JP2018085136A - System having artificial intelligence - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a system having artificial intelligence capable of protecting the system from a fraudulent external access.SOLUTION: A system 1 comprises: a first artificial intelligence module 30 which has a function to assist or autonomously perform information exchange in an open environment; a second artificial intelligence module 50 which monitors an action of the first artificial intelligence module 30 and autonomously executes a process associated with the information exchange in a closed environment. The first artificial intelligence module 30 can use an external resource through the Internet to learn or reach a deduction while protecting the system from a fraudulent external access.SELECTED DRAWING: Figure 1

Description

  The present invention relates to a system having artificial intelligence.

  Patent Document 1 describes that user interaction with a device is facilitated, and local services and / or remote services are more effectively used. The intelligent automated assistant system of this document uses natural language dialogs to interact with users through integrated interactions and invokes external services when it is suitable to obtain information or to perform various actions. Implemented using any of a number of different platforms, such as the web, email and smartphones, or any combination thereof. Employ additional functionality powered by external services that the system can interact with based on a set of interrelated domains and tasks.

  Patent Document 2 describes providing a method and system for evaluating fraudulent transaction risk in electronic commerce between a customer and a seller. In this document, electronic commerce or electronic purchase orders are received, the level of risk associated with each order is measured, and a risk score is returned. Data validation, highly predictive artificial intelligence pattern matching, network data synthesis and negative file checks are used to test a large number of factors for calculating fraud risk. Other analyzes include comparisons of current transactions against previously known fraudulent transactions and a search of the transaction history database to identify unusual speed patterns, first and last name changes, and known fraudsters. Allows fine tuning of the services provided by the system to adapt to new or changing fraudulent trading patterns.

JP 2014-222517 A JP 2008-165824 A

  Artificial Intelligence (AI) is used to execute and assist various processes or functions such as user interface, fraud detection, etc. In the future, artificial intelligence (AI) Artificial intelligence technology is expected to be applied. Artificial intelligence refers to a computer system having functions of human intelligence such as learning, reasoning, and judgment. It is being developed as a system capable of assisting humans. For example, there are many systems that solve difficult problems in specialized fields such as medicine, science, and engineering at the same level as human experts in that field. Examples include, but are not limited to, a system that translates between languages, a system that operates a robot that performs intelligent work, and a system that finds useful information from the web.

  When artificial intelligence such as language understanding, reasoning, and problem solving is performed on behalf of humans, it is important that the artificial intelligence operates normally and without unauthorized access. In order for artificial intelligence to learn and infer, it is essential to use external (external) resources via the Internet, etc., but on the other hand, protect against unauthorized access from outside. Is getting harder.

  According to one embodiment of the present invention, a first artificial intelligence module including a function of assisting or autonomously exchanging information in an open environment, and the operation of the first artificial intelligence module are monitored, and processing associated with information exchange is closed And a second artificial intelligence module that autonomously performs in a different environment. The first artificial intelligence module (front-side artificial intelligence) can assist information exchange requested by the user or the host or autonomously based on information including external resources in an open environment. The second artificial intelligence module (backside artificial intelligence) operates in a closed environment and is not exposed to unauthorized access from the outside, and monitors the operation of the first artificial intelligence module. In this system, the second artificial intelligence module can indirectly grasp the information exchange desired by the user or the host, and autonomously performs processing based on the information exchange in a closed and secure environment. Therefore, the system including the first artificial intelligence module and the second artificial intelligence module is open in a safe state that prevents troubles that are anxious in an open environment such as information leakage and malfunction due to unauthorized access. It is possible to respond to user or host requests while effectively using many resources provided in the environment.

  An open environment includes a user interface, a first network connection interface for connecting to an open network service such as the Internet, and a first memory storing information exchanged between the user interface or the first network connection interface And may be included. The closed environment may include a second memory that cannot be accessed by the first artificial intelligence module. The second artificial intelligence module is information required for information exchange, and is stored in the second memory. A function of supplying information obtained by encrypting the stored confidential information to the first memory may be included. Personal information related to payment such as card information and account information, and personal information such as user ID and password can be safely managed as confidential information using the second artificial intelligence module.

  The closed environment may include a second network connection interface for connecting to a closed network service separated from an open network such as a home LAN, an in-vehicle LAN, a factory LAN, or a store LAN. As a home gateway, in-vehicle gateway, and factory gateway, access from an open network can be handled by the first artificial intelligence module, and separated networks can be handled by the second artificial intelligence module. With this system, a connection response with an external network can be performed while ensuring the security of the separated network. The second artificial intelligence module may include a function of monitoring an abnormality of the first artificial intelligence module.

  This system is a first OS that supports an open environment, a first OS on which the first artificial intelligence module runs, and a second OS that supports a closed environment, You may have 2nd OS with which an artificial intelligence module operates. The safety of the second artificial intelligence module can be ensured by the second OS that operates in a secure environment separated from the first OS.

