The application of machine learning (ML) in computer systems introduces not only many benefits but also risks to society. In this paper, we develop the concept of ML governance to balance such benefits and risks, with the aim of achieving responsible applications of ML. Our approach first systematizes research towards ascertaining ownership of data and models, thus fostering a notion of identity specific to ML systems. Building on this foundation, we use identities to hold principals accountable for failures of ML systems through both attribution and auditing. To increase trust in ML systems, we then survey techniques for developing assurance, i.e., confidence that the system meets its security requirements and does not exhibit certain known failures. This leads us to highlight the need for techniques that allow a model owner to manage the life cycle of their system, e.g., to patch or retire their ML system. Put altogether, our systematization of knowledge standardizes the interactions between principals involved in the deployment of ML throughout its life cycle. We highlight opportunities for future work, e.g., to formalize the resulting game between ML principals.

中文翻译：

---

SoK：机器学习治理

机器学习 (ML) 在计算机系统中的应用不仅带来了许多好处，而且给社会带来了风险。在本文中，我们开发了 ML 治理的概念来平衡这些收益和风险，目的是实现 ML 的负责任应用。我们的方法首先将研究系统化，以确定数据和模型的所有权，从而培养特定于 ML 系统的身份概念。在此基础上，我们使用身份通过归因和审计让负责人对 ML 系统的故障负责。为了增加对 ML 系统的信任，我们随后调查了用于开发保证的技术，即系统满足其安全要求并且不会出现某些已知故障的信心。这使我们强调需要允许模型所有者管理其系统生命周期的技术，例如修补或淘汰其 ML 系统。总而言之，我们的知识系统化标准化了机器学习在整个生命周期中部署所涉及的主体之间的交互。我们强调了未来工作的机会，例如，将 ML 负责人之间由此产生的游戏形式化。