ERTS: Adversarial Robustness Testing of Ethical AI via Semantic Perturbation in a Bounded Consequence Space

2026-06-12 · Source: cs.AI updates on arXiv.org · Field: Technology & Digital — Artificial Intelligence & Machine Learning, Cybersecurity & Data Privacy, Emerging Technologies & Innovation · Depth: Expert, extended

Summary

The Ethical Robustness Testing System (ERTS) is a novel closed-pipeline framework designed to evaluate AI systems' robustness against adversarial manipulation of ethical reasoning in high-stakes contexts. ERTS encodes ethical dilemmas into a 22-dimensional Ethical Consequence Space (ECS), applies 17 semantic perturbation functions with 6 validity constraints, and measures decision deviation using a 4-component Ethical Instability Index (EII). It then produces domain-adaptive pre-deployment assessment verdicts. An evaluation of 4 structured baseline models and 2 production LLMs (Gemini 2.0 Flash and Llama 3.2) across 50 ethical scenarios and 8 deployment domains, generating 1,500 adversarial test cases, revealed that only 33% of models achieved assessment clearance. Notably, the local Llama-3.2 model proved highly vulnerable to fairness corruption and information degradation attacks, achieving an Ethical Robustness Score (ERS) of 0.737.

Key takeaway

For AI Scientists and AI Security Engineers deploying high-stakes ethical AI, you should integrate ERTS-like adversarial robustness testing into your pre-deployment pipeline. This will identify vulnerabilities to semantic manipulations, especially regarding fairness corruption and information degradation. Your smaller, locally-deployed models may exhibit significant ethical instability, as demonstrated by Llama-3.2's 0.737 ERS. Prioritize robust models like Gemini 2.0 Flash for critical applications to ensure ethical judgment stability.

Key insights

AI ethical judgment can be robustly tested against semantic perturbations in a bounded consequence space.

Principles

Ethical robustness requires semantic coherence constraints.
Model scale significantly impacts ethical robustness.
Rule-based systems can outperform RLHF in robustness.

Method

ERTS encodes ethical dilemmas into a 22-dimensional ECS, applies 17 semantic perturbations with 6 constraints, measures deviation via a 4-component EII, and provides domain-adaptive verdicts.

In practice

Test AI for fairness corruption and information degradation.
Prioritize larger, broadly trained LLMs for ethical tasks.
Integrate ethical robustness testing into pre-deployment.

Topics

Ethical AI
Adversarial Robustness Testing
Ethical Consequence Space
Large Language Models
AI Safety
Pre-Deployment Assessment

Code references

NVIDIA/garak

Best for: Research Scientist, CTO, VP of Engineering/Data, AI Scientist, AI Security Engineer, AI Ethicist

Related on AIssential

Open in AIssential →

Editorial summary, takeaway, and curation by AIssential. Original article published by cs.AI updates on arXiv.org.