  Typically, an architecture having a memory including a security area and a non-security area, a processing unit including a support mechanism that prohibits access to the security area, and a hypervisor running on the processing unit can be used. The hypervisor allows the second OS to access the security area and the non-security area and prohibits access to the open environment, and the first OS to the non-security area and the non-security device. And a mechanism for permitting access and prohibiting access to the security area using a support mechanism.

  The hypervisor may include a virtualization support mechanism that virtualizes and provides hardware (device) included in the processing unit to the first OS and the second OS. The processing unit may include one or more main processing units (CPU) and one or more graphics processing units (GPU). The hypervisor may include a virtualization support function of at least one CPU and at least one GPU.

  The first artificial intelligence module includes a plurality of machine learning modules, a plurality of machine learning data used for each machine learning module, a communication unit between machine learning modules that performs communication between the plurality of machine learning modules, and a plurality of machine learning modules. And a separation unit that suppresses mixing of machine learning data. Machine learning modules (techniques) include ID3 (Iterative Dichotomiser 3), decision tree learning such as random forest (Random Forest, Randomized trees), first-run rule learning, various neural networks (ANN (Artificial Neural Network, Artificial Neural Network) ), DNN (Deep Neural Network), CNN (Convolutional Neural Network), RNN (Recurrent Neural Network), Genetic Programming (GP), Inductive Logic Various things such as programming (ILP, Inductive Logic Programming), support vector machine (SVM), clustering, and Bayesian network have been proposed. There is.

  As the artificial intelligence module of this system, a machine learning integrated platform including a plurality of machine learning modules, a plurality of machine learning data, an inter-module communication unit, and a separation unit may be used. It is possible to provide an artificial intelligence module that integrates multiple types of machine learning modules in the right place, and can provide an artificial intelligence module that is suitable for personalization. In particular, the artificial intelligence module including the machine learning integration platform is suitable for the first artificial intelligence module that is likely to be used for various purposes. The second artificial intelligence module may include a machine learning integration platform.

  The first artificial intelligence module includes a unit that determines failure and success of response to the user, and a unit that automatically collects data for leading the response to the user from an open environment and automatically constructs a personal database. May be included. It is possible to autonomously advance the personalization of artificial intelligence. The artificial intelligence module with the integrated platform may include a machine learning module for guiding the user's response to success and a unit for automatically collecting machine learning data from an open environment and incorporating it into the first artificial intelligence module. Good.

  The first artificial intelligence module and the second artificial intelligence module may be constructed on the server, but the open artificial environment and the closed environment are separated, and the operation of the first artificial intelligence module by the second artificial intelligence module is performed. In order to ensure traceability, it is desirable that the control module has a first artificial intelligence module and a second artificial intelligence module mounted on a single chip or chipset.

  An example of this system is a personal assistance system that includes a user interface connected to a first artificial intelligence module, such as a PDP, PDA, smartphone, and the like. Two other examples of the system include a home gateway system including a user interface connected to the first artificial intelligence module and a home LAN and / or device control interface connected to the second artificial intelligence module. It is. Another example of this system is an in-vehicle gateway system that includes a user interface connected to a first artificial intelligence module and an in-vehicle LAN and / or device control interface connected to a second artificial intelligence module. . Another example of this system is an IoT gateway that includes an internet interface connected to a first artificial intelligence module and a factory LAN and / or equipment interface connected to a second artificial intelligence module. .

1 is a block diagram of a system including a normal AI and a secure AI. 1 is a block diagram of a system including a CPU and a GPU. The figure which shows the example applied to the personal assistance system. The figure which shows the state corresponding to fraud. The figure which shows the example applied to the home gateway system. The block diagram which shows AI integration platform. Deep learning map. The figure which shows initial learning and dynamic learning. The figure which shows an example of initial learning and dynamic learning. The figure which shows the other example of initial learning and dynamic learning. The figure which shows the other example of initial learning and dynamic learning. The figure which shows the example of the dynamic learning by dialogue. The figure which shows the example of the dynamic learning of voice recognition.

  FIG. 1 shows an example of a system having two artificial intelligences. The system 1 is a computer system incorporated in a personal assistance terminal such as a smartphone, a notebook personal computer, a home appliance, an industrial machine, or an automobile, and is typically a system incorporated in a SoC (system on chip). The system 1 includes a hardware platform 10 including a processor unit 11, a hypervisor 20 operating on the hardware platform 10, and a first OS (non-secure OS, non-secure OS, non-secure OS, operating in a virtual environment provided by the hypervisor 20. A general-purpose OS (rich OS) 21 and a second OS (secure OS) 22 are included.

  The processor unit 11 provides a plurality of execution modes (execution environments). In this embodiment, the processor unit 11 is realized by a support function (memory protection function) that sets a security area in the memory and prohibits access to the security area. Two execution modes are assumed: a secure mode 6 and a low secure mode (hereinafter referred to as a non-secure mode, a non-secure mode or a normal mode) 7 having a lower security level than the secure mode 6. In the non-secure mode 7, access to the secure area of the memory is prohibited by the support function of the processor unit 11.

