Author: Denis Avetisyan
A new framework seeks to reconcile the technical performance of artificial intelligence with the growing need for regulatory compliance and societal values.
This review proposes a semantic framework to bridge functional and normative requirements for Trustworthy AI, facilitating compliance with regulations like the EU AI Act and improved risk assessment in AI system design.
Despite growing regulatory pressure and technical advancements, a disconnect persists between the practical implementation of Trustworthy AI and the normative requirements defining it. This position paper, ‘Bridging the AI Trustworthiness Gap between Functions and Norms’, addresses this challenge by arguing for a shared conceptual language to align functional and normative approaches to AI trustworthiness. We propose a semantic framework to facilitate translation of regulations, such as the EU AI Act, into concrete design and risk assessment steps for developers. Will such a framework ultimately enable more transparent, accountable, and demonstrably trustworthy AI systems?
Trustworthy AI: Beyond the Hype Cycle
The accelerating integration of artificial intelligence into critical infrastructure and daily life necessitates a shift in evaluation metrics, moving beyond solely assessing technical performance. While accuracy and efficiency remain important, contemporary AI deployment demands robust trustworthiness frameworks that encompass reliability, safety, fairness, and accountability. This isn’t merely a matter of avoiding errors; it’s about ensuring AI systems behave predictably, resist manipulation, and respect fundamental rights. Increasingly, organizations are realizing that technical prowess alone is insufficient; a holistic approach to trustworthiness – addressing both the ‘what’ AI can do and the ‘how’ and ‘why’ it does it – is vital for fostering public confidence and enabling sustainable AI adoption. This expanded focus necessitates interdisciplinary collaboration, involving not only computer scientists but also ethicists, legal experts, and social scientists to define, measure, and ultimately guarantee responsible AI systems.
Existing regulatory frameworks, such as the General Data Protection Regulation (GDPR), articulate broad principles for data handling and individual rights, but often fall short when applied to the complexities of artificial intelligence systems. These regulations primarily address what data protection should look like – concepts like consent and data minimization – yet provide limited guidance on how these principles are technically implemented within machine learning algorithms and AI pipelines. This disconnect creates a significant gap, leaving organizations to navigate ambiguous interpretations and potentially face legal challenges when deploying AI that processes personal data. The challenge isn’t a lack of ethical consideration within the regulations, but rather the difficulty of translating high-level normative requirements into concrete, auditable technical specifications that ensure compliance and build user trust.
The escalating integration of artificial intelligence into critical infrastructure and daily life has solidified ‘Trustworthy AI’ as a paramount concern, demanding a holistic strategy that transcends mere technical proficiency. This isn’t simply about algorithms achieving high accuracy; it requires simultaneously addressing ethical considerations – fairness, accountability, and transparency – alongside functional requirements like robustness, reliability, and safety. A unified approach necessitates the convergence of diverse fields, including computer science, law, philosophy, and social sciences, to develop comprehensive frameworks and methodologies. Such integration ensures AI systems are not only capable but also aligned with human values and societal norms, fostering public confidence and enabling responsible innovation. Without this cohesive strategy, the potential benefits of AI risk being overshadowed by ethical lapses and functional failures, hindering widespread adoption and eroding trust in the technology.
The absence of universally accepted standards for responsible AI deployment presents significant hurdles for organizations navigating increasingly complex legal and ethical landscapes. Without clear guidelines, businesses risk facing ambiguity regarding compliance with existing regulations – such as the General Data Protection Regulation – and potential legal challenges related to bias, fairness, and data privacy. This lack of standardization fosters inconsistent interpretations of ‘responsible AI’, leaving organizations vulnerable to scrutiny and potentially costly litigation. Consequently, a proactive shift towards unified, measurable benchmarks is crucial, not only to mitigate legal risks but also to build public trust and foster sustainable innovation in artificial intelligence.
![Seven key principles, as outlined in [hleg,aiactsection3], form the normative foundation of trustworthy AI.](https://arxiv.org/html/2512.20671v1/figures/pillars2.png)
Defining the Rules: Trustworthy AI in Practice
The High-Level Expert Group on Artificial Intelligence (HLEG), established by the European Commission, defined seven key principles for Trustworthy AI in 2019. These principles – human agency and oversight, technical robustness and safety, privacy and data governance, transparency, diversity, non-discrimination and fairness, societal and environmental well-being, and accountability – serve as the ethical and legal groundwork for the proposed European Union AI Act. The HLEG’s recommendations directly influenced the Act’s structure and requirements, particularly concerning the obligations for high-risk AI systems and the establishment of conformity assessment procedures. These principles are not merely aspirational guidelines; they are being translated into concrete regulatory requirements with significant implications for developers, deployers, and users of AI technologies within the EU.
