<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE article PUBLIC "-//NLM//DTD JATS (Z39.96) Journal Publishing DTD v1.3 20210610//EN" "JATS-journalpublishing1-3.dtd">
<article article-type="research-article" dtd-version="1.3" xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xml:lang="ru"><front><journal-meta><journal-id journal-id-type="publisher-id">sibsutis</journal-id><journal-title-group><journal-title xml:lang="ru">Вестник СибГУТИ</journal-title><trans-title-group xml:lang="en"><trans-title>The Herald of the Siberian State University of Telecommunications and Information Science</trans-title></trans-title-group></journal-title-group><issn pub-type="ppub">1998-6920</issn><publisher><publisher-name>СибГУТИ</publisher-name></publisher></journal-meta><article-meta><article-id pub-id-type="doi">10.55648/1998-6920-2026-20-2-77-92</article-id><article-id custom-type="elpub" pub-id-type="custom">sibsutis-1056</article-id><article-categories><subj-group subj-group-type="heading"><subject>Research Article</subject></subj-group><subj-group subj-group-type="section-heading" xml:lang="ru"><subject>Статьи</subject></subj-group></article-categories><title-group><article-title>Ключевые принципы построения подсистемы информационной безопасности MLOps</article-title><trans-title-group xml:lang="en"><trans-title>Key principles for building an MLOps information security subsystem</trans-title></trans-title-group></title-group><contrib-group><contrib contrib-type="author" corresp="yes"><name-alternatives><name name-style="eastern" xml:lang="ru"><surname>Нагибин</surname><given-names>Дмитрий Викторович</given-names></name><name name-style="western" xml:lang="en"><surname>Nagibin</surname><given-names>Dmitry Viktorovich</given-names></name></name-alternatives><bio xml:lang="ru"><p>Аспирант кафедры «Автоматика и телемеханика» Пермского национального исследовательского политехнического университета (ПНИПУ)</p></bio><bio xml:lang="en"/><email xlink:type="simple">dvnagibin+sib@pstu.ru</email><xref ref-type="aff" rid="aff-1"/></contrib><contrib contrib-type="author" corresp="yes"><name-alternatives><name name-style="eastern" xml:lang="ru"><surname>Кокоулин</surname><given-names>Андрей Николаевич</given-names></name><name name-style="western" xml:lang="en"><surname>Kokoulin</surname><given-names>Andrey Nikolaevich</given-names></name></name-alternatives><bio xml:lang="ru"><p>к.т.н., доцент кафедры «Автоматика и телемеханика» Пермского национального исследовательского политехнического университета (ПНИПУ)</p></bio><bio xml:lang="en"/><email xlink:type="simple">a.n.kokoulin@at.pstu.ru</email><xref ref-type="aff" rid="aff-2"/></contrib><contrib contrib-type="author" corresp="yes"><name-alternatives><name name-style="eastern" xml:lang="ru"><surname>Южаков</surname><given-names>Александр Анатольевич</given-names></name><name name-style="western" xml:lang="en"><surname>Yuzhakov</surname><given-names>Alexander Anatolyevich</given-names></name></name-alternatives><bio xml:lang="ru"><p>д.т.н., профессор, заведующий кафедрой «Автоматика и телемеханика» Пермского национального исследовательского политехнического университета (ПНИПУ)</p></bio><bio xml:lang="en"/><email xlink:type="simple">uz@at.pstu.ac.ru</email><xref ref-type="aff" rid="aff-1"/></contrib></contrib-group><aff-alternatives id="aff-1"><aff xml:lang="ru"><institution>Пермский национальный исследовательский политехнический университет (ПНИПУ).</institution><country>Россия</country></aff><aff xml:lang="en"><institution>Perm National Research Polytechnic University (PNRPU).</institution><country>Russian Federation</country></aff></aff-alternatives><aff-alternatives id="aff-2"><aff xml:lang="ru"><institution>Пермский национальный исследовательский политехнический университет (ПНИПУ).&#13;
