Security and Safety for Shared Artificial Intelligence

Initial situation

S3AI will lay the foundations for building secure collaborative artificial intelligence systems: Methods to ensure privacy, protection against hostile attacks and guarantees for the intended performance of the system.

Objectives and envisaged technological developments

The approach is based on methods of transfer learning and algebraic geometry using geometric structures in the input space induced by deep learning models. As a result we expect theoretical frameworks and analysis tools at the interface of mathematics, deep learning and information security regarding

  • new DNN architectures and related privacy learning strategies,
  • new defence strategies against enemy attacks and
  • new methods for assessing trustworthiness.

Brief description

A paradigm shift in artificial intelligence (AI) is currently emerging to support the reusability of deep machine learning artifacts and to build powerful collaborative AI ecosystems. This development marks the innovative shift from data sharing to sharing the hidden distributed representation in deep learning models. This development has multiple implications for the usability of AI applications and business models based on them, especially with respect to reducing development costs by reusing pre-built models and saving data collection efforts.

The even more far-reaching effect, however, results from the opening up of as yet untapped possibilities for machine learning from data across company boundaries. These opportunities include overcoming limitations in the availability of annotated data for high quality, customized services, or opening up new innovative ways for collaborative, AI-based business models between players in an emerging data market.

On the other hand, this emerging technology poses new challenges, especially in the area of security. As central scientific and technical challenges, S3AI concentrates on methods for the protection of privacy, for the protection against hostile attacks by manipulation of input data (integrity) and for the assessment (trust), whether or to what extent the AI system realizes the desired behavior.

S3AI follows a "security by design" approach according to the principle that these security aspects must already be considered in the model architecture. We will develop novel model architectures based on distributed Deep Transfer Learning, using mathematical concepts from algebraic geometry and regularization. In this context S3AI deals with the following aspects:

  • Variants of information security: Degree of privacy protection and related information security requirements;
  • Variants of information sharing: data sharing (no model), representation sharing (partial model) and model sharing (full model);
  • Variants of initial situations and learning conditions such as domain adaptation, multi-task learning, multi-view learning (information fusion);
  • different classes of models and applications for deep learning.

Within S3AI the Software Competence Center Hagenberg (SCCH) will cooperate with renowned national and international scientific partners. The consortium will be complemented by corporate partners from different industries (manufacturing, mobility, automation, data analysis, tool providers, ...), which underlines the high industrial interest and relevance of the topics covered in S3AI.

Project partner

Scientific partner

  • Radon Institute of Computational and Applied Mathematics (RICAM) of Austrian Academy of Sciences
  • Research Institute for Symbolic Computation (RISC) at JKU (Linz)
  • Institute for Machine Learning at JKU (Linz)
  • Pattern Recognition and Applications Lab of University of Cagliari (Italien)
  • Dept. Elektrotechniek-ESAT/COSIC of the University of Leuven (Belgien) Internationale

Company partner

  • kpibench GmbH
  • KTM
  • AVI Systems GmbH
  • PKE Holding AG
  • TissueGnostics GmbH

Duration of the project

01.01.2020 - 31.12.2023

Funding authority

The project is funded within the framework of COMET, program line "modules".


Bernhard A. Moser

Moser Bernhard A.

Research Director
Phone: +43 50 343 833

Volkmar Wieser

Wieser Volkmar

Researcher Knowledge-Based Vision Systems
Phone: +43 50 343 844

Werner Zellinger

Zellinger Werner

Researcher Knowledge-Based Vision Systems
Phone: +43 50 343 867