  The system 1 includes a trusted application group (secure application) 57 that operates in a secure but closed environment (secure world, closed world) 8 on a secure OS 22 that operates in the secure mode 6, and a rich that operates in the non-secure mode 7. And a client application group (non-secure application) 47 that operates in an open but non-secure environment (non-secure world, normal world, open world) 9 on a non-secure OS 21 such as an OS.

  The non-secure application 47 includes a first artificial intelligence module (normal AI, front side AI, open AI) 30 that runs on the rich OS 21, and various functional modules (applications) 41 to 44 supported by the normal AI 30. . The secure application 57 includes a second artificial intelligence module (secure AI, backside AI, closed AI) 50 that runs on the second OS 22 in the secure world, and various function modules (applications) 51 to 55 supported by the secure AI 50. including. The system 1 may further include an application that operates on the rich OS 21 independently of the normal AI 30, and may include an application that operates on the secure OS 22 independently of the secure AI 50.

  The applications supported by the normal AI 30 include a voice processing function 41, an image processing function 42, various service functions 43, and various search functions 44. The voice processing function 41 includes, for example, voice recognition, voice synthesis, and an interactive function. The image processing function 42 includes an authentication function through an image, for example, a face authentication function, a surrounding environment recognition function, a recognition function such as indoors / outdoors, places, day and night. The service function 43 includes a shop application and a network connection service in an open environment such as the Internet. The search function 44 includes a function of searching for information stored in the system 1 and searching for external information via the net.

  The applications and functions supported by the normal AI 30 are not limited to the above, and the number and types of applications can be increased or decreased by personalization and / or customization. For this purpose, the normal AI 30 automatically constructs a personal database by automatically collecting data (information) from the open environment for determining the failure and success of the response to the user, and data (information) for guiding the response to the user to success. Unit 39.

  The application supported by the secure AI 50 includes a function (payment function unit) 51 for performing payment (settlement), personal data such as card information (personal information), and other secret information or confidential information (in the following, including these secrets) Control function (unit) 52 and data for controlling sensors for obtaining information that is desirable for monitoring in the home, in-vehicle, factory, etc., especially for personal or other maintenance (confidentiality) management Function (unit) 53, control of switches of various devices installed in the home, in-vehicle, factory, etc., in particular, the function of controlling devices for crime prevention, devices affecting safety or safety ( Unit) 54 and a function (unit) 55 for encrypting confidential information.

  An example of the hypervisor 20 is a hypervisor corresponding to a support mechanism that controls writing to a security area (secure area) of a memory, and is a FOXvisor provided by the applicant of the present application. Another example is a VAIOX provided by the applicant, which is a hypervisor that corresponds to the support mechanism and has a communication function between machine learning described later. These are bare metal type (type I) hypervisors.

  As shown in FIG. 1, the VAIOX 20 can separate a plurality of OSs using a support mechanism 12 that a processor (processing unit) 11 has as hardware. The support mechanism 12 can use a TrustZone (hereinafter referred to as a TZ mechanism) in a processor in which an ARM IP is incorporated, and can use a VZ mechanism in a processor in which a MIPS IP is incorporated. The VT mechanism can be used in these processors. The support mechanism 12 may be a virtualization extension function, and examples of a processor incorporating an ARM IP include a virtual extension (Virtualization Extension) and a LPAE (Large Physical Address Extension). For example, in the TZ mechanism 12, the normal world memory space 12a and the secure world memory space 12b can be separated, or access to these memory spaces 12a and 12b can be separated. An environment that is invisible and inaccessible (access is prohibited) can be constructed.

  Therefore, the VAIOX 20 functions as a strong firewall, and can operate in a state where the normal AI 30 of the normal world and the secure AI 50 of the secure world are separated. On the other hand, the secure AI 50 can input / output not only the memory space 12b but also the normal world memory space 12a in a state in which rewriting of the secure world memory space 12b is protected. Therefore, the secure AI 50 can monitor the input / output of the normal AI 30 and can provide information to the normal AI 30. The secure AI 50 of this example includes a monitor function 59 that monitors the operation of the normal AI 30. The monitor function 59 includes a function 58 for monitoring an abnormal operation of the normal AI 30. The normal AI 30 includes a function for monitoring an abnormality of each application in the application group 47 operating in the non-secure world 9. Therefore, by monitoring the abnormal operation of the normal AI 30, it is possible to reliably monitor the abnormal operation of the application due to some cause in the non-secure world 9, thereby preventing the occurrence of damage due to this, Can be limited. For example, anomaly detection, predictive analysis, predictive monitoring, etc. are known as the occurrence of abnormalities. By combining these techniques with machine learning, not only abnormalities specified in advance but also the occurrence of unforeseen abnormalities Can be detected with high probability.

