Conceptualizing the Secure Machine Learning Operations (SecMLOps) Paradigm

• Published in: 2022 IEEE 22nd International Conference on Software Quality, Reliability and Security (QRS) pp. 127 - 138
• Main Authors: Zhang, Xinrui, Jaskolka, Jason
• Format: Conference Proceeding
• Language: English
• Published: IEEE 01.12.2022
• Subjects: Machine learning; MLOps; operations; Safety; SecMLOps; Security; Software quality; Software reliability; Sustainable development; System analysis and design
• ISSN: 2693-9177
• DOI: 10.1109/QRS57517.2022.00023

Due to the proliferation of machine learning in various domains and applications, Machine Learning Operations (MLOps) was created to improve efficiency and adaptability by automating and operationalizing ML products. Because many machine learning application domains demand high levels of assurance, security has become a top priority and necessity to be involved at the beginning of ML system design. To provide theoretical guidance, we first introduce the Secure Machine Learning Operations (SecMLOps) paradigm, which extends MLOps with security considerations. We use the People, Processes, Technology, Governance and Compliance (PPTGC) framework to conceptualize SecMLOps, and to discuss challenges in adopting SecMLOps in practice. Since ML systems are often multi-concerned, analysis on how the adoption of SecMLOps impacts other system qualities, such as fairness, explainability, reliability, safety, and sustainability are provided. This paper aims to provide guidance and a research roadmap for ML researchers and organizational-level practitioners towards secure, reliable, and trustworthy MLOps.