Large language models (LLMs) have strong capabilities in solving diverse natural language processing tasks. However, the safety and security issues of LLM systems have become the major obstacle to their widespread application. Many studies have extensively investigated risks in LLM systems and developed the corresponding mitigation strategies. Leading-edge enterprises such as OpenAI, Google, Meta, and Anthropic have also made lots of efforts on responsible LLMs. Therefore, there is a growing need to organize the existing studies and establish comprehensive taxonomies for the community. In this paper, we delve into four essential modules of an LLM system, including an input module for receiving prompts, a language model trained on extensive corpora, a toolchain module for development and deployment, and an output module for exporting LLM-generated content. Based on this, we propose a comprehensive taxonomy, which systematically analyzes potential risks associated with each module of an LLM system and discusses the corresponding mitigation strategies. Furthermore, we review prevalent benchmarks, aiming to facilitate the risk assessment of LLM systems. We hope that this paper can help LLM participants embrace a systematic perspective to build their responsible LLM systems.

翻译：大型语言模型（LLM）在解决多样化的自然语言处理任务方面展现出强大能力。然而，LLM系统的安全与安保问题已成为其广泛应用的主要障碍。大量研究已深入探究LLM系统中的各类风险，并开发了相应的缓解策略。OpenAI、Google、Meta和Anthropic等前沿企业也在负责任的LLM开发方面做出了诸多努力。因此，整理现有研究，为学术界建立全面的风险分类体系日益迫切。本文深入剖析LLM系统的四个核心模块：用于接收输入提示的输入模块、基于大规模语料库训练的语言模型、用于开发与部署的工具链模块，以及用于导出LLM生成内容的输出模块。基于此，我们提出了一套综合性的分类体系，系统分析了LLM系统中每个模块可能存在的潜在风险，并探讨了相应的缓解策略。此外，我们综述了当前主流的评估基准，旨在促进LLM系统风险测评。希望本文能帮助LLM相关从业者以系统性视角构建其负责任的LLM系统。