  The hardware platform 10 includes a memory 13, and the memory 13 includes a memory 13a used in an open (normal, non-secure) environment and a memory 13b used only in a secure environment. The hardware platform 10 is further connected to various interfaces used in the open environment (non-secure world) 9, for example, a user interface 14 using visual and auditory senses, an open network such as the Internet via various communication standards. Network interface (first network interface) 15, a connection interface 16 with an external device that can be used in an open environment, and the like.

  The hardware platform 10 also has various interfaces used in a closed environment (secure world) 8, for example, a network interface (second network interface) 17 connected to a closed network such as a home LAN or an in-vehicle LAN. In addition, a connection interface 18 with an external device used in a closed environment is included.

  The VAIOX 20 that is a hypervisor allocates the connection and control of the memory 13 and the interfaces 14 to 18 to the rich OS 21 and the secure OS 22 respectively, thereby constructing an open environment 9 and a closed environment 8 in the system 1. The AI 30 and the secure AI 50 operate in an open environment and a closed environment, respectively.

  The normal AI 30 is a commonly used AI, and handles an item (information) with little damage even if it is hijacked. For example, the normal AI 30 recognizes the user's words and movements, and connects to the cloud side when the recognized content is a network service. The normal AI 30 functions as a support and advisor for normal network services, and is a large amount of information that changes from time to time, such as weather, food and beverage related information related information, etc., and information that the user will request from time to time. provide. The normal AI 30 controls applications provided by a third party. For example, video contents such as video on demand, services, and network shopping applications can be cited.

  On the other hand, when the secure AI 50 is hijacked as a gateway, the secure AI 50 handles an object (information) with a large damage. For example, the secure AI 50 includes device control in the home (control of the sensor 53, the switch 54, etc.), user personal data (life log, for example, action history, behavior of the control device, user behavior, purchase history) 52, Personal service based on life log. The secure AI 50 further stores and manages personal information (confidential information) such as credit card data handling and history management such as billing / shopping, and encrypts the data when delivering the data to the normal AI 30 55 including. Further, the secure AI 50 includes a function 58 for monitoring the normal AI 30, and the normal AI 30 is hijacked by detecting an attack that is not linked to user behavior or the like, or determining whether or not the normal AI 30 is different from the normal movement. Monitor for any.

  The hypervisor (VAIOX) 20 mediates communication between the normal AI 30 and the secure AI 50, and ensures a configuration in which data can be delivered only through an interface set by the developer. In this example, unauthorized access to the secure AI 50 side is suppressed using hardware virtualization technology (Hardware Virtualization).

  FIG. 2 shows a schematic configuration of a system including a hypervisor 20 including a virtualization support mechanism 20v that supports GPGPU (General Purpose Computing on Graphics processing units) as an example of the system 1. An SoC (system on chip) processing unit 11 assumed to be mainly applied to in-vehicle devices includes a plurality of CPUs (main processing units) 101, a GPU (graphics processing unit) 102 as hardware platforms, and And computer resources 105 including other functions (units) such as controlled network interface devices.

  In-vehicle infotainment (IVI) such as the navigation system 49b is often connected to a wide area network, and a system is configured using a general-purpose OS (rich OS) 21b such as Linux (registered trademark) or Android. . The safety system 49c such as a graphic meter is configured by using a lightweight and compact RTOS (Real-Time OS) 21c certified for functional safety. The RTOS 21c is an OS (operating system) adapted for a completely different use from the general-purpose OS. In addition to the CPU 101, the graphic display portion uses the GPU 102 and is similar to an image-type application that runs on the rich OS. is there. However, in the safety system 49c, since functional safety is important, they are not operated on the rich OS.

  A driving assistance system such as ADAS (Advanced Driver Assistance System) 49d needs to operate on the rich OS 21d and process a large amount of data input from an external camera in real time. The GPU 102 is used for image recognition calculation. It is desirable that the normal AI 30 also operates on the rich OS 21a, and in addition to the CPU 101, the GPU 102 can be used for image recognition and high-speed processing.

  The virtualization support function 20v of the hypervisor 20 virtualizes the CPU 101 and the GPU 102 for the systems or applications 30 and 49b to 49d that operate on the different OSs 21a to 21d, thereby allocating resources including the CPU 101 and the GPU 102 respectively. It can be used in a state managed by the OS 21a to 21d, and GPGPU can be used from multiple guests (applications).

  The hypervisor 20 includes a function for switching between the secure mode 6 and the non-secure mode 7. In the secure mode 6, in this example, the CPU 101 is allocated as a resource by virtualizing / semi-virtualizing the CPU 101. Then, the secure AI 50 and the secure application 57 are operated. In the secure mode 6, not only the CPU 101 but also the GPU 102 can be assigned to the secure OS 22 as a resource.

  FIG. 3 shows an example in which the system 1 including the normal AI 30 and the secure AI 50 is mounted on a personal assistance device, for example, a smartphone 71. The normal AI 30 recognizes that the user 2 has spoken by the speech recognition function 41b which is a user interface, and provides information to the user 2 by the speech synthesis / dialog agent 41a, thereby having a conversation with the user 2. The secure AI 50 watches the conversation content by the monitor function 59 via the VAIOX 20, monitors the behavior of the normal AI 30, and autonomously determines whether the processing on the secure AI 50 side is necessary for the conversation content. To do.