ФБУН «Федеральный научный центр медико-профилактических технологий управления рисками здоровью населения».</institution><country>Россия</country></aff><aff xml:lang="en"><institution>Perm National Research Polytechnic University (PNRPU).</institution><country>Russian Federation</country></aff></aff-alternatives><pub-date pub-type="collection"><year>2026</year></pub-date><pub-date pub-type="epub"><day>22</day><month>06</month><year>2026</year></pub-date><volume>20</volume><issue>2</issue><issue-title>Вестник СибГУТИ</issue-title><fpage>77</fpage><lpage>92</lpage><permissions><copyright-statement>Copyright &amp;#x00A9; Нагибин Д.В., Кокоулин А.Н., Южаков А.А., 2026</copyright-statement><copyright-year>2026</copyright-year><copyright-holder xml:lang="ru">Нагибин Д.В., Кокоулин А.Н., Южаков А.А.</copyright-holder><copyright-holder xml:lang="en">Nagibin D.V., Kokoulin A.N., Yuzhakov A.A.</copyright-holder><license xml:lang="ru" license-type="creative-commons-attribution" xlink:href="https://creativecommons.org/licenses/by/4.0/" xlink:type="simple"><license-p>Данная работа распространяется под лицензией Creative Commons Attribution 4.0.</license-p></license><license xml:lang="en" license-type="creative-commons-attribution" xlink:href="https://creativecommons.org/licenses/by/4.0/" xlink:type="simple"><license-p>This work is licensed under a Creative Commons Attribution 4.0 License.</license-p></license></permissions><self-uri xlink:href="https://vestnik.sibsutis.ru/jour/article/view/1056">https://vestnik.sibsutis.ru/jour/article/view/1056</self-uri><abstract><p>В статье рассматриваются ключевые принципы построения подсистемы информационной безопасности MLOps (Machine Learning Operations), учитывая растущую актуальность и уязвимость систем машинного обучения в современных условиях. В работе рассматриваются основные регуляторные требования к информационной безопасности систем, использующих машинное обучение, включая анализ требований ФСТЭК России. Обосновывается необходимость адаптации современных решений MLSecOps к условиям российского законодательства. Проведён анализ ключевых рисков кибербезопасности, характерных для каждого этапа жизненного цикла MLOps, а также представлены существующие методы и подходы их митигации. В работе приведена математическая формализация для оценки защищенности системы, учитывающей технические и регуляторные требования, а также требования к импортозамещению. Представлен концептуальный состав модулей подсистемы ИБ. Результаты исследования направлены на создание эффективной и надежной подсистемы защиты конвейеров MLOps и снижения рисков, связанных с использованием технологий машинного обучения.</p></abstract><trans-abstract xml:lang="en"><p>The article examines the key principles for building an information security subsystem for MLOps (Machine Learning Operations), taking into account the increasing relevance and vulnerability of machine learning systems in modern conditions. The work considers the main regulatory requirements for information security of systems using machine learning, including an analysis of the requirements of the Russian Federal Service for Technical and Export Control (FSTEC). It argues for the need to adapt modern MLSecOps solutions to the conditions of Russian legislation. The analysis covers the key cybersecurity risks characteristic of each stage of the MLOps lifecycle, as well as existing methods and approaches for mitigating them. The work presents a mathematical formalization for assessing the security of the system, taking into account technical, regulatory, and import substitution requirements. The conceptual structure of the information security subsystem is presented. The results of the research are aimed at creating an effective and reliable protection system for MLOps pipelines and reducing the risks associated with the use of machine learning technologies.