AI systems are vulnerable to attacks, and corresponding AI security incidents have been described. Although a collection of safety incidents around AI will become a regulatory requirement, there is no proposal to collect AI security incidents. In this position paper, we argue that a proposal should be made, taking into account the interests and needs of different stakeholders: industry, providers, users, and researchers. We thus attempt to close this gap and propose a taxonomy alongside its requirements like machine readability and link-ability with existing databases. We aim to spark discussions and enable discussion of which information is feasible, necessary, and possible to report and share within and outside organizations using AI.

翻译：人工智能系统易受攻击，相应的人工智能安全事件已有报道。尽管收集人工智能相关安全事件将成为监管要求，但目前尚无收集人工智能安全事件的提案。在本立场文件中，我们认为应制定相关提案，并兼顾不同利益相关者（包括产业界、供应商、用户和研究者）的权益与需求。为此，我们尝试填补这一空白，提出一种分类法及其要求（如机器可读性、与现有数据库的可链接性）。我们旨在引发讨论，并推动探讨在人工智能应用组织内外，哪些信息的报告与共享具备可行性、必要性及可操作性。