Skip to content
  • Sign In
  • Try Now
View all events
AI Security

LLM Safety and Security

Published by O'Reilly Media, Inc.

Intermediate content levelIntermediate

Planning and Mitigating Safe LLM Systems

Course Outcomes:

  • Understand the role of context and larger systems in the safe usage of LLMs
  • Apply concepts of ground truth and trust in the usage of LLMs
  • Be able to identify risk and hazards in an LLM use case

Course Description:

Large language models (LLMs) like ChatGPT, Bard, and Llama have excited and concerned the public, organizational leaders, and politicians alike. There has been no invention quite like generative AI, especially when it comes to generating language. Impressive feats like those of ChatGPT can create human-like responses given human-made prompts, for just about any subject that is backed with sufficient data. But with any new technology, blindsides and risks are plentiful. Thankfully, systems-oriented thinking can help us identify these risks and hazards, and break out of the task-oriented mindset that has become pervasive in the “move fast, break things” culture.

We will learn fundamental concepts of ground truth and how erroneous actions from an LLM can propagate in a larger system. We discuss concepts of trustworthiness and operating domain, and how these two aspects go hand-in-hand designing safe and reliable systems that involve an LLM. There will be case studies and practice identifying low risk and high risk applications, as well as discussion of data privacy, sourcing, and security issues. Finally, we will cover larger issues and how truly effective change and mitigation starts with us.

What you’ll learn and how you can apply it

  • Be able to systematically identify/address hazards in LLM applications
  • Effectively scope and frame how LLM’s are used for a given application
  • Speak to the risks of LLM applications and create effective organizational policy

This live event is for you because...

  • You’re a machine learning practitioner (software developer, project manager) considering how to safely use LLMs
  • You work with executives who are either gung ho or leery of generative AI, and both need grounded understanding of what an LLM can/cannot do
  • You want to become an expert in generative AI hazards, so you can inform and create productive dialogue with colleagues and the public

Prerequisites

  • A fundamental understanding of machine learning (supervised learning and language models), data engineering (how data is acquired and processed), and statistics (including sampling and populations) will be helpful

Recommended Follow-up

Schedule

The time frames are only estimates and may vary according to how the class is progressing.

A Brief Explanation of LLMs (15 minutes)

  • Poll: Which is your greatest concern with LLMs?
  • Presentation: What is an LLM?
  • Presentation: What is safety and security?
  • Presentation: How do LLM’s Work?
  • Discussion: What are the strengths and weaknesses of LLMs?
  • Presentation: A brief philosophy detour into Pythagoreanism
  • Exercise: “Artificial general intelligence is here!”

Ground Truth (15 minutes)

  • Poll: Is it possible for an AI to know it made an error?
  • Discussion: What is data?
  • Discussion: What are the limitations of interpolating/extrapolating from data?
  • Presentation: Ground truth
  • Q&A
  • Exercise: “Let the AI do it.”

Trust (20 minutes)

  • Poll: Can an LLM ever be trusted to be correct or optimal?
  • Presentation: Is there ground truth in an LLM output?
  • Presentation: Practical verification and human-in-the-loop
  • Poll: Does a benchmark prove AI performance?
  • Presentation: Why benchmarks can be irrelevant
  • Discussion: Will an LLM ever be trustworthy or optimal?
  • Presentation: The problem of hallucination
  • Presentation: The problem of data drift
  • Pulse Check and Q&A
  • Exercise: Trust but verify

BREAK: 10 minutes

Operating Domain (10 minutes)

  • Poll: Which LLM tasks carry more risks?
  • Discussion: How does scope affect an LLM?
  • Discussion: What data does an LLM ingest? What actions can it output?
  • Presentation: Importance of context and operating domain
  • Presentation: Task versus System-oriented thinking
  • Q&A
  • Exercise: AI Paralegal

Mapping Hazards and Risks (15 minutes)

  • Poll: Are better algorithms the solution to AI safety?
  • Presentation: What is the LLM being used for?
  • Discussion: What makes a system unsafe?
  • Presentation: Error propagation in a larger system
  • Presentation: Containing the operating domain
  • Presentation: Containing the human factor
  • Q&A
  • Exercise: What are the hazards and what can mitigate them?

Good and Bad Use Cases (20 minutes)

  • Discussion: What are some safe/unsafe cases for using an LLM?
  • Discussion: Can an unsafe application be rescoped to become safe?
  • Poll and discussion | Code learning assistant
  • Poll and discussion | Anti-scammer bot
  • Poll and discussion | Email rewrite assistant
  • Poll and discussion | Creative writing
  • Poll and discussion | AI lawyer
  • Poll and discussion | AI BFF
  • Poll and discussion | AI Chef
  • Poll and discussion | AI doctor
  • Poll and discussion | AI stock trader
  • Q&A

BREAK: 10 minutes

Broader Issues - Data sourcing and Privacy (10 minutes)

  • Discussion: Where does labeled data come from?
  • Presentation: AI is learning from humans
  • Presentation: Privacy concerns and personal data
  • Presentation: Click labor and data entry farms
  • Q&A
  • Exercise: What happens when humans stop providing data?
  • Exercise: What happens when the LLM output becomes the input?

Broader Issues - The Spampocalype (10 minutes)

  • Discussion: What stories have you heard in the media about W spam and bots?
  • Presentation: Automated LinkedIn posting
  • Presentation: Amazon’s eBook problem
  • Presentation: What is going to happen to our email, texts, social media, phone calls, and digital wares with LLM bots?
  • Q&A
  • Exercise: What are some technical solutions to the spampocalypse?

Broader Issues - Detecting AI-generated Content (10 minutes)

  • Presentation: Students using AI to write essays
  • Poll and Discussion: Is there a reliable way to algorithmically detect AI-generated content?
  • Presentation: The hard problem of using AI to detect AI
  • Presentation: How teachers adapted to the calculator, and can adapt to AI too
  • Q&A
  • Exercise: Is my employee using AI?

Broader Issues - The economics of hype (17 minutes)

  • Discussion: The AI Scapegoat
  • Discussion: What are the financial motivations of pushing AI?
  • Presentation: Venture capital, stock prices, bubbles, and IPO’s.. oh my!
  • Exercise: Who is left holding the bag? How do we contain the damage?

Broader Issues - Truly Effective Change (13 minutes)

  • Poll: Do you think regulation is the solution for safe LLMs?
  • Discussion: Regulate! But how?
  • Presentation: Why effective policy is so elusive.
  • Presentation: Unintended consequences and conflicting interests
  • Discussion: Where else do we turn to?
  • Presentation: Effective change | Responsible company policy
  • Presentation: Effective change | Educating the public, not just lawmakers
  • Presentation: Effective change | Engage and mobilize the community

Your Instructor

  • Thomas Nield

    Thomas Nield is the founder of Nield Consulting Group and an instructor at O’Reilly Media and the University of Southern California, teaching classes on data analysis, machine learning, mathematical optimization, AI system safety, and practical artificial intelligence. He’s authored multiple books including Getting Started with SQL and Essential Math for Data Science, both for O’Reilly. He’s also the founder and inventor of Yawman Flight, a company that develops universal handheld controls for flight simulation and unmanned aerial vehicles. Thomas enjoys making technical content relatable and relevant to those unfamiliar with or intimidated by it.

    Xlinksearch