</p></trans-abstract><kwd-group xml:lang="ru"><kwd>MLOps</kwd><kwd>MLSecOps</kwd><kwd>информационная безопасность</kwd><kwd>безопасность машинного обучения</kwd><kwd>риски кибербезопасности в MLOps</kwd><kwd>подсистема ИБ в MLOps</kwd><kwd>регуляторные документы РФ по безопасности ИИ</kwd></kwd-group><kwd-group xml:lang="en"><kwd>MLOps</kwd><kwd>MLSecOps</kwd><kwd>information security</kwd><kwd>machine learning security</kwd><kwd>cybersecurity &#13;
risks in MLOps</kwd><kwd>security subsystem in MLOps</kwd><kwd>Russian regulatory documents on AI security</kwd></kwd-group></article-meta></front><back><ref-list><title>References</title><ref id="cit1"><label>1</label><citation-alternatives><mixed-citation xml:lang="ru">Kreuzberger D. Machine Learning Operations (MLOps): Overview, Definition, and Architecture / D. Kreuzberger, N. Kühl, S. Hirschl // IEEE Access. – 2023. – Vol. 11. – Machine Learning Operations (MLOps). – P. 31866-31879.</mixed-citation><mixed-citation xml:lang="en">Kreuzberger D. Machine Learning Operations (MLOps): Overview, Definition, and Architecture / D. Kreuzberger, N. Kühl, S. Hirschl // IEEE Access. – 2023. – vol. 11. – Machine Learning Operations (MLOps). – P. 31866-31879.</mixed-citation></citation-alternatives></ref><ref id="cit2"><label>2</label><citation-alternatives><mixed-citation xml:lang="ru">Patel R. Towards Secure MLOps: Surveying Attacks, Mitigation Strategies, and Research Challenges. Towards Secure MLOps / R. Patel [и др.] arXiv:2506.02032 [cs]. – arXiv, 2026.</mixed-citation><mixed-citation xml:lang="en">Patel R. Towards Secure MLOps: Surveying Attacks, Mitigation Strategies, and Research Challenges. Towards Secure MLOps / R. Patel [et al] arXiv:2506.02032 [cs]. – arXiv, 2026.</mixed-citation></citation-alternatives></ref><ref id="cit3"><label>3</label><citation-alternatives><mixed-citation xml:lang="ru">Wilson S. The developer’s playbook for large Language model security: building secure AI applications. The developer’s playbook for large Language model security / S. Wilson. – First edition. – Beijing Boston Farnham Sebastopol Tokyo: O’Reilly, 2024. – 200 p.</mixed-citation><mixed-citation xml:lang="en">Wilson S. The developer’s playbook for large Language model security: building secure AI applications. The developer’s playbook for large Language model security / S. Wilson. – First edition. – Beijing Boston Farnham Sebastopol Tokyo: O’Reilly, 2024. – 200 p.</mixed-citation></citation-alternatives></ref><ref id="cit4"><label>4</label><citation-alternatives><mixed-citation xml:lang="ru">Указ Президента Российской Федерации от 10.10.2019 г. № 490. О развитии искусственного интеллекта в Российской Федерации. (В редакции Указа Президента Российской Федерации от 15.02.2024 № 124).</mixed-citation><mixed-citation xml:lang="en">Ukaz Prezidenta Rossiiskoi Federatsii ot 10.10.2019 g. no. 490. O razvitii iskusstvennogo intellekta v Rossiiskoi Federatsii. (V redaktsii Ukaza Prezidenta Rossiiskoi Federatsii ot 15.02.2024 no. 124).</mixed-citation></citation-alternatives></ref><ref id="cit5"><label>5</label><citation-alternatives><mixed-citation xml:lang="ru">Регуляторные документы РФ по безопасности ИИ — с чем мы вступаем в 2026 год [Электронный ресурс] : Хабр. – URL: https://habr.com/ru/articles/986800/ (дата обращения: 07.02.2026).