Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

An Open Knowledge Graph-Based Approach for Mapping Concepts and Requirements between the EU AI Act and International Standards

Julio Hernandez, Delaram Golpayegani, Dave Lewis

TL;DR

The paper addresses regulatory fragmentation in trustworthy AI by presenting an open knowledge graph approach to map the EU AI Act with international standards. It introduces the TAIR ontology to semantically link Act requirements and harmonized-standard concepts, enabling machine-readable, auditable mappings. A layered semantic modeling framework, an extraction/mapping pipeline, and 118 AI Act requirements linked to 46 concepts (plus 23 lexical entries) demonstrate practical coverage and evaluation via OOPS!. The work aims to facilitate regulatory compliance, harmonization efforts, and policy coordination across jurisdictions, with future updates once the formal AI Act text is published.

Abstract

The many initiatives on trustworthy AI result in a confusing and multipolar landscape that organizations operating within the fluid and complex international value chains must navigate in pursuing trustworthy AI. The EU's AI Act will now shift the focus of such organizations toward conformance with the technical requirements for regulatory compliance, for which the Act relies on Harmonized Standards. Though a high-level mapping to the Act's requirements will be part of such harmonization, determining the degree to which standards conformity delivers regulatory compliance with the AI Act remains a complex challenge. Variance and gaps in the definitions of concepts and how they are used in requirements between the Act and harmonized standards may impact the consistency of compliance claims across organizations, sectors, and applications. This may present regulatory uncertainty, especially for SMEs and public sector bodies relying on standards conformance rather than proprietary equivalents for developing and deploying compliant high-risk AI systems. To address this challenge, this paper offers a simple and repeatable mechanism for mapping the terms and requirements relevant to normative statements in regulations and standards, e.g., AI Act and ISO management system standards, texts into open knowledge graphs. This representation is used to assess the adequacy of standards conformance to regulatory compliance and thereby provide a basis for identifying areas where further technical consensus development in trustworthy AI value chains is required to achieve regulatory compliance.

An Open Knowledge Graph-Based Approach for Mapping Concepts and Requirements between the EU AI Act and International Standards

TL;DR

The paper addresses regulatory fragmentation in trustworthy AI by presenting an open knowledge graph approach to map the EU AI Act with international standards. It introduces the TAIR ontology to semantically link Act requirements and harmonized-standard concepts, enabling machine-readable, auditable mappings. A layered semantic modeling framework, an extraction/mapping pipeline, and 118 AI Act requirements linked to 46 concepts (plus 23 lexical entries) demonstrate practical coverage and evaluation via OOPS!. The work aims to facilitate regulatory compliance, harmonization efforts, and policy coordination across jurisdictions, with future updates once the formal AI Act text is published.

Abstract

The many initiatives on trustworthy AI result in a confusing and multipolar landscape that organizations operating within the fluid and complex international value chains must navigate in pursuing trustworthy AI. The EU's AI Act will now shift the focus of such organizations toward conformance with the technical requirements for regulatory compliance, for which the Act relies on Harmonized Standards. Though a high-level mapping to the Act's requirements will be part of such harmonization, determining the degree to which standards conformity delivers regulatory compliance with the AI Act remains a complex challenge. Variance and gaps in the definitions of concepts and how they are used in requirements between the Act and harmonized standards may impact the consistency of compliance claims across organizations, sectors, and applications. This may present regulatory uncertainty, especially for SMEs and public sector bodies relying on standards conformance rather than proprietary equivalents for developing and deploying compliant high-risk AI systems. To address this challenge, this paper offers a simple and repeatable mechanism for mapping the terms and requirements relevant to normative statements in regulations and standards, e.g., AI Act and ISO management system standards, texts into open knowledge graphs. This representation is used to assess the adequacy of standards conformance to regulatory compliance and thereby provide a basis for identifying areas where further technical consensus development in trustworthy AI value chains is required to achieve regulatory compliance.
Paper Structure (16 sections, 7 figures, 2 tables)

This paper contains 16 sections, 7 figures, 2 tables.

Table of Contents

  1. Introduction
  2. Related Work
  3. AI Act Compliance Through Conformity with Standards
  4. The Interplay between the AI Act and Harmonized Standards
  5. Challenges of Legal Compliance Using Harmonized Standards
  6. A Layered Approach for Semantic Modeling and Mapping of Trustworthy AI Requirements
  7. TAIR: Trustworthy AI Requirements Ontology
  8. Conceptual Requirements Capture from AI Act and Prospective Harmonized Standards
  9. TAIR Overview
  10. Requirements and Concepts Modelling
  11. Requirements and Concepts Semantic Mappings
  12. P1 - Elements identification
  13. P2 - Elements mapping
  14. P3 - Publication
  15. Ontology evaluation
  16. ...and 1 more sections

Figures (7)

  • Figure 1: Mapping concepts from regulations and standards
  • Figure 2: Key concepts and relations in TAIR ontology
  • Figure 3: The three phases in the regulation and standards mapping process
  • Figure 4: RequirementCollection class example for the requirement collection "Context of the organization" extracted from the harmonized structure for MSS. The decomposes property defines the collection's requirements.
  • Figure 5: Concept's mapping example though the "Top management" concept extracted from the harmonized structure MSS. The implementedBy property defines the relationship between a concept and a requirement.
  • ...and 2 more figures