The European Union’s AI Act categorizes artificial intelligence systems based on risk level, with the most stringent requirements applied to “high-risk AI.” These high-risk systems – identified by their potential to cause harm to health, safety, or fundamental rights – are subject to mandatory conformity assessments before deployment. Compliance measures include requirements for data governance, technical documentation, transparency, human oversight, accuracy, robustness, and cybersecurity. Specifically, providers of high-risk AI systems must establish a quality management system, conduct risk assessments, and maintain detailed records demonstrating compliance. Failure to adhere to these regulations can result in substantial fines and prohibition from placing AI systems on the EU market.
ALTAI (AI Legibility Tool for Accountability and Trust) offers organizations a standardized method for evaluating AI systems against the seven key principles for Trustworthy AI established by the EU’s High-Level Expert Group. The tool functions as a self-assessment questionnaire, prompting users to provide evidence and documentation demonstrating compliance with each principle – human agency and oversight, technical robustness and accuracy, privacy and data governance, transparency, diversity, non-discrimination, and societal and environmental well-being. ALTAI generates a report detailing the assessment results, identifying areas of strength and potential gaps in alignment with these principles, and providing recommendations for remediation. While not a certification, the tool facilitates internal evaluation and informs organizations about their readiness for potential regulatory scrutiny under frameworks like the EU AI Act.
Effective implementation of trustworthiness principles for AI necessitates a formalized language for both definition and assessment. Currently, the abstract nature of terms like “fairness” or “transparency” introduces ambiguity in practical application and hinders consistent evaluation. A concrete language requires specific, measurable criteria and standardized metrics to determine whether an AI system meets the defined principles. This includes establishing clear definitions for each principle, identifying relevant indicators, and developing assessment methodologies that can be consistently applied across different AI systems and contexts. Without such formalized language, organizations struggle to demonstrate compliance with emerging regulations, like the EU AI Act, and to build verifiable trust in their AI deployments.
Mapping Trust: A Semantic Approach to Evaluation
A standardized Semantic Framework aims to bridge the gap between the operational characteristics of Artificial Intelligence systems and established trustworthiness criteria. This framework proposes a structured methodology for relating specific AI functions – such as data processing, decision-making, and output generation – to qualitative assessments of reliability, fairness, transparency, and accountability. By employing a formalized semantic representation, the framework enables consistent and comparable evaluations across diverse AI applications and implementations. This common language facilitates objective assessment, reduces ambiguity in trustworthiness claims, and supports the development of verifiable AI systems, ultimately enhancing confidence and responsible deployment.
The proposed Semantic Framework for trustworthiness evaluation leverages existing Functional Description Frameworks to facilitate detailed AI component analysis. These frameworks, including those based on System Ontology, Boxology, and UML-based Modelling Languages, provide standardized methodologies for representing the internal workings of AI systems. System Ontology focuses on defining components through hierarchical relationships, Boxology emphasizes black-box functional descriptions, and UML-based approaches offer visual modelling of system architecture and interactions. Utilizing these established methods allows for a consistent and comprehensive documentation of AI components, detailing inputs, outputs, internal processes, and dependencies, which is crucial for assessing trustworthiness attributes and identifying potential vulnerabilities.
The proposed Semantic Framework explicitly incorporates data characteristics – specifically Data Format and Data Origin – as critical elements in trustworthiness evaluation. Recognizing that data quality and provenance significantly impact AI system reliability and fairness, the framework mandates documentation of data formats used by each AI component, including data types, units of measurement, and encoding schemes. Furthermore, comprehensive tracking of Data Origin, encompassing data sources, collection methods, and any transformations applied, is required. This focus on data governance ensures traceability and accountability, facilitating identification and mitigation of potential biases or errors introduced through data-related issues, and ultimately bolstering the overall trustworthiness of the AI system.
A Trust Ontology is a formal representation of knowledge concerning trust, crucial for operationalizing trustworthiness within the Semantic Framework. This ontology defines key concepts such as trust factors (e.g., reliability, fairness, transparency), trust relationships between AI components and stakeholders, and the properties of trustworthy AI systems. Categorization within the ontology enables consistent evaluation; for example, differentiating between technical reliability, data integrity, and societal impact. Formal definitions within the ontology facilitate automated reasoning and validation of trustworthiness claims, allowing for quantifiable assessment and comparison of AI systems based on shared trust criteria. The ontology’s structure supports both human interpretability and machine readability, enabling effective communication and consistent application of trust-related concepts across diverse AI applications.
From Theory to Practice: Risk Management and Standardization
An AI Risk Ontology provides a structured approach to evaluating the potential harms associated with artificial intelligence systems, moving beyond generalized concerns to pinpoint specific risks within a defined context. This methodology facilitates a granular assessment of risk levels – from minimal to unacceptable – by cataloging relevant information such as system capabilities, intended uses, and potential failure modes. Crucially, this detailed documentation isn’t merely an exercise in technical specification; it directly supports adherence to emerging regulations like the European Union’s AI Act, which demands demonstrable risk management practices. By providing a standardized, semantic framework for risk identification and categorization, the ontology enables organizations to proactively address potential issues, build trustworthy AI, and demonstrate compliance through auditable records.
