top of page
検索

What Is Verifiable AI?-Primary Sources, Overseas Terminology, and Where Responsibility OS Fits

“Verifiable AI” has no single agreed-upon definition.

Responsible AI, Explainable AI, Safe AI — these terms are sometimes used alongside it, but what “verifiable AI” actually means shifts depending on context.

Looking at international primary sources, “Verifiable AI” is not yet a fixed standard term. In practice, the conversation is distributed across Verified AI, AI verification, TEVV, AI assurance, conformity assessment, provenance, traceability, record-keeping, and cryptographic verifiability — each advancing in its own lane.

This article maps those lanes from primary sources, then shows where Responsibility OS sits within them. Responsibility OS comes last. Starting with it as the subject would look self-serving.


▼Responsibility OS Press Release(JP)https://prtimes.jp/main/html/rd/p/000000004.000182721.html



1. Verified AI: Proving Properties of Models and AI Systems

One origin of “verifiable AI” lies in the formal verification tradition.

Seshia, Sadigh, and Sastry’s “Towards Verified Artificial Intelligence” proposes applying formal methods to guarantee that AI-based systems are correct with respect to mathematically specified requirements. Verification here means provable correctness against a specification.

Similarly, Katz et al.’s “Reluplex” is an SMT solver purpose-built for verifying deep neural networks — formally confirming that a network’s behavior satisfies specified constraints, and finding counterexamples when it does not.

In this tradition, verification means mathematically proving properties of AI systems or models.

One important distinction follows from this. Verification in this sense is about whether an AI system or model is correct. It is not the same question as: when a company formally adopts an AI decision into operations, can that adoption be confirmed by a third party after the fact?


2. TEVV: Testing, Evaluation, Verification, Validation Across the AI Lifecycle

NIST’s AI Risk Management Framework (AI RMF 1.0) organizes the characteristics of trustworthy AI across multiple dimensions: valid and reliable, safe, secure and resilient, explainable and interpretable, privacy-enhanced, fair, and accountable and transparent.

The NIST AI Resource Center supports the operationalization of the AI RMF by providing documents, tools, and guidance around TEVV — Testing, Evaluation, Verification, and Validation — as a practical vocabulary for confirming that AI performs appropriately for its intended purpose across the full AI lifecycle.

Within this framing, verifiable AI means something broader than model verification. It means placing AI systems in a state where their trustworthiness — across data, model, operational context, evaluation, monitoring, and accountability — can be confirmed throughout the lifecycle.

That said, TEVV addresses the trustworthiness of AI systems. It does not directly address how to record, in a way that can be confirmed later, whether a specific AI decision was in an accountable state when it was formally adopted as a company decision.


3. AI Assurance: Evaluating and Communicating Evidence of Trustworthiness

The UK Centre for Data Ethics and Innovation (CDEI) defines AI assurance as “mechanisms for evaluating and communicating trustworthy evidence about the properties of AI systems.” The core of this definition is not declaring that AI is trustworthy — it is evaluating and communicating evidence about trustworthiness.

Singapore’s AI Verify operationalizes AI assurance by mapping principles to outcomes, processes, and documentary evidence, enabling organizations to verify AI systems through testing against defined governance frameworks.

This marks an important shift: AI governance is moving from declaring principles to producing evidence documents, inspection processes, and third-party verification.

“We use Responsible AI” is a declaration. “This decision was verified under these conditions, through this process” is evidence. AI assurance asks for the latter.


4. EU AI Act and ISO/IEC 42001: Verifiability as a Regulatory Requirement

The EU AI Act (Regulation (EU) 2024/1689) entered into force on 1 August 2024, with phased application. For high-risk AI systems, it requires:

  • Article 12 (Record-keeping): Automatic logging to ensure traceability of AI system outputs throughout their lifetime.

  • Article 14 (Human oversight): Ensuring humans can understand and monitor AI output, and have the ability to decide not to use it, to disregard it, to override it, or to reverse it.

  • Technical documentation, transparency, and conformity assessment.

ISO/IEC 42001:2023 (AI Management System) requires organizations to establish, implement, maintain, and continually improve a management system for responsible development and use of AI — covering risk management, monitoring, documentation, and continuous improvement.

At this stage, verifiable AI is no longer a research topic. It is a question of enterprise operations and regulatory compliance.

One question remains open, however. Having logs, technical documentation, and human oversight are conditions. Whether a specific AI decision can demonstrate, after the fact, who adopted it, under which conditions, and with which unverified assumptions remaining — this is not automatically ensured by satisfying these requirements alone.


