real defenders.

In addition, the proposals should cover the following tasks:

• Studies:
  • the proposals should reuse previously created reference systems or develop new ones and appropriate test cases to generate training data and evaluate the efficacy of different solutions, both with and without human operators interacting with the system.
• Design:
  • the proposed solutions should include creation of AI-based techniques for detecting and understanding adversarial activity tasks on:
    • analysing and triaging alarms, conducting forensics, utilising external information with varying levels of trust (e.g. threat intelligence);
    • leveraging behavioural analytics, performing kill-chain detection and analysis, assessing potential attacker intentions;
    • monitoring applications and communication activities, analysing malware;
  • the techniques should be intended for both real-time and non-real-time detection and analysis, involve multi-disciplinary approaches, use data from endpoints, networks and the cloud, and leverage distributed computing and data processing for real-time scalability;
  • the creation of AI-based techniques for building knowledge about own protected ICT systems (e.g. a “cyber record” with current and historical information) should utilise previously used analysis to enhance the more generalised AI solution;
  • AI agent architecture should consider decentralised data sets with new state-of-the-art hardware;
  • the proposals should include functional modules for mapping threat actors based on common frameworks like MITRE and RICHDATA.

The proposals must also substantiate synergies and complementarity with activities described in the call topicsEDIDP-AI-2020, EDF-2021-CYBER-R-CDAI, and with other relevant EU ongoing activities.

The proposals must give due consideration to design principles and implement a specific ethics-focused approach during the development, deployment and/or use of AI-based solutions, e.g. by the Assessment List for Trustworthy AI (ALTAI), in order to develop procedures to detect and assess the level of potential ethical risks and address them.

Moreover:

• projects addressing activities referred to in point (d) above must be based on harmonised defence capability requirements jointly agreed by at least two Member States or EDF associated countries (or, if studies within the meaning of point (c) are still needed to define the requirements, at least on the joint intent to agree on them)
• projects addressing activities referred to in points (e) to (h) above, must be:
  • supported by at least two Member States or EDF associated countries that intend to procure the final product or use the technology in a coordinated manner, including through joint procurement

and

• • based on common technical specifications jointly agreed by the Member States or EDF associated countries that are to co-finance the action or that intend to jointly procure the final product or to jointly use the technology (or, if design within the meaning of point (d) is still needed to define the specifications, at least on the joint intent to agree on them).

Functional requirements

The proposals must be supported by a set of capability requirements as agreed by a group of Member States or EDF associated countries (Norway). The proposals must give evidence of coherence between the proposed activities and the requirements by the Member States and EDF associated countries (Norway).

In addition, the intended final outcome should at least:

• be able to work autonomously in the deployed environment, but also allow manual interruption and reasoning of the decision process;
• be able to create AI-based information;
• be able to collect and store needed information in dynamic big data and data lake concepts in a decentralised manner;
• be deployable and it should be possible to deploy the solution in different environments with all needed components;
• Use CTI (Cyber Threat Intelligence) and technical information exchange platforms (such as MISP, HIVE) in order to enrich data sets and information of ongoing cyber activities.
• include an architecture that is open, modular, scalable, resilient and highly available.