  For example, when it is decided to purchase the product “XX” in the conversation between the user 2 and the normal AI 30, the secure AI 50 watches the conversation and thereby determines the product “XX” based on the normal (intentional) judgment of the user 2. ”Will be purchased. In the normal AI 30, the content of the speech-recognized conversation is converted into a text command and transferred to the shop application 43 a, and the shop application 43 a uses the network connection function to access the cloud service 5 and purchase the product “XX”. I do. At this time, if credit card data, bitcoin data, or authentication data thereof is required for the shop application 43a, the secure AI 50 includes the secret information stored in the memory 13b in the security area managed by the personal data 52. The payment function 51 extracts information (payment information) required for purchase, and the encryption function 55 encrypts it and writes it in the non-secure area memory 13a accessible by the normal AI 30.

  The shop application 43a or the normal AI 30 need not be aware of the operation of the secure AI 50. The shop application 43a or the normal AI 30 performs payment for the purchase of the product “XX” in the memory 13a using the encrypted payment information autonomously prepared by the secure AI 50, and stores the information (purchase information). Write to the memory 13a. The secure AI 50 needs to keep a record of purchase information in the secure area, and as a result of monitoring the transaction between the user 2 and the normal AI 30, if the operation is not fraudulent and the purchase information is determined to be safe, Purchase information is taken in and added to the personal data 52. Therefore, the normal AI 30 can proceed with the purchase process using the automatically prepared payment information without being aware of the existence of the secure AI 50.

  FIG. 4 shows a case where the smartphone 71 is illegally accessed from outside (external). It is assumed that the normal AI 30 connects unauthorized access to the shop application 43a without noticing unauthorized access that has entered through the network service 43b. There is a high possibility that the secure AI 50 can recognize that unauthorized access has occurred by watching the conversation with the user 2 and further watching the communication content of the network service 43b. Further, the secure AI 50 monitors the behavior of the shop application 43a, and if it does not match the content of the conversation of the user 2, information for settlement is not prepared. Therefore, since the normal AI 30 does not have information for payment, the purchase process cannot proceed and the user 2 can be notified of the abnormality. The secure AI 50 does not prepare payment information until purchase is confirmed between the user 2 and the normal AI 30. With this operation of the secure AI 50, it is possible to prevent the normal AI 30 from taking unexpected actions due to unauthorized access, and at the same time, it is possible to prevent personal information such as card information from leaking.

  FIG. 5 shows an example in which the system 1 including the normal AI 30 and the secure AI 50 is mounted on a gateway system, for example, a home gateway system (home gateway) 73. The home gateway 73 includes a user interface 41 (41b) connected to the normal AI (first artificial intelligence module) 30 and a home LAN connected to the secure AI (second artificial intelligence module) 50 and / or A device control interface (switching function) 54.

  In the home gateway 73, the normal AI 30 recognizes the utterance of the user 2, for example, the utterance “I want you to be cool” by the voice recognition function 41b which is a user interface, converts the utterance contents into a text command, and performs switching. Is written in the non-secure area memory 13a. The secure AI 50 watches the conversation via the VAIOX 20 and the monitor function 59. If the information of the switching instruction written in the memory 13a matches the conversation, the secure AI 50 controls the switching function 54 based on the instruction to make the non-secure The maker application 43c in the appropriate area is driven to start / stop or adjust the home appliance, for example, the air conditioner 4.

  If the information of the switching instruction written in the memory 13a is inconsistent with the conversation, the secure AI 50 ignores the switching instruction written in the memory 13a, does not control the switching function 54, and does not control the home appliance, for example, the air conditioner 4 Do not start / stop or adjust. The secure AI 50 watches the conversation with the user 2 and prevents unauthorized use of the normal AI 30. In addition, the secure AI 50 can take measures by watching past cases and actions outside the human behavior principle. Further, the secure AI 50 may have a function of turning off the switching function 54 when an impossible setting or an abnormal command is repeated from the normal AI 30 and stopping the operation of the home appliance until the user 2 instructs the resetting. .

  The secure AI 50 is blocked by the VAIOX 20 from intrusion from the normal area using a hardware virtualization technology, for example, a trust zone. For this reason, although the operation of the normal AI 30 is watched, the operation of the normal AI 30 is monitored without being intruded in the same way as the normal AI 30 or affected by the abnormal operation of the normal AI 30, and when the normal AI 30 is normal, The operation of realizing the intention of the normal AI 30 is autonomously performed. When the normal AI 30 is abnormal, the process of ignoring the intention of the normal AI 30 or normalizing the abnormal intention of the normal AI 30 is performed autonomously.