5. Provenance, Credentials, C2PA, AI-BOM: Making Evidence Machine-Readable

Internationally, the direction is toward preserving verifiability not only as explanatory text, but as machine-readable provenance, credentials, and structured evidence.

W3C PROV-O is an ontology for describing the provenance of data and artifacts — which entities, activities, and agents were involved in their creation and transformation. It is the standard vocabulary for machine-readable records of where information came from and what processing it underwent.

W3C Verifiable Credentials 2.0 standardizes tamper-evident claims with cryptographic verification — a foundation for issuing and holding evidence that third parties can verify.

C2PA (Coalition for Content Provenance and Authenticity) establishes standards for recording the origin and edit history of digital content. For AI-generated or AI-edited content, it enables recording what model did what.

CycloneDX AI/ML-BOM provides a bill-of-materials format for AI systems — machine-readable descriptions of models, datasets, dependencies, data provenance, and training methods.

These represent the move toward machine-readable audit structures. However, what these standards primarily address is the provenance of data, credentials, content, models, and dependencies. The provenance of the act of formally adopting an AI decision as a company decision is not their direct subject.


6. Model Cards, Datasheets, FactSheets: Documentation and Its Limits

There is an important lineage of work on documenting AI systems and datasets.

Model Cards for Model Reporting (Mitchell et al., 2019) documents intended use, performance, evaluation conditions, and caveats for AI models — making transparent what a model is.

Datasheets for Datasets (Gebru et al., 2018) documents the motivation, composition, collection process, recommended uses, and limitations of datasets — making transparent what data is.

IBM AI FactSheets documents AI service purpose, performance, safety, security, and provenance/lineage.

These have made important contributions to transparency in AI research and practice. But there is a limit worth naming explicitly.

These documents explain what an AI system is. They do not record what accountability state a specific AI decision was in when it was formally adopted as a company decision. A model card does not capture what conditions were checked, who confirmed them, or what was left unverified for any given decision.


7. Cryptographic Verifiability: Toward Provably Auditable AI Pipelines

Recent research has begun exploring cryptographic verification of the full AI pipeline.

Work such as “A Framework for Cryptographic Verifiability of End-to-End AI Pipelines” examines attaching cryptographic proofs to data sourcing, training, inference, and unlearning — making the claim “this is what the AI did” mathematically provable after the fact.

This direction connects naturally with ADIC (Advanced Data Integrity by Ledger of Computation), the technical foundation developed as part of Responsibility OS for preserving AI decision processes as evidence that third parties can re-execute and verify later.

The distinction worth noting: Responsibility OS and ADIC are not cryptographic proof systems in themselves. Their focus is on preserving the accountability state in which an AI decision was formally adopted, in a form that can be confirmed later.


8. OWASP AISVS and Appia Foundation: Security Verification and Conformity Evidence

OWASP AI Security Verification Standard (AISVS) provides a catalog of testable security requirements for AI-enabled systems — defining verifiability as the ability to test and confirm that security requirements are met.

Appia Foundation, announced in June 2026 by the Linux Foundation, is an emerging initiative aiming to establish conformity specifications and assessable evidence across the full AI value chain — including evidence pass-through between components. This is a new development, not yet an established standard.

These represent the leading edge of operationalizing verifiability for AI security and conformity. And here too, the primary focus is on AI system properties, security, and conformity — not on the accountability state of specific adoption decisions.


9. Where Responsibility OS Fits: A Responsibility Information Layer for AI Decision Adoption

Here, for the first time, Responsibility OS becomes the subject.

Mapping the international landscape:

Lineage Primary focus Verified AI / AI verification Formal proof of model or AI system properties TEVV Testing, evaluation, verification, validation across the AI lifecycle AI assurance Mechanisms for evaluating and communicating evidence of trustworthiness EU AI Act / ISO 42001 Logs, documentation, human oversight, and conformity assessment as regulatory requirements Provenance / VC / C2PA / AI-BOM Machine-readable provenance of data, credentials, content, models Model Cards / Datasheets / FactSheets Documentation of model, data, and service properties Cryptographic verifiability Cryptographic proof of AI pipeline processes OWASP AISVS / Appia Security verification and conformity evidence standards

Each of these lineages addresses important parts of the problem. But based on a review of major publicly available primary sources, the layer that systematically handles “who adopted this AI decision, under which conditions, with which unverified assumptions remaining, and in which accountability state” — as accountability-relevant information that can be confirmed after the fact — has not yet been clearly formalized.

