Security beyond the model: Introducing AI system cards

Security beyond the model: Introducing AI system cards What are AI model cards? Introducing AI system cards Looking forward Learn more Get started with AI Inference About the author Huzaifa Sidhpurwala More like this Blog post Blog post Blog post Keep exploring Browse by channel Automation Artificial intelligence Open hybrid cloud Security Edge computing Infrastructure Applications Virtualization Share AI is one of the most significant innovations to emerge in the last 5 years. Generative AI (gen AI) models are now smaller, faster, and cheaper to run. They can solve mathematical problems, analyze situations, and even reason about cause‑and‑effect relationships to generate insights that once required human expertise. On its own, an AI model is merely a set of trained weights and mathematical operations, an impressive engine, but one sitting idle on a test bench. Business value only emerges when that model is embedded within a complete AI system: data pipelines feed it clean, context‑rich inputs, application logic orchestrates pre‑ and post‑processing, guardrails and monitoring enforce safety, security, and compliance, and user interfaces deliver insights through chatbots, dashboards, or automated actions. In practice, end users engage with systems, not raw models, which is why a single foundational model can power hundreds of tailored solutions across domains. Without the surrounding infrastructure of an AI system, even the most advanced model remains untapped potential rather than a tool that solves real‑world problems. AI model cards are files that accompany and describe the model, helping AI system developers make informed decisions about which model to choose for their applications. Model cards present a concise, standardized snapshot of each model’s strengths, limitations, and training information, summarizing performance metrics across key benchmarks, detailing the data and methodology used for training and evaluation, highlighting known biases and failure modes, and spelling out licensing terms and governance contacts. With this information in one place, it's easier to assess whether a model aligns with accuracy targets, fairness requirements, deployment constraints, and compliance obligations, reducing integration risk and accelerating responsible adoption. In November 2024, we authored a paper addressing the rapidly evolving ecosystem of publicly available AI models and their potential implications for security and safety. In this paper we proposed standardization of model cards and extensions to include safety, security, and data governance and pedigree information.