  There is a case where an instruction (operation) is input to the home gateway 73 from an outdoor external terminal, for example, the smartphone 3. The secure AI 50 monitors the communication from the smartphone 3 via the network service 43b, and recognizes that the communication is a normal instruction if the communication is received via a secure path such as VPN. The smartphone 3 is allowed to operate the home appliance. If the communication from the smartphone 3 is received via a non-secure route, the unauthorized access via the home gateway 73 is blocked by ignoring the instruction from the smartphone 3.

  An in-vehicle gateway or an IoT gateway having a configuration common to the configuration of the home gateway 73 can be provided. The in-vehicle gateway has a user interface controlled or connected to the normal AI 30 and an in-vehicle LAN and / or device control interface controlled or connected to the secure AI 50. The normal AI 30 may have a wide variety of interfaces including network connections.

  In the case of an IoT gateway, it includes an internet interface controlled or connected to the normal AI 30 and a factory LAN and / or equipment interface controlled or connected to the secure AI 50, and information obtained from the factory LAN or the like is in a secure format. Thus, it can be provided to the collection center via the normal AI 30 and the Internet. In addition, the secure AI 50 can capture only information acquired from the collection center in a secure format into a secure world including the factory LAN.

  The normal AI 30 and the secure AI 50 may be any computer system (software) that can learn, infer and judge, and may be of any type. There are various types of systematization of artificial intelligence. For example, data / knowledge type AI (linear type) including decision tree, induction logic programming (ILP), reinforcement learning, Bayesian network (BN), support vector machine (SVM), etc. It may be a brain type AI including a neural network (NL) or a deep neural network (DNN), or may be a fuzzy algorithm, a genetic algorithm, or an evolutionary algorithm. You may evolved using the technique of deep learning (Deep Learning).

  FIG. 6 shows an example in which a machine learning integrated platform (VAIOLIN platform, AI integrated platform) 80 provided by the present applicant is adopted as the normal AI 30. In the following, machine learning (ML) includes various technologies and architectures that have been proposed or proposed to exhibit functions as artificial intelligence. The AI integration platform 80 can contribute a plurality of MLs to learning, inference and judgment of one AI 30, and further mounts and integrates different types of MLs suitable for solving various problems.

  The AI integrated platform 80 includes a plurality of machine learning modules 81a to 81d (represented as ML module 81) and a plurality of machine learning data 82a to 82d (represented when used for each of the machine learning modules 81a to 81d). Is a learning data 82), a machine learning module communication unit (VAIOX) 85 (20) for performing communication between a plurality of machine learning modules (ML modules) 81, and a plurality of machine learning data 82a to 82d. Results of the separation unit (VAIOLET) 83 for suppressing the sound, the voice processing function 84 (41) as a user interface, the success / failure determination unit 88 (38) for determining failure and success of the response to the user, and the success / failure determination unit 88 Machine learning module 81 and machine learning data 2 was collected from the network (open environment) and a autobuildup (auto-generated) autonomously expansion unit 89 (39). The inter-module communication unit 85 (20) may control communication between the ML modules 81 only in an open (non-secure) space, and as described above, separates the non-secure space and the secure space, Communication between ML modules 81 may be controlled so that a non-secure space can be monitored from a secure space.

  For example, the machine learning module 81a includes various neural networks such as DNN, CNN, and GSN, and the machine learning module 81b includes boosting, DAE (Denoising Autoencoder), perception, and the like. 81c includes SVM (support vector machine), RF (random forest), GMM (Gaussian Mixture Model), and machine learning module 81d includes Bayesian model (Bayes NP), thumb product network, DBN (Deep Belief). Network). Machine learning techniques are not limited to these.

  The numbers in parentheses indicate the numbers of units (modules) that perform a common function in the system 1 with reference to FIG. For example, the function as the inter-machine learning module communication unit 85 that performs communication between the plurality of machine learning modules 81 may be included in the hypervisor 20, and not only the CPU, GPU, and other computer resources, but also a plurality of machines The learning module 81 can be virtualized and assigned to various functions provided by the AI integrated platform 80.

  Some examples of functions that can be provided by the AI integration platform (VIOLIN platform) 80 are data mining 87a including access analysis / data visualization / user model construction, clustering / cold start of attributes and features of each data (0 data) Corresponding attribute data clustering 87b, net data collection / ML and net search 87c including data delivery to attribute data clustering, noise filter 87d for filtering noise generated in the net and behavior learning, task agent 87e for performing task for user , Behavior history 87f that stores the history of each user from the results of the task agent, sentence pattern / vocabulary feature analysis 87g that forms a mixed sentence pattern / vocabulary model for a new word and generates a sentence stochastically, sensor A sensor I / F87h to provide the physical interface, such as.

