As the U.S. government imposed export controls on Anthropic's artificial intelligence (AI) model "Mythos," disrupting participation in the global AI security coalition "Project Glasswing," a homegrown public-interest AI security initiative has launched in Korea.
The nonprofit corporation Project Plasma said on the 17th that it officially launched "Project Canopy," a public-interest initiative to spread AI-based vulnerability defense technology across society.
The launch of Canopy came shortly after the U.S. government, citing national security, implemented export control measures that completely block foreign nationals from accessing "Mythos 5" and "Fable 5." Access to Mythos by Korean government bodies and corporations that joined Anthropic's Project Glasswing is effectively blocked.
Canopy plans to align with global efforts such as Glasswing while focusing on strengthening the defense of domestic public-interest infrastructure with limited security resources.
Before the launch, as a pilot activity, Canopy conducted inspections using AI-based vulnerability detection tools on the e-Government Standard Framework, internal school systems, Linux, and major databases software. As a result, it found hundreds of high-severity vulnerabilities and reported them to the relevant agencies and developers, and patches are underway.
As of the launch, five companies—Dunamu, LG Uplus, POSCO DX, Hanwha General Insurance, and Theori Korea—will serve as the steward group, the core operating body. In addition, a total of 27 corporations and institutions, including Kwangwoon University, Korea Financial Telecommunications & Clearings Institute, Lotte Card, Lotte Innovate, Musinsa, Samsung Fire & Marine Insurance, SK AX, LG Electronics, NHN, Woowa Brothers, Institute of Information & communications Technology Planning & Evaluation (IITP), Hyundai Motor Group, and Hyundai