Code Large Model Security Specification in China
TapTechNews, June 20. In recent years, code large models have become essential assistants for enterprise R & D personnel in programming, capable of generating, translating, and complementing codes, and helping to locate and fix errors. However, the risks and challenges hidden behind code large models still need to be discussed.
The China Academy of Information and Communications Technology (hereinafter referred to as the "China Academy of ICT"), relying on the Alliance of Industrial Internet of China (AIIA), jointly compiled with nearly 30 units in the industry the Specification on the Requirements and Evaluation Methods for the Security Risk Prevention Capability of Code Large Models (referred to as the "Specification"), focusing on the security capabilities of code large models, starting from the basic functions and evaluating the basic capabilities and security risk prevention capabilities of code large models.
On June 18, 2024, the third seminar of the Specification was successfully held to further improve and revise the Specification content, and it has now been finalized.
TapTechNews attaches some of the participating units hereunder (in no particular order):
China Academy of Information and Communications Technology
Beijing Baidu Netcom Science and Technology Co., Ltd.
Keda Xunfei Co., Ltd.
Ant Technology Group Co., Ltd.
Postal Savings Bank of China
China Minsheng Bank
ChinaBond金科 Information Technology Co., Ltd.
Bank of Communications
Huaxia Bank
Longying Zhida (Beijing) Technology Co., Ltd.
Beijing SenseTime Technology Development Co., Ltd.
Alibaba Cloud Computing Co., Ltd.
Peking University
Xiaomi Mobile Software Co., Ltd.
Vivo Mobile Communication Co., Ltd.
Hisense Video Technology Co., Ltd.
Inspur Software Technology Co., Ltd.
Beijing Yunqi Wuyin Technology Co., Ltd.
Binjiang Research Institute of Zhejiang University
Guangdong Tuspark Software Science Park Co., Ltd.
Zhejiang Yu'an Information Technology Co., Ltd.
Wan Shang Tian Qin (Shanghai) Law Firm
Shenzhen Open Source Internet Security Technology Co., Ltd.
According to the introduction, the purpose of formulating the Specification is to comprehensively assess the ability of code large models in terms of security risk prevention, and through analysis and testing to ensure the safety performance of the model at all key links.
This evaluation of the Specification not only includes the core functions of code large models but also covers many subdivided fields related to it, such as data sets, algorithms, models, networks, and services.
Based on the evaluation results, the Specification will determine the security capability level of the code large model, providing guidance for the further optimization and security reinforcement of the model, and at the same time providing a basis for users to select from the perspective of security.
At present, the China Academy of ICT has officially launched the first round of the pilot evaluation work on the security risk prevention capability of code large models , and the application will close by the end of August, and the evaluation results are expected to be released by the end of the year.