This repository is for the work of the CoSAI Workstream 4, Secure Design Patterns for Agentic Systems. CoSAI is an OASIS Open Project and an open ecosystem of AI and security experts from industry leading organizations dedicated to sharing best practices for secure AI deployment and collaborating on AI security research and product development. For more information on CoSAI, please visit the CoSAI website and the Open Project repository which has information regarding the governance, sponsors and rosters and the project charter.
The goal of this workstream is to research and develop secure design patterns for AI-based agentic systems including updates to AI usage threat models, conceptual high-level secure design pattern(s), impacts to secure infrastructure design, and other agent integration and use based needs. Further information can be found here.
CoSAI Principles for Secure-by-Design Agentic Systems
- Ian Molloy (IBM)
- Sarah Novotny
- Alex Polyakov (Adversa)
- Raghuram Yeluri (Intel)
Check out our onboarding guidance for new participants and please see the CoSAI Contributing policy for more details.
For issues or features, please use Github issues. You can also join the workstream mailing list by posting an empty email to [cosai-agentic-systems-ws@lists.oasis-open-projects.org](mailto: cosai-agentic-systems-ws@lists.oasis-open-projects.org). You can read the mailing list archive here.
You can also join us on Slack via this link and introduce yourself in the #ws4-secure-design-agentic-systems channel.
CoSAI and the CoSAI workstream operates under the terms of the Open Project Rules, the CoSAI Governance and Workstream Governance, as well as the following the licenses:
- CC-BY 4.0 for documentation and data contributions; and
- Apache License v2.0 for source code and models
The applicable license will be determined for each repository, as applicable, at the time of its creation.
