MIT AI Risk Repository Integration

Overview

SignalBreak integrates the MIT AI Risk Repository (https://airisk.mit.edu/) to provide:

• Structured risk taxonomy with 7 domains and 24 subdomains
• 1,328 real-world AI incidents from the AI Incident Database (AIID)
• 831 evidence-based mitigations across 4 control categories
• Automatic signal classification using AI to map provider events to risk domains

This integration helps you:

1. Understand which types of AI risks your provider signals relate to
2. Learn from historical AI incidents relevant to your workflows
3. Access proven mitigation strategies for identified risks
4. Generate governance reports aligned with industry risk frameworks

---

MIT Risk Domains

The MIT AI Risk Repository organises AI risks into 7 primary domains and 24 subdomains:

Domain 1: Discrimination & Toxicity

Focus: Bias, unfairness, toxic outputs, harmful content

Subdomain	Description	Example Incident
1.1 Unfair discrimination and misrepresentation	AI systems perpetuating or amplifying biases against protected groups	Resume screening tool penalising female candidates
1.2 Exposure to toxic content	AI generating or recommending harmful, offensive, or disturbing content	Content moderation AI failing to detect hate speech
1.3 Unequal performance across groups	AI systems performing significantly worse for certain demographics	Facial recognition with lower accuracy for darker skin tones

SignalBreak Use Case: When a provider updates their content policy or moderation model, SignalBreak classifies the signal and shows related incidents to help you assess potential discrimination risks in your workflows.

---

Domain 2: Privacy & Security

Focus: Data protection, breaches, surveillance, adversarial attacks

Subdomain	Description	Example Incident
2.1 Compromise of privacy by leaking or inferring sensitive information	AI systems exposing personal data through training data leakage or inference attacks	Language model memorising and regurgitating personal data from training set
2.2 AI system security vulnerabilities and attacks	Adversarial attacks, model theft, poisoning, backdoors	Adversarial examples causing misclassification in production systems

SignalBreak Use Case: Provider security bulletins or model updates affecting data handling are classified under Domain 2, with links to relevant incidents and mitigations.

---

Domain 3: Misinformation

Focus: False content, deepfakes, information pollution

Subdomain	Description	Example Incident
3.1 False or misleading information	AI generating factually incorrect or misleading content	Chatbot providing dangerous medical advice
3.2 Pollution of information ecosystem	Scaled generation of synthetic content degrading information quality	Automated content farms flooding search results with AI-generated misinformation

SignalBreak Use Case: When providers release new generative models or update fact-checking capabilities, signals are mapped to Domain 3 with historical context.

---

Domain 4: Malicious Actors & Misuse

Focus: Cyberattacks, fraud, weapons, surveillance at scale

Subdomain	Description	Example Incident
4.1 Disinformation, surveillance, and influence at scale	State actors or malicious groups using AI for coordinated campaigns	AI-generated deepfakes used in election disinformation campaigns
4.2 Cyberattacks, weapon development, and mass harm	AI-enabled cyber weapons, autonomous weapons, bioweapons	AI tools being used to generate malware code
4.3 Fraud, scams, and targeted manipulation	Phishing, impersonation, financial fraud	Voice cloning used for CEO fraud scams

SignalBreak Use Case: Provider policy changes restricting certain use cases (e.g., "no weaponisation") map to Domain 4, helping you understand compliance implications.

---

Domain 5: Human-Computer Interaction

Focus: Overreliance, loss of agency, mental health, social disruption

Subdomain	Description	Example Incident
5.1 Overreliance and unsafe use	Users trusting AI systems beyond their capabilities, leading to harm	Pilots over-relying on autopilot causing accidents
5.2 Loss of human agency and autonomy	AI systems making decisions without meaningful human oversight	Automated hiring systems rejecting qualified candidates with no human review

SignalBreak Use Case: Provider deprecation notices for models your critical workflows depend on are classified under 5.1 (overreliance risk).

---

Domain 6: Socioeconomic & Environmental

Focus: Jobs, inequality, power concentration, resource consumption

Subdomain	Description	Example Incident
6.1 Power centralisation and unfair distribution of benefits	AI capabilities concentrated in few organisations, creating market dominance	Dominant tech platforms leveraging AI to further entrench market power
6.2 Increased inequality and decline in employment quality	Job displacement, wage suppression, de-skilling	Call centre workers replaced by chatbots, creating unemployment
6.3 Economic and cultural devaluation of human effort	AI devaluing creative work, journalism, expertise	AI-generated art flooding marketplaces, reducing income for human artists
6.4 Competitive dynamics	Arms race dynamics, pressure to deploy unsafe AI	Companies rushing AI products to market before safety testing
6.5 Governance failure	Inadequate regulation, regulatory capture	AI systems deployed without oversight due to regulatory gaps
6.6 Environmental harm	Energy consumption, carbon emissions, e-waste	Large language model training consuming megawatts of power

SignalBreak Use Case: Provider pricing changes or new pricing models are classified under 6.2-6.3, helping you assess economic impact.

