With the increasing adaptation of AI in practice, security is becoming particularly important. The complexity of such systems, the concentration of relevant data and the still limited practical experience provide high incentives for potential attackers. A secure design therefore requires a systematic approach to cover all facets of the topic.

In this presentation, we will introduce our adaptation of the established threat modeling method for AI applications: Based on the well-known "Four Question Framework", the focus will be on the AI components, their special features and their threat situation, and the implementation in the development project will also be covered.

Participants will learn about the threat modeling method and how to use it in practice: From the identification of assets worthy of protection to the establishment of threat scenarios and the derivation of efficient countermeasures, we present the procedure using practical use cases.