A New Way (Undiscovered) to Evaluate, Certify and Maintain Products in the Age of Artificial Intelligence (C31a)
In recent years, manufacturers are increasingly adopting Artificial Intelligence systems in the essential phases of the Development Life Cycle, creating increasingly complex products that are difficult to understand and analyze by human evaluators with the resources available in a canonical Common Criteria evaluation process. On the other hand, the canonical vulnerability handling performing a patch to the product is less effective since the attackers also use AI to perform patch analysis comparing a vulnerable version of a binary with a patched one in a short time (minutes) in order to discover new vulnerabilities. This talk will attempt to identify potential risks to be aware of in the canonical cybersecurity certification sector in the age of Artificial Intelligence.