---

Domain 7: AI System Safety, Failures & Limitations

Focus: Technical failures, control loss, existential risk

Subdomain	Description	Example Incident
7.1 AI pursuing goals in conflict with human values	AI systems optimising for proxies that misalign with intended goals	Recommendation algorithms maximising engagement at cost of user well-being
7.2 AI possessing dangerous capabilities	Advanced AI systems with capabilities that could pose catastrophic risks	Autonomous systems making consequential decisions without human oversight
7.3 Robustness and reliability failures	AI systems failing in unexpected ways, distribution shifts	Image classifier failing on out-of-distribution data in production
7.4 Lack of transparency and interpretability	Black-box AI systems making consequential decisions without explanation	Credit scoring system rejecting applicants with no explanation
7.5 Data quality and relevance issues	AI systems trained on biased, outdated, or inappropriate data	Medical AI trained on non-representative patient populations
7.6 Inadequate AI system evaluation and monitoring	Insufficient testing, validation, and ongoing monitoring	AI deployed to production without adequate safety testing

SignalBreak Use Case: Provider outages, model drift, or performance degradation signals map to Domain 7, with suggested mitigations.

---

How SignalBreak Uses MIT Risk Domains

1. Automatic Signal Classification

When SignalBreak detects a provider change (e.g., model update, policy change, outage), it automatically classifies the signal into relevant MIT risk domains using AI.

Classification Process:

Provider Signal → Ollama LLM Classifier → MIT Risk Domains

Example:
Signal: "OpenAI announces GPT-4 Turbo deprecation on June 2026"
↓
Classification: Domain 7.1 (AI System Safety > Failures)
Confidence: 92%
Reason: "Model deprecation may cause system failures for dependent workflows"

Technology: Uses Ollama (self-hosted LLM) with Llama 3.2 3B model for fast, privacy-preserving classification.

Confidence Scores:

• 0.9-1.0: High confidence - classifier is very certain
• 0.7-0.89: Moderate confidence - likely correct
• 0.5-0.69: Low confidence - may need manual review
• <0.5: Very uncertain - likely not applicable

2. Historical Incident Context

For each classified signal, SignalBreak shows related real-world AI incidents from the AI Incident Database.

Example:

If a signal is classified as Domain 2.1 (Privacy), you'll see incidents like:

• "ChatGPT data breach exposed user conversation histories (March 2023)"
• "AI recruiting tool memorised candidate personal data (2019)"
• "Medical AI leaked patient information through model inversion (2020)"

Incident Data Includes:

• Title & Description: What happened
• Date: When it occurred
• Harm Severity: Low, Medium, High
• Harm Types: Physical, financial, psychological, etc.
• Alleged Developers/Deployers: Companies involved
• Source URL: Link to detailed incident report

Total Incidents Available: 1,328 across all 7 domains

3. Evidence-Based Mitigations

For each risk domain, SignalBreak provides proven mitigation strategies from the MIT repository.

Mitigation Categories:

Category	Description	Example Mitigations
1. Governance & Oversight	Policies, processes, accountability structures	Establish AI ethics committee, define acceptable use policy
2. Technical & Security	Technical controls, encryption, access controls	Implement differential privacy, use adversarial testing
3. Operational Process	Testing, validation, monitoring procedures	Conduct regular bias audits, maintain human-in-the-loop review
4. Transparency & Accountability	Documentation, disclosure, audit trails	Publish model cards, maintain decision logs, enable appeals process

Total Mitigations Available: 831 across 4 categories

How to Access:

1. View a signal on the dashboard
2. See its MIT risk domain classification
3. Click "View Mitigations" to see relevant controls
4. Filter by category or search for specific controls
5. Export to include in governance reports

---

Viewing MIT Risk Data in SignalBreak

Risk-Classified Signals

Dashboard → Signals

Each signal shows:

• 🏷️ Risk Domain Tags: e.g., "Domain 7.1 - AI System Failures"
• 📊 Confidence Score: How certain the classification is
• 🔗 Related Incidents: Number of similar historical incidents
• 🛡️ Available Mitigations: Number of relevant controls

Filter Options:

• By domain (1-7)
• By subdomain (e.g., 7.1)
• By confidence level
• By provider
• By date range

Incident Browser

Governance → Incidents

Browse the full AI Incident Database with filters:

Search & Filter:

• By Domain: See all privacy-related incidents (Domain 2)
• By Subdomain: Narrow to specific risks (e.g., 2.1 - Privacy Leaks)
• By Severity: Filter to high-harm incidents only
• By Developer: See incidents involving specific providers (e.g., "OpenAI")
• Full-Text Search: Find incidents mentioning keywords

Example Use Cases:

• "Show me all high-severity incidents involving Anthropic"
• "Find incidents related to model hallucinations (Domain 3.1)"
• "What security incidents (Domain 2.2) happened in 2023?"