</mixed-citation><mixed-citation xml:lang="en">Regulyatornye dokumenty RF po bezopasnosti II — s chem my vstupaem v 2026 god [Elektronnyi resurs] : Khabr. – URL: https://habr.com/ru/articles/986800/ (accessed: 07.02.2026).</mixed-citation></citation-alternatives></ref><ref id="cit6"><label>6</label><citation-alternatives><mixed-citation xml:lang="ru">Федеральная служба по техническому и экспортному контролю. Требования о защите информации, содержащейся в государственных информационных системах, иных информационных системах государственных органов, государственных унитарных предприятий, государственных учреждений: утверждены приказом ФСТЭК России от 11 апреля 2025 г. № 117.</mixed-citation><mixed-citation xml:lang="en">Federal'naya sluzhba po tekhnicheskomu i eksportnomu kontrolyu. Trebovaniya o zashchite informatsii, soderzhashcheisya v gosudarstvennykh informatsionnykh sistemakh, inykh informatsionnykh sistemakh gosudarstvennykh organov, gosudarstvennykh unitarnykh predpriyatii, gosudarstvennykh uchrezhdenii: utverzhdeny prikazom FSTEK Rossii ot 11 aprelya 2025 g. no. 117.</mixed-citation></citation-alternatives></ref><ref id="cit7"><label>7</label><citation-alternatives><mixed-citation xml:lang="ru">Анализ ключевых изменений в требованиях к защите информации согласно Приказу ФСТЭК № 117 [Электронный ресурс]. – URL: https://sec.ussc.ru/fstec_117 (дата обращения: 08.02.2026).</mixed-citation><mixed-citation xml:lang="en">Analiz klyuchevykh izmenenii v trebovaniyakh k zashchite informatsii soglasno Prikazu FSTEK no. 117, available at: https://sec.ussc.ru/fstec_117 (accessed: 08.02.2026).</mixed-citation></citation-alternatives></ref><ref id="cit8"><label>8</label><citation-alternatives><mixed-citation xml:lang="ru">Федеральная служба по техническому и экспортному контролю. Методический документ. Методика анализа защищенности информационных систем. Утверждена 25 ноября 2025 г.</mixed-citation><mixed-citation xml:lang="en">Federal'naya sluzhba po tekhnicheskomu i eksportnomu kontrolyu. Metodicheskii dokument. Metodika analiza zashchishchennosti informatsionnykh sistem. Utverzhdena 25 noyabrya 2025 g.</mixed-citation></citation-alternatives></ref><ref id="cit9"><label>9</label><citation-alternatives><mixed-citation xml:lang="ru">ГОСТ Р 70462.1-2022/ISO/IEC TR 24029-1-2021. Информационные технологии. Интеллект искусственный. Оценка робастности нейронных сетей.</mixed-citation><mixed-citation xml:lang="en">GOST R 70462.1-2022/ISO/IEC TR 24029-1-2021. Informatsionnye tekhnologii. Intellekt iskusstvennyi. Otsenka robastnosti neironnykh setei.</mixed-citation></citation-alternatives></ref><ref id="cit10"><label>10</label><citation-alternatives><mixed-citation xml:lang="ru">Намиот Д.Е. Схемы атак на модели машинного обучения / Д.Е. Намиот // International Journal of Open Information Technologies. – 2023. – Т. 11. – № 5. – С. 68-86.</mixed-citation><mixed-citation xml:lang="en">Namiot D.E. Skhemy atak na modeli mashinnogo obucheniya / D.E. Namiot // International Journal of Open Information Technologies. – 2023. – vol. 11. – no. 5. – pp. 68-86.</mixed-citation></citation-alternatives></ref><ref id="cit11"><label>11</label><citation-alternatives><mixed-citation xml:lang="ru">Lavaur L. Investigating the Impact of Label-flipping Attacks against Federated Learning for Collaborative Intrusion Detection / L. Lavaur, Y. Busnel, F. Autrel // Computers &amp; Security. – 2025. – Vol. 156. – P. 104462.</mixed-citation><mixed-citation xml:lang="en">Lavaur L. Investigating the Impact of Label-flipping Attacks against Federated Learning for Collaborative Intrusion Detection / L. Lavaur, Y. Busnel, F. Autrel // Computers &amp; Security. – 2025. – vol. 156. – P. 104462.