Responsibility OS is not a new term disconnected from formal verification, provenance, audit trail, or AI assurance. It builds on those existing lineages. The distinctive contribution lies in placing the accountability state of AI decision adoption — not the AI model itself — as the primary object of concern. Formal verification is used not only to check model performance or safety properties, but to confirm that accountability-relevant information, unverified conditions, decision ordering, and adoption state are preserved in a way that can be confirmed later. In this sense, Responsibility OS does not replace existing AI assurance or audit trail approaches. It is a responsibility information layer that connects them to the moment a company formally adopts an AI decision.

Responsibility OS addresses that gap.

Responsibility OS is not a technology for proving that an AI model is correct. It is a responsibility information layer: connecting provenance, traceability, audit trail, metadata, unverified conditions, and accountability state to make answerable, after the fact, the question “who adopted this AI decision, and under what conditions.”

Accountability-Relevant Information refers to the information that must not be lost in order to verify, after the fact, the accountability state of an AI decision. It includes provenance, audit trail, traceability, verified conditions, unverified conditions, responsible parties, and the ordering of decisions — not only the result.

Accountability State is the total picture at a given moment: who was involved, on what basis, what was verified, and what was not. Accountability-relevant information is what is needed to reconstruct that state.

ADIC (Advanced Data Integrity by Ledger of Computation) is the technical foundation for preserving accountability-relevant information as verifiable evidence that third parties can re-examine. ALS (Algorithmic Legitimacy Shift) is the theory addressing situations where relying on human review alone is structurally insufficient to support an accountability state.

GhostDrift Mathematical Institute has published the foundational theories of Responsibility OS as machine-verified formal proofs in Lean 4 — fixing the claim “this can be verified later” in a form that a computer can confirm.


10. The Significance of Hiroshima-Origin AI Assurance

The International Code of Conduct produced through the Hiroshima AI Process (2023) is a set of voluntary guidance for organizations developing and deploying advanced AI systems, aimed at promoting safe, secure, and trustworthy AI worldwide. It calls for risk assessment and mitigation across the AI lifecycle, accountability, governance processes, and the development and disclosure of risk management policies.

But translating this into enterprise operations requires one more layer of specificity.

Declaring AI to be safe, secure, and trustworthy is not the same as being able to demonstrate, for a specific AI decision, what conditions it was adopted under, who took responsibility for it, and whether that can be confirmed later.

Internationally, AI verification, TEVV, AI assurance, conformity assessment, provenance, documentation, and cryptographic verifiability are each advancing. But based on a review of major publicly available primary sources, the layer that systematically handles AI decision adoption states as accountability-relevant information, in a way that can be confirmed after the fact, has not yet been clearly formalized.

Responsibility OS is a Japan-origin proposal for that gap. That is why the Hiroshima-origin AI assurance implementation framework carries significant meaning.

To translate the principle of “safe, secure, trustworthy AI” — as expressed in the Hiroshima Process International Code of Conduct — into operationally verifiable AI assurance, a structure is needed for recording the accountability state in which AI decisions were adopted. As a Japan-origin implementation initiative toward that goal, Hiroshima-origin AI assurance is a potential contribution to the international conversation on verifiable AI.


Summary

Verifiable AI is not explainable AI.

It is AI whose decisions, when formally adopted as company decisions, can be confirmed after the fact — including the accountability state they were in when adopted.

What is needed for this is a structure in which provenance, traceability, audit trail, metadata, unverified conditions, and accountability state are preserved together as accountability-relevant information. The international lineages surveyed here each address important parts of this problem. Based on a review of major publicly available primary sources, the layer focused specifically on AI decision adoption states as accountability-relevant information has not yet been clearly formalized.

Responsibility OS is a Japan-origin attempt to build that layer.


Primary Sources

Formal Verification

  • Seshia, S.A., Sadigh, D., Sastry, S.S. “Towards Verified Artificial Intelligence.” arXiv:1606.08514 https://arxiv.org/abs/1606.08514

  • Katz, G. et al. “Reluplex: An Efficient SMT Solver for Verifying Deep Neural Networks.” CAV 2017

AI Risk Management / TEVV

AI Assurance

Regulation and Standards

Machine-Readable Provenance and Evidence

Documentation Lineage

  • Mitchell, M. et al. “Model Cards for Model Reporting.” FAccT 2019

  • Gebru, T. et al. “Datasheets for Datasets.” Communications of the ACM, 2021

  • Arnold, M. et al. “FactSheets: Increasing trust in AI services through supplier’s declarations of conformity.” IBM Journal of R&D, 2019

Security and Conformity Evidence

Responsibility OS

GhostDrift Mathematical Institute, Inc. https://www.ghostdriftresearch.com

 
 
 

コメント


bottom of page