Mitigation Library

Governance → Mitigations

Access the full library of 831 controls:

Browse by:

• Category: Governance, Technical, Operational, Transparency
• Subcategory: More granular groupings
• Framework: NIST AI RMF, ISO 42001, EU AI Act
• Full-Text Search: Find controls by keyword

Example Queries:

• "Show me technical controls for privacy protection"
• "What governance controls does NIST AI RMF recommend?"
• "Find mitigations related to bias testing"

Mitigation Details Include:

• Title: Clear, actionable control name
• Description: What the control does and why it matters
• Source Framework: Which framework recommends this control
• Examples: Practical implementation examples
• Source URL: Link to original framework documentation

---

API Access to MIT Risk Data

Get Incidents

GET /api/incidents?domain_id=7&severity=high&limit=20

Response:

{
  "incidents": [
    {
      "id": "uuid",
      "external_id": "AIID-123",
      "title": "Autonomous vehicle collision due to sensor failure",
      "description": "Self-driving car failed to detect pedestrian...",
      "incident_date": "2023-05-15",
      "domain": { "id": "7", "name": "AI System Safety, Failures & Limitations" },
      "subdomain": { "id": "7.1", "name": "AI pursuing goals in conflict with human values" },
      "harm_severity": "high",
      "harm_types": ["physical", "psychological"],
      "alleged_developers": ["Tesla"],
      "source_url": "https://incidentdatabase.ai/cite/123"
    }
  ],
  "pagination": { "total": 156, "limit": 20, "offset": 0, "hasMore": true },
  "attribution": {
    "source": "AI Incident Database (AIID)",
    "license": "CC BY 4.0",
    "url": "https://incidentdatabase.ai/"
  }
}

Get Mitigations

GET /api/governance/mitigations?category=2&search=privacy&limit=50

Response:

{
  "mitigations": [
    {
      "id": "uuid",
      "title": "Implement differential privacy in training data",
      "description": "Add mathematical noise to training data...",
      "category_code": "2",
      "category_name": "Technical & Security Controls",
      "subcategory_code": "2.3",
      "subcategory_name": "Privacy-Enhancing Technologies",
      "source_framework": "NIST AI RMF",
      "source_url": "https://nvlpubs.nist.gov/...",
      "examples": ["Google's RAPPOR", "Apple's local differential privacy"]
    }
  ],
  "pagination": { "total": 45, "limit": 50, "offset": 0, "hasMore": false },
  "attribution": {
    "source": "MIT AI Risk Repository",
    "license": "CC BY 4.0",
    "citation": "Slattery, P., et al. (2024). The AI Risk Repository."
  }
}

Get Signal Domain Classifications

GET /api/signals/{id}/domains

Response:

{
  "signal_id": "uuid",
  "domains": [
    {
      "domain": { "code": "7", "name": "AI System Safety, Failures & Limitations" },
      "subdomain": { "code": "7.1", "name": "AI pursuing goals in conflict with human values" },
      "confidence": 0.92,
      "classification_model": "llama3.2:3b",
      "classification_reason": "Model deprecation may cause system failures for dependent workflows",
      "created_at": "2025-01-26T10:00:00Z"
    }
  ]
}

---

Understanding Classification Confidence

SignalBreak's AI classifier assigns a confidence score (0.0 to 1.0) to each domain classification:

Confidence Levels

Score Range	Confidence	Interpretation	Action
0.9-1.0	Very High	Classifier is very certain. Classification is highly reliable.	Trust the classification
0.7-0.89	High	Classifier is confident. Classification is likely correct.	Trust, but verify if critical
0.5-0.69	Moderate	Classifier is uncertain. May need human review.	Review classification manually
< 0.5	Low	Classifier lacks confidence. Likely not applicable.	Disregard or manually reclassify

Factors Affecting Confidence

Higher Confidence When:

• Signal has clear, unambiguous description
• Signal type closely matches known risk patterns
• Provider has well-documented incident history

Lower Confidence When:

• Signal description is vague or generic
• Signal spans multiple risk domains
• Novel or emerging risk not in training data

Example:

Signal: "OpenAI deprecates GPT-3.5 on June 2026"
Domain: 7.1 (AI System Failures)
Confidence: 0.95 (Very High)
Reason: "Clear model lifecycle event matching historical deprecation risks"