</mixed-citation></citation-alternatives></ref><ref id="cit12"><label>12</label><citation-alternatives><mixed-citation xml:lang="ru">Hall P. Machine learning for high-risk applications: approaches to responsible AI. Machine learning for high-risk applications / P. Hall. – First Edition. – Québec: O’Reilly Media, Incorporated, 2023. – 466 p.</mixed-citation><mixed-citation xml:lang="en">Hall P. Machine learning for high-risk applications: approaches to responsible AI. Machine learning for high-risk applications / P. Hall. – First Edition. – Québec: O’Reilly Media, Incorporated, 2023. – 466 p.</mixed-citation></citation-alternatives></ref><ref id="cit13"><label>13</label><citation-alternatives><mixed-citation xml:lang="ru">Sotiropoulos J. Adversarial AI Attacks, mitigations, and defense strategies: a cybersecurity professional’s guide to AI attacks, threat modeling, and securing AI with MLSecOps. Adversarial AI Attacks, mitigations, and defense strategies / J. Sotiropoulos. – Place of publication not identified: Packt Publishing, 2024. – 602 p.</mixed-citation><mixed-citation xml:lang="en">Sotiropoulos J. Adversarial AI Attacks, mitigations, and defense strategies: a cybersecurity professional’s guide to AI attacks, threat modeling, and securing AI with MLSecOps. Adversarial AI Attacks, mitigations, and defense strategies / J. Sotiropoulos. – Place of publication not identified: Packt Publishing, 2024. – 602 p.</mixed-citation></citation-alternatives></ref><ref id="cit14"><label>14</label><citation-alternatives><mixed-citation xml:lang="ru">Намиот Д.Е. Атаки на системы машинного обучения - общие проблемы и методы / Д.Е. Намиот, Е.А. Ильюшин, И.В. Чижов // International Journal of Open Information Technologies. – 2022. – Т. 10. – № 3. – С. 17-22.</mixed-citation><mixed-citation xml:lang="en">Namiot D.E. Ataki na sistemy mashinnogo obucheniya - obshchie problemy i metody / D.E. Namiot, E.A. Il'yushin, I.V. Chizhov // International Journal of Open Information Technologies. – 2022. – vol. 10. – no. 3. – pp. 17-22.</mixed-citation></citation-alternatives></ref><ref id="cit15"><label>15</label><citation-alternatives><mixed-citation xml:lang="ru">Kovacs E. “EchoLeak” AI Attack Enabled Theft of Sensitive Data via Microsoft 365 Copilot [Электронный ресурс]. – URL: https://www.securityweek.com/echoleak-ai-attack-enabled-theft-of-sensitive-data-via-microsoft-365-copilot/ (дата обращения: 08.02.2026).</mixed-citation><mixed-citation xml:lang="en">Kovacs E. “EchoLeak” AI Attack Enabled Theft of Sensitive Data via Microsoft 365 Copilot, available at: https://www.securityweek.com/echoleak-ai-attack-enabled-theft-of-sensitive-data-via-microsoft-365-copilot/ (accessed: 08.02.2026).</mixed-citation></citation-alternatives></ref><ref id="cit16"><label>16</label><citation-alternatives><mixed-citation xml:lang="ru">Gao Y. Backdoor Attacks and Countermeasures on Deep Learning: A Comprehensive Review. Backdoor Attacks and Countermeasures on Deep Learning / Y. Gao [et al.] arXiv:2007.10760 [cs]. – arXiv, 2020.</mixed-citation><mixed-citation xml:lang="en">Gao Y. Backdoor Attacks and Countermeasures on Deep Learning: A Comprehensive Review. Backdoor Attacks and Countermeasures on Deep Learning / Y. Gao [et al.] arXiv:2007.10760 [cs]. – arXiv, 2020.</mixed-citation></citation-alternatives></ref><ref id="cit17"><label>17</label><citation-alternatives><mixed-citation xml:lang="ru">Sutton O.J. Staining and locking computer vision models without retraining / O.J. Sutton [и др.] arXiv:2507.22000 [cs]. – arXiv, 2025.