  FIG. 7 shows a deep learning map (arrangement). Even if only the machine learning module (ML module) proposed for deep learning is mapped, the learning depth, neural network system suitable for complex information processing, stochastic model system suitable for processing large amounts of data, etc. There is. The AI integration platform 80 can include the various types of ML modules 81 shown in FIG. 7 regardless of whether each type of ML module 81 is one or many. In the AI integrated platform 80, communication between various ML modules 81 can be integrated and function as one AI 30 by the ML communication unit 85 (20). On the other hand, by separating the learning data 82 constructed by each ML module 81 by the separation unit (VAIOLET) 83, contamination of the learning data is prevented, and a large number of ML modules 81 can perform a desired function. ing. Therefore, the optimum solution (ML module) 81 can be combined as the normal AI 30 suitable as the personal assistance system 71, various gateway systems 73, and the like. The secure AI 50 may be constructed using the AI integration platform 80.

  This AI integrated platform 80 includes a success / failure determination unit 88 (38) for determining failure and success of a response to the user 2, and an autonomous extension unit 89 (39) for adding a new ML module 81 as necessary. Accelerate personalization by failing.

  As shown in FIG. 8, the AI integrated platform 80 is suitable for providing an evolving AI 30 by performing dynamic learning 92 including personal learning from initial learning 91 based on teacher data. For example, the AI 30 provided with the AI integrated platform 80 starts with the minimum ML module 81 at the start of the initial learning 91 (0 years old), and performs basic intention estimation, prediction support, task by education using teacher data. Acquire agent and autonomous learning functions. Thereafter, by operating under the user 2 in the dynamic learning 92, the success / failure determination unit 88 determines the failure and success of the response to the user 2, and from the failure, the autonomous extension unit 89 selects a new ML as necessary. By adding the module 81, personalization can be accelerated. In particular, not only the characteristics of the initial ML module 81 but also the addition of the ML module 81 having different characteristics can provide the AI 30 that can be personalized more flexibly.

  FIG. 9 shows an example of the in-vehicle gateway 75 on which the system 1 including the AIs 30 and 50 is mounted. This in-vehicle gateway 75 includes a function of automatically determining and determining the correct answer from the user viewpoint. The success / failure determination unit 88 of the AI integrated platform 80 determines the failure and correct answer as data, and the autonomous extension unit 89 reflects the result in the system 1 to greatly improve the basic performance of the AI 30. In particular, this system 1 is a chip-mounted system, and by combining the ML module 81 and the learning data 82 with the AI integrated platform 80, the performance that the system 1 can independently exhibit the AI 30 in a local environment is greatly improved. To improve. Therefore, it is possible to collect user information individually in a local environment where information is individually owned and a center where information is centrally owned, and even in situations where the network connection environment is poor The user 2 can be assisted and the in-vehicle device can be operated normally.

  FIG. 10 shows the base model construction by collective intelligence in the initial learning 91 and the recommendation by the personalized feature amount in the dynamic learning 92. In the initial learning 91, a base model construction based on collective intelligence, which is a basic configuration of the AI integrated platform 80, and a base model of a feature space are generated. In the dynamic learning 92, by personalization, the AI integrated platform 80 performs mapping of individual feature amounts and updating of the type selection model, and various recommendations according to personal preference and behavior are possible.

  FIG. 11 shows a process of defining personal features in dynamic learning 92 from big data in initial learning 91. In the AI integrated platform 80, the learning data 82 can be generated locally to exhibit local performance alone. At the same time, a hybrid response is possible in combination with the server. Access to the big data stored on the server side is performed in the initial learning 91, and the personal data is extracted from the big data in the dynamic learning 92 and personal characteristics are obtained. It is also possible to obtain. It is also possible to change the thinking of AI 30 from personalization to general assistance due to factors such as avoiding danger. For example, in the in-vehicle gateway, it is possible to change the personalized dangerous driving to general assist to avoid danger, or to change to general assist based on danger information such as navigation.

  In FIG. 12, the in-vehicle gateway 75 equipped with the system 1 including the normal AI 30 and the secure AI 50 learns the user behavior while talking to the user 2 by the voice dialogue platform 41c of the voice processing function 41, and the configuration of the AI integrated platform 80 is shown. It shows a state in which the secure AI 50 monitors the processing of the normal AI 30 so as to expand autonomously and to prevent unauthorized acts.

  The dialogue platform 41c is a voice dialogue platform for the purpose of collecting information spoken by the user 2 in the vehicle. The dialogue platform 41c collects the content spoken by the user 2 in the vehicle and converts it into big data at the center. The dialogue platform 41c is a platform that realizes a natural dialogue with the user by setting each question and answer so that the number of times of talking with the user 2 is reduced and the purpose can be provided in a shorter time. Implement task-oriented dialogue that satisfies user needs for content (eg, reservation, shopping, information guidance, etc.) included in the dialogue. Furthermore, natural conversations are possible by using chat conversations as task-oriented conversations.

