ETSI Unveils New Specification for AI Security

The rapid expansion of generative AI has shifted security focus from algorithms to the hardware and software layers that execute them. Computing platforms—servers, accelerators, and orchestration tools—form the backbone of model training and inference, yet they have historically lacked a unified security framework. ETSI’s new TS 104 033 specification fills that gap by codifying a baseline that addresses firmware integrity, runtime isolation, and secure data handling, offering a common language for vendors and integrators worldwide.

At its core, the TS 104 033 document enumerates mandatory security requirements, from cryptographic key management to tamper‑evident logging, and prescribes standardized service interfaces for enforcement. Crucially, it tackles both static and dynamic protection of AI assets, mitigating risks such as model extraction attacks and inadvertent data leakage. By aligning the baseline with the EU AI Act, ETSI gives manufacturers a clear pathway to regulatory compliance, reducing the legal uncertainty that has hampered large‑scale AI rollouts in regulated sectors like finance and healthcare.

Industry stakeholders are likely to adopt the specification as a de‑facto standard, especially as cloud providers and chip makers seek to differentiate their AI offerings through provable security guarantees. The move also dovetails with ETSI’s broader agenda, including its quantum‑technology committee, which aims to future‑proof communications infrastructure. As AI models become more valuable and integrated into critical processes, a robust, standardized security foundation will be essential for sustaining trust and unlocking the next wave of AI‑driven innovation.