The National Institute of Standards and Technology (NIST) has developed the AI Risk Management Framework (AIRMF) to provide a structured and comprehensive approach to identifying, assessing, and managing risks associated with artificial intelligence systems. This framework isn’t intended to be a rigid checklist, but rather a flexible, scalable tool adaptable to diverse AI applications and organizational contexts. Crucially, the AIRMF complements semantic approaches – such as those utilizing Resource Description Framework (RDF) – by offering a practical, operational pathway for translating abstract risk assessments into concrete mitigation strategies. It emphasizes a continuous process of risk management, promoting responsible AI innovation and fostering trust through transparency and accountability. The framework guides organizations in mapping, measuring, and managing AI risks, thereby supporting compliance with emerging regulations and promoting the beneficial deployment of AI technologies.
The foundation for effective knowledge sharing and system interoperability within a semantic framework lies in Resource Description Framework (RDF). RDF isn’t simply a data format; it’s a standardized method for representing information as interconnected triples – subject, predicate, and object – allowing machines to understand not just what data means, but also how it relates to other data. This structure facilitates the creation of knowledge graphs, where complex relationships between AI system components, risks, and mitigation strategies can be explicitly defined and readily exchanged. Consequently, RDF enables different AI risk management tools and frameworks – like the AI Risk Management Framework (AIRMF) – to communicate seamlessly, fostering a more holistic and coordinated approach to identifying, assessing, and managing the potential harms associated with artificial intelligence. By adopting RDF, organizations move beyond siloed data and towards a future where AI risk information is transparent, accessible, and easily integrated across diverse systems.
Current approaches to trustworthy AI, such as AI-TMM, offer initial frameworks for assessment, but often fall short of comprehensively evaluating the intricate relationships within complex systems. These methodologies frequently adopt a fragmented perspective, focusing on individual components rather than the emergent behaviors arising from their interactions. This limitation underscores a critical need for more holistic methodologies capable of systematically exploring the entire AI lifecycle – from data sourcing and model training to deployment and ongoing monitoring – and accounting for the cascading effects of potential failures or biases. A truly robust evaluation requires not just identifying risks in isolation, but understanding how these risks propagate through the system and ultimately impact real-world outcomes, necessitating the development of tools and techniques that move beyond component-level analysis.
The pursuit of ‘Trustworthy AI’ feels perpetually stuck in a cycle of re-invention. This paper attempts to map functional requirements onto normative ones with a semantic framework, a clever enough idea, but one that inevitably invites the question: how long before the first production deployment reveals the inherent limitations of any such mapping? As Claude Shannon observed, “Communication is the transmission of information, but to really communicate it has to be received and understood.” Similarly, a beautifully designed framework for AI trustworthiness is useless if it doesn’t translate into practical, real-world compliance – and production always has a way of highlighting where the theory fails. It’s a well-intentioned effort, of course, but one destined to become tomorrow’s tech debt. The EU AI Act demands compliance, but compliance rarely equates to genuine trustworthiness – it merely raises the bar for what constitutes an acceptable failure.
What’s Next?
This semantic framework, while a logical attempt to map aspirational AI ethics onto concrete system design, will inevitably encounter the usual friction. Every abstraction dies in production, and the translation of ‘trustworthy’ from a regulatory document into executable code is a particularly brutal execution. The proposed mappings offer a starting point, but anticipate a constant need for recalibration as edge cases – and malicious actors – exploit the inevitable gaps.
Future work will not be about perfecting the framework, but about building robust monitoring and adaptation loops. Risk assessment, as currently conceived, is a snapshot in time; the real challenge lies in creating systems that can dynamically reassess and mitigate risk as they encounter unforeseen data distributions and adversarial inputs. The EU AI Act, and similar legislation, will become a moving target, demanding continual updates to both the framework and the systems it governs.
Ultimately, this is structured panic with dashboards. It’s a valiant effort to impose order on a fundamentally chaotic landscape. The question isn’t whether the system will fail, but when, and whether the failure modes are acceptably graceful. Everything deployable will eventually crash; the goal is to design for predictable, manageable collapses, rather than spectacular, unforeseen ones.
Original article: https://arxiv.org/pdf/2512.20671.pdf
Contact the author: https://www.linkedin.com/in/avetisyan/
See also:
- Mobile Legends: Bang Bang (MLBB) Sora Guide: Best Build, Emblem and Gameplay Tips
- Clash Royale Best Boss Bandit Champion decks
- Best Hero Card Decks in Clash Royale
- All Brawl Stars Brawliday Rewards For 2025
- Best Arena 9 Decks in Clast Royale
- Brawl Stars December 2025 Brawl Talk: Two New Brawlers, Buffie, Vault, New Skins, Game Modes, and more
- Vampire’s Fall 2 redeem codes and how to use them (June 2025)
- Clash Royale Witch Evolution best decks guide
- Clash Royale Furnace Evolution best decks guide
- ATHENA: Blood Twins Hero Tier List
2025-12-25 23:38