changes to model and data analysis in compliance_analysis.py

compliance_analysis.py

@@ -156,69 +156,45 @@ def run_compliance_analysis_on_project(dispositive_variables, project_cc_yaml):
 
 def run_compliance_analysis_on_data(dispositive_variables, data_cc_yaml): 
     
-    # # TODO: we probably have to pass ai_project_type and project_intended_purpose into this function
-    # if dispositive_variables['ai_project_type']["high_risk_ai_system"] == True:
-    #     for value in data_cc_yaml['high_risk_ai_systems']['data_and_data_governance']:
-    #         if not value:
-    #             dispositive_variables['msg'].append(f"Because of the dataset represented by , this high-risk AI system fails the data and data governance requirements under Article 10.")
-    #     for key, value in data_cc_yaml['technical_documentation']:
-    #         if not value:
-    #             dispositive_variables['msg'].append(f"Because of the dataset represented by , this high-risk AI system fails the technical documentation requirements under Article 11.")
-    #     for key, value in data_cc_yaml['transparency_and_provision_of_information_to_deployers']:
-    #         if not value:
-    #             dispositive_variables['msg'].append(f"Because of the dataset represented by , this high-risk  AI system fails the transparency requirements under Article 13.")
-    #     for key, value in data_cc_yaml['quality_management_system']:
-    #         if not value:
-    #             dispositive_variables['msg'].append(f"Because of the dataset represented by , this high-risk  AI system fails the quality management requirements under Article 17.")
-
-    if dispositive_variables['ai_project_type']["ai_system"] == True:
+    # If project involves a high-risk AI system, then make sure all the relevant data requirements are met (relevant attributes are positive)
+    
+    if dispositive_variables['ai_project_type']["high_risk_ai_system"] == True:
         for value in data_cc_yaml['high_risk_ai_system_requirements']:
             if data_cc_yaml['high_risk_ai_system_requirements'][f'{value}'] == True:
                 dispositive_variables['msg'].append(f"")
 
+     # If project involves a GPAI model, then make sure all the relevant data requirements are met (relevant attributes are positive)
+    
     if dispositive_variables['ai_project_type']["gpai_model"] == True:
-        for value in data_cc_yaml['gpai_requirements']:
-            if data_cc_yaml['gpai_requirements'][f'{value}'] == True: # should this be false? BM
+        for value in data_cc_yaml['gpai_model_requirements']:
+            if data_cc_yaml['gpai_model_requirements'][f'{value}'] == True: # should this be false? BM
                 dispositive_variables['msg'].append(f"")
 
     return dispositive_variables
     
 def run_compliance_analysis_on_model(dispositive_variables, model_cc_yaml):  
     
-    # # TODO: we probably have to pass ai_project_type and project_intended_purpose into this function
-    # if dispositive_variables['ai_project_type']["high_risk_ai_system"] == True:
-    #     for key, value in model_cc_yaml['risk_management_system']:
-    #         if not value:
-    #             msg = (f"Because of the model represented by , this high-risk AI system fails the risk management requirements under Article 9.")
-    #     for key, value in data_cc_yaml['technical_documentation']:
-    #         if not value:
-    #             msg = (f"Because of the model represented by , this high-risk AI system fails the technical documentation requirements under Article 11.")
-    #     for key, value in data_cc_yaml['transparency_and_provision_of_information_to_deployers']:
-    #         if not value:
-    #             msg = (f"Because of the model represented by , this high-risk  AI system fails the transparency requirements under Article 13.")
-    #     for key, value in data_cc_yaml['accuracy_robustness_cybersecurity']:
-    #         if not value:
-    #             msg = (f"Because of the model represented by , this high-risk  AI system fails the quality management requirements under Article 15.")
-    #     for key, value in data_cc_yaml['quality_management_system']:
-    #         if not value:
-    #             msg = (f"Because of the model represented by , this high-risk  AI system fails the quality management requirements under Article 17.")
+    # If project involves a high-risk AI system, then make sure all the relevant model requirements are met (relevant attributes are positive)
+
+    if dispositive_variables['ai_project_type']["high_risk_ai_system"] == True:
+        for value in model_cc_yaml['high_risk_ai_system_requirements']:
+            if model_cc_yaml['high_risk_ai_system_requirements'][f'{value}'] == True:
+                dispositive_variables['msg'].append(f"")
 