  At this time, if the success / failure determination unit 88 determines that the ML module 81 installed in the current AI integrated platform 80 is insufficient in order to guide the conversation to the user 2 successfully, the autonomous extension unit 89 performs Internet (cloud) From the open environment such as), the ML module 81 and the base learning data 82 for guiding the conversation to success may be automatically collected and incorporated into the AI integrated platform 80. For example, if the ML module 81 capable of responding to music in a field in which the user 2 is interested is not incorporated in the initial learning 91, it can be incorporated in the dynamic learning 92. In order to be incorporated into the AI integrated platform 80, a store in which a ML module 81 suitable for responses in various fields and learning data 82 obtained by initially learning the ML module 81 is prepared in the cloud is provided in the cloud. If necessary, the ML module 81 may be expanded by accessing the store.

  The dialogue platform 41c changes to a specific task-oriented dialogue, for example, shopping at an appropriate timing while responding to a wide range of interests of the user in the chat dialogue. Compared to guidance, it is possible to provide natural recommendations for a wide range of themes.

  The secure AI 50 monitors these conversations with the normal AI 30. If the result induced by the conversation is shopping, the secure AI 50 recognizes it and prepares payment information necessary for shopping in a secure state, for example, encrypted, so that the normal AI 30 can use it for shopping.

  The change or addition of the ML module 81 is also effective for improving the speech recognition function. For example, as shown in FIG. 13, when the success rate of the task by voice recognition is low with respect to the input voice, the success / failure determination unit 88 and the autonomous extension unit 89 are based on the rule base that is initially installed in the AI integrated platform 80. By changing the intention understanding engine 81x to the statistical intention understanding engine 81y, the success rate of the task can be improved even if the recognition accuracy rate of the speech recognition engine 81v does not change.

  Although the present invention has been described above using several examples of the system 1 including the normal AI 30 and the secure AI 50, these are merely examples, and the present invention is not limited to these, and artificial intelligence (AI) is applied. Or, it is suitably used for services provided through all fields, applications, devices, terminals, and networks that may be supported by AI.

1 System 30 First Artificial Intelligence Module 50 Second Artificial Intelligence Module

Claims (15)

A first artificial intelligence module including a function to assist or autonomously exchange information in an open environment;
A system comprising: a second artificial intelligence module that monitors the operation of the first artificial intelligence module and autonomously performs processing associated with the information exchange in a closed environment. In claim 1,
The open environment includes a user interface, a first network connection interface for connecting to an open network service, and a first memory for storing information exchanged between the user interface or the first network connection interface; Including
The closed environment includes a second memory that is not accessible to the first artificial intelligence module;
The second artificial intelligence module has a function of supplying information to the first memory, which is information required in connection with the information exchange, and which is obtained by encrypting confidential information stored in the second memory. ,system. In claim 2,
The closed environment includes a second network connection interface for connecting to a closed network service. In any of claims 1 to 3,
The second artificial intelligence module includes a function of monitoring an abnormality of the first artificial intelligence module. In any of claims 1 to 4,
A first OS that supports the open environment, the first OS on which the first artificial intelligence module operates;
A system having a second OS that supports the closed environment and the second OS on which the second artificial intelligence module operates. In claim 5,
A processing unit including a memory including a security area and a non-security area, and a support mechanism for prohibiting access to the security area;
A hypervisor operating on the processing unit;
The hypervisor allows the second OS to access the security area and the non-security area and prohibits access to the open environment, and the non-security to the first OS. A mechanism for permitting access to a security area and the non-security device and prohibiting access to the security area using the support mechanism. In claim 6,
The processing unit includes at least one main processing unit and at least one graphics processing unit;
The hypervisor includes a virtualization support function of the at least one main processing unit and the at least one graphics processing unit. In any one of Claims 1 thru | or 7,
The first artificial intelligence module includes a plurality of machine learning modules, a plurality of machine learning data used for the respective machine learning modules, and an inter-machine learning module communication unit that performs communication between the plurality of machine learning modules. And a separation unit that suppresses mixing of the plurality of machine learning data. In claim 8,
The first artificial intelligence module comprises a unit for determining failure and success of response to a user;
A machine learning module for successfully responding to a user and a unit that automatically collects machine learning data from the open environment and incorporates it into the first artificial intelligence module. In any of claims 1 to 8,
The first artificial intelligence module comprises a unit for determining failure and success of response to a user;
A unit that automatically collects data from the open environment and automatically constructs a personal database for successful response to the user. In any one of Claims 1 thru | or 10,
A system comprising a control module on which the first artificial intelligence module and the second artificial intelligence module are mounted. In any one of Claims 1 thru | or 11,
The system is a personal assistance system including a user interface connected to the first artificial intelligence module. In any one of Claims 1 thru | or 11,
The system is a home gateway system including a user interface connected to the first artificial intelligence module and a home LAN and / or device control interface connected to the second artificial intelligence module. . In any one of Claims 1 thru | or 11,
The system is an in-vehicle gateway system including a user interface connected to the first artificial intelligence module and an in-vehicle LAN and / or device control interface connected to the second artificial intelligence module. In any one of Claims 1 thru | or 11,
The system is an IoT gateway including an internet interface connected to the first artificial intelligence module and a factory LAN and / or equipment interface connected to the second artificial intelligence module.

Images