</mixed-citation><mixed-citation xml:lang="en">Sutton O.J. Staining and locking computer vision models without retraining / O.J. Sutton [et al] arXiv:2507.22000 [cs]. – arXiv, 2025.</mixed-citation></citation-alternatives></ref><ref id="cit18"><label>18</label><citation-alternatives><mixed-citation xml:lang="ru">MLOps Market Outlook from 2026 to 2033: Trends by Application, by Region, and 12.8% CAGR Forecast [Электронный ресурс]. – URL: https://www.linkedin.com/pulse/mlops-market-outlook-from-2026-2033-trends-application-region-dswuf (дата обращения: 02.03.2026).</mixed-citation><mixed-citation xml:lang="en">MLOps Market Outlook from 2026 to 2033: Trends by Application, by Region, and 12.8% CAGR Forecast, available at: https://www.linkedin.com/pulse/mlops-market-outlook-from-2026-2033-trends-application-region-dswuf (accessed: 02.03.2026).</mixed-citation></citation-alternatives></ref><ref id="cit19"><label>19</label><citation-alternatives><mixed-citation xml:lang="ru">Giskard - LLM Agent Testing &amp; Evaluation Platform [Электронный ресурс]. – URL: https://docs.giskard.ai/index.html (дата обращения: 08.02.2026).</mixed-citation><mixed-citation xml:lang="en">Giskard - LLM Agent Testing &amp; Evaluation Platform, available at: https://docs.giskard.ai/index.html (accessed: 08.02.2026).</mixed-citation></citation-alternatives></ref><ref id="cit20"><label>20</label><citation-alternatives><mixed-citation xml:lang="ru">Center S.I.S. ModelScan - Protection Against Model Serialization Attacks [Электронный ресурс]. – URL: https://isc.sans.edu/diary/31692 (дата обращения: 08.02.2026).</mixed-citation><mixed-citation xml:lang="en">Center S.I.S. ModelScan - Protection Against Model Serialization Attacks, available at: https://isc.sans.edu/diary/31692 (accessed: 08.02.2026).</mixed-citation></citation-alternatives></ref><ref id="cit21"><label>21</label><citation-alternatives><mixed-citation xml:lang="ru">LLM Monitoring для GenAI-приложений | AI Security Lab ИТМО [Электронный ресурс]. – URL: https://hivetrace.ru/ (дата обращения: 08.02.2026).</mixed-citation><mixed-citation xml:lang="en">LLM Monitoring dlya GenAI-prilozhenii | AI Security Lab ITMO, available at: https://hivetrace.ru/ (accessed: 08.02.2026).</mixed-citation></citation-alternatives></ref><ref id="cit22"><label>22</label><citation-alternatives><mixed-citation xml:lang="ru">LLAMATOR [Электронный ресурс]. – URL: https://llamator-core.github.io/llamator/ (дата обращения: 08.02.2026).</mixed-citation><mixed-citation xml:lang="en">LLAMATOR, available at: https://llamator-core.github.io/llamator/ (accessed: 08.02.2026).</mixed-citation></citation-alternatives></ref><ref id="cit23"><label>23</label><citation-alternatives><mixed-citation xml:lang="ru">Гарда DLP — система предотвращения утечек информации | Продажа и внедрение от Российского разработчика «Гарда» [Электронный ресурс]. – URL: https://garda.ai/products/data-protection/dlp (дата обращения: 08.02.2026).</mixed-citation><mixed-citation xml:lang="en">Garda DLP — sistema predotvrashcheniya utechek informatsii | Prodazha i vnedrenie ot Rossiiskogo razrabotchika «Garda», available at: https://garda.ai/products/data-protection/dlp (accessed: 08.02.2026).</mixed-citation></citation-alternatives></ref><ref id="cit24"><label>24</label><citation-alternatives><mixed-citation xml:lang="ru">PT Dephaze — автопентест, который покажет, что сможет сделать хакер в инфраструктуре [Электронный ресурс]. – URL: https://ptsecurity.com/products/dephaze/ (дата обращения: 08.02.2026).