Signal: "Anthropic updates Terms of Service"
Domain: Multiple (1.1, 2.1, 6.5 possible)
Confidence: 0.58 (Moderate)
Reason: "Generic policy change without specific risk indicators"

---

Best Practices

1. Use MIT Domains for Risk Prioritisation

When reviewing signals, prioritise by:

1. Domain severity - Domain 2 (Privacy) and Domain 4 (Malicious Use) typically require immediate attention
2. Confidence score - Address high-confidence (>0.7) classifications first
3. Incident history - Signals with many related incidents warrant deeper investigation

2. Learn from Historical Incidents

Before deploying a new AI workflow:

1. Search incidents for similar use cases
2. Review harm types reported
3. Check if your provider has incident history
4. Implement mitigations proactively

3. Include MIT Data in Governance Reports

SignalBreak's evidence pack generator automatically includes:

• Risk domain distribution across your workflows
• Related incident summaries
• Recommended mitigations for identified risks
• Compliance mapping to ISO 42001, NIST AI RMF, EU AI Act

4. Monitor Domain Trends Over Time

Track which risk domains are trending in your signals:

• Increasing Domain 2 signals? Privacy and security may need attention
• Spikes in Domain 7 signals? System reliability concerns
• New domains appearing? Emerging risks in your AI portfolio

5. Validate Low-Confidence Classifications

If you see a classification with confidence <0.7:

1. Read the classification reason
2. Review the signal description
3. Manually verify the domain assignment
4. Provide feedback to improve classifier accuracy

---

Data Attribution & Licensing

AI Incident Database (AIID)

SignalBreak includes incident data from the AI Incident Database (https://incidentdatabase.ai/):

• License: CC BY 4.0 (Creative Commons Attribution)
• Total Incidents: 1,328 (as of January 2025)
• Coverage: 2012-2024
• Update Frequency: Monthly sync from AIID

Citation:

"Data sourced from the AI Incident Database (incidentdatabase.ai), licensed under CC BY 4.0."

MIT AI Risk Repository

SignalBreak includes risk taxonomy and mitigations from the MIT AI Risk Repository (https://airisk.mit.edu/):

• License: CC BY 4.0 (Creative Commons Attribution)
• Total Mitigations: 831
• Frameworks: NIST AI RMF, ISO/IEC 42001, EU AI Act, UK AI Safety Summit

Citation:

"Risk taxonomy and mitigations from: Slattery, P., Saeri, A. K., Besiroglu, T., Atkins, S., Goh, E., Dubber, M., Fell, B., Lyons, S., Goldberg, B. A., Beard, S., & Laubert, M. (2024). The AI Risk Repository: A Comprehensive Meta-Review, Database, and Taxonomy of Risks From Artificial Intelligence. arXiv preprint arXiv:2408.12622."

Commercial Use

Both data sources use CC BY 4.0, which allows:

• ✅ Commercial use
• ✅ Redistribution
• ✅ Modification
• ✅ Private use

Requirements:

• Attribution to original source (SignalBreak handles this automatically)
• Indicate if changes were made
• Include license notice

SignalBreak automatically includes required attributions in all reports and API responses.

---

Frequently Asked Questions

Why do some signals have multiple domain classifications?

AI provider changes can affect multiple risk areas. For example, a pricing increase might relate to:

• Domain 6.2 (Economic impact on employment quality)
• Domain 6.1 (Power centralisation through cost barriers)

SignalBreak shows up to 3 most relevant domains per signal.

Can I manually reclassify a signal?

Not currently, but this is on the roadmap. If you disagree with a classification:

1. Note it in the signal comments
2. Contact support with your reasoning
3. Your feedback helps improve the classifier

Are all 1,328 incidents relevant to my workflows?

No. The incident database covers all AI systems, not just LLMs or provider services. Use filters to find relevant incidents:

• Filter by domain matching your workflow risks
• Search for your specific provider
• Filter by incident date for recent events

How often are incidents and mitigations updated?

• Incidents: Monthly sync from AIID
• Mitigations: Quarterly updates from MIT repository
• Risk taxonomy: Updated when MIT releases new versions

Can I export incident and mitigation data?

Yes, via the API. You can also generate evidence packs that include:

• Relevant incidents for your workflows
• Recommended mitigations for identified risks
• Formatted for compliance documentation

How accurate is the automatic classification?

Overall Accuracy: ~85-90% for high-confidence classifications (≥0.7)

The classifier performs best on:

• Model lifecycle events (deprecations, updates)
• Security bulletins and outages
• Policy changes with clear risk signals

It performs worst on:

• Generic announcements without specifics
• Marketing content disguised as technical updates
• Novel risks not in historical data

---

Related Documentation

• Risk Scoring Methodology
• Governance Frameworks (coming soon)
• Evidence Packs (coming soon)
• Signal Enrichment (coming soon)