-    # if dispositive_variables['ai_project_type']["gpai_model"] == True:
-    #     for key, value in model_cc_yaml['obligations_for_providers_of_gpai_models']:
-    #                 if not value:
-    #                     msg = (f"Because of the model represented by {filename}, this GPAI fails the transparency requirements under Article 53.")
+    # If project involves a GPAI model, then make sure all the relevant model requirements are met (relevant attributes are positive)
+    
+    if dispositive_variables['ai_project_type']["gpai_model"] == True:
+        for value in model_cc_yaml['gpai_model_requirements']:
+            if model_cc_yaml['gpai_model_requirements'][f'{value}'] == True:
+                dispositive_variables['msg'].append(f"")
 
-    #             for key, value in model_cc_yaml['obligations_for_providers_of_gpai_models_with_systemic_risk']:
-    #                 if not value:
-    #                     msg = (f"Because of the model represented by {filename}, this GPAI model with systematic risk fails the transparency requirements under Article 55.")
+        # If the GPAI model additionally carries systemic risk, then make sure all the relevant model requirements are met (relevant attributes are positive)
+        
+        if dispositive_variables['ai_project_type']["gpai_model_systemic_risk"] == True:          
+            for value in model_cc_yaml['gpai_model_with_systemic_risk_requirements']:
+                if model_cc_yaml['gpai_model_requirements'][f'{value}'] == True:
+                    dispositive_variables['msg'].append(f"")
    
-    # # TODO: No matter where we land with an orchestrator function, this function must also check to the value that has been set for both
-    # # GPAI models with and without systemic risk and then check to see if the relevant requirements have met if either of these values applies.
-    # # Right now it is only checking high-risk AI system requirements. Another thing that we likely have to add here is the cross-comparison of the 
-    # # intended purposes. That might look like this:
-    # # if model_cc_yaml['intended_purpose'] not in intended_purposes:
-    # #   return false 
-    
     return dispositive_variables
 
 def check_intended_purpose(dispositive_variables, project_cc, other_cc):

data_cc.yaml

@@ -194,7 +194,7 @@ high_risk_ai_system_requirements:
 
 # Meta data related to data-relaed requirements for GPAI models 
 
-gpai_requirements: 
+gpai_model_requirements: 
   data_type: 
     article: 'Art. 53(1); Annex XI(2)(c)'
     verbose: 'Documentation for the dataset is available that contains the type of data'

model_cc.yaml

@@ -70,7 +70,7 @@ classification_of_gpai_models:
 
 # Metadata related to model-related requirements for high-risk AI systems
 
-high_risk_ai_models:
+high_risk_ai_system_requirements:
   risk_management_system_general:
     article: 'Art. 9(2)'
     verbose: 'A risk management system has been planned, run, reviewed, and updated throughout the model lifecycle' 
@@ -210,7 +210,7 @@ high_risk_ai_models:
 
 # Meta data related to model-related requirements for GPAI models 
 
-obligations_for_providers_of_gpai_models:
+gpai_model_requirements:
   task:  
     article: 'Art. 53; Annex XI(1)(1)(a)'
     verbose: 'The tasks that the model is intended to perform and the type and nature of AI systems in which it can be integrated'
@@ -296,7 +296,7 @@ obligations_for_providers_of_gpai_models:
     verbose: 'Where applicable, detailed description of the measures put in place for the purpose of conducting internal and/or external adversarial testing (e.g. red teaming), model adaptations, including alignment and fine-tuning'
     value: !!bool false
 
-obligations_for_providers_of_gpai_models_with_systemic_risk:
+gpai_model_with_systemic_risk_requirements:
   evaluation: 
     article: 'Art. 55(1)(a)'
     verbose: 'Perform model evaluation in accordance with standardised protocols and tools reflecting the state of the art, including conducting and documenting adversarial testing of the model with a view to identify and mitigate systemic risk'
@@ -312,7 +312,7 @@ obligations_for_providers_of_gpai_models_with_systemic_risk:
 
 # Metadata related to transparency requirements for some AI systems (Article 50)
 
-transparency_obligations:
+transparency_requirements:
   generates_media: # clean this up
     article: 'Art. 50(2)'
     verbose: 'If the model generates synthetic audio, image, video or text content'