</mixed-citation><mixed-citation xml:lang="en">PT Dephaze — avtopentest, kotoryi pokazhet, chto smozhet sdelat' khaker v infrastrukture, available at: https://ptsecurity.com/products/dephaze/ (accessed: 08.02.2026).</mixed-citation></citation-alternatives></ref><ref id="cit25"><label>25</label><citation-alternatives><mixed-citation xml:lang="ru">Kim J. Security for the scientific data services framework / J. Kim [et al.] // 2015 IEEE International Conference on Big Data (Big Data) 2015 IEEE International Conference on Big Data (Big Data). – 2015. – P. 1871-1875.</mixed-citation><mixed-citation xml:lang="en">Kim J. Security for the scientific data services framework / J. Kim [et al.] // 2015 IEEE International Conference on Big Data (Big Data) 2015 IEEE International Conference on Big Data (Big Data). – 2015. – P. 1871-1875.</mixed-citation></citation-alternatives></ref><ref id="cit26"><label>26</label><citation-alternatives><mixed-citation xml:lang="ru">Spadari V. An MLOps Framework for Explainable Network Intrusion Detection with MLflow / V. Spadari [et al.] // 2024 IEEE Symposium on Computers and Communications (ISCC) 2024 IEEE Symposium on Computers and Communications (ISCC). – Paris, France: IEEE, 2024. – P. 1-6.</mixed-citation><mixed-citation xml:lang="en">Spadari V. An MLOps Framework for Explainable Network Intrusion Detection with MLflow / V. Spadari [et al.] // 2024 IEEE Symposium on Computers and Communications (ISCC) 2024 IEEE Symposium on Computers and Communications (ISCC). – Paris, France: IEEE, 2024. – P. 1-6.</mixed-citation></citation-alternatives></ref><ref id="cit27"><label>27</label><citation-alternatives><mixed-citation xml:lang="ru">Tete S.B. Threat Modelling and Risk Analysis for Large Language Model (LLM)-Powered Applications / S.B. Tete arXiv:2406.11007 [cs]. – arXiv, 2024.</mixed-citation><mixed-citation xml:lang="en">Tete S.B. Threat Modelling and Risk Analysis for Large Language Model (LLM)-Powered Applications / S.B. Tete arXiv:2406.11007 [cs]. – arXiv, 2024.</mixed-citation></citation-alternatives></ref><ref id="cit28"><label>28</label><citation-alternatives><mixed-citation xml:lang="ru">Hassija V. Interpreting Black-Box Models: A Review on Explainable Artificial Intelligence / V. Hassija [et al.] // Cognitive Computation. – 2024. – Vol. 16. – Interpreting Black-Box Models. – № 1. – P. 45-74.</mixed-citation><mixed-citation xml:lang="en">Hassija V. Interpreting Black-Box Models: A Review on Explainable Artificial Intelligence / V. Hassija [et al.] // Cognitive Computation. – 2024. – vol. 16. – Interpreting Black-Box Models. – no. 1. – P. 45-74.</mixed-citation></citation-alternatives></ref><ref id="cit29"><label>29</label><citation-alternatives><mixed-citation xml:lang="ru">Awesome MLSecOps [Электронный ресурс]. – URL: https://github.com/RiccardoBiosas/awesome-MLSecOps (дата обращения: 04.02.2026).</mixed-citation><mixed-citation xml:lang="en">Awesome MLSecOps, available at: https://github.com/RiccardoBiosas/awesome-MLSecOps (accessed: 04.02.2026).</mixed-citation></citation-alternatives></ref><ref id="cit30"><label>30</label><citation-alternatives><mixed-citation xml:lang="ru">Намиот Д.Е. О работе AI Red Team / Д.Е. Намиот, Е.В. Зубарева // International Journal of Open Information Technologies. – 2023. – Т. 11. – № 10. – С. 130-139.</mixed-citation><mixed-citation xml:lang="en">Namiot D.E. O rabote AI Red Team / D.E. Namiot, E.V. Zubareva // International Journal of Open Information Technologies. – 2023. – vol. 11. – no. 10. – pp. 130-139.</mixed-citation></citation-alternatives></ref></ref-list><fn-group><fn fn-type="conflict"><p>The authors declare that there are no conflicts of interest present.</p></fn></fn-group></back></article>
