Strengthening AI Critical Infrastructure Security with the MIT AI Risk Repository and MITRE ATLAS Frameworks

Abstract

Artificial Intelligence (AI) plays a pivotal role in critical infrastructure sectors such as energy, finance, healthcare, defense, and transportation. These sectors benefit from AI’s advanced capabilities, including predictive analytics, automation, and enhanced decision-making. However, AI integration also introduces significant security risks, such as adversarial attacks, data poisoning, and vulnerabilities within supply chains, potentially leading to system compromise and operational failures. Addressing these challenges requires a structured and proactive risk assessment approach. This study proposes a comprehensive AI security framework leveraging the MIT AI Risk Repository, which consolidates 43 frameworks, 2 taxonomies, and 777 identified risks, and MITRE ATLAS, which documents over 1500 attack vectors against AI systems. A systematic review of AI security research from 2020-2024 was conducted to assess common attack vectors, including deepfake technology, AI system poisoning, and supply chain threats. By mapping AI vulnerabilities to adversarial tactics, this research provides a structured methodology for identifying and mitigating risks. The findings contribute to establishing robust cybersecurity practices, enhancing AI resilience, and guiding policy development for critical infrastructure protection. This study highlights the importance of adopting AI-specific security frameworks to mitigate emerging threats and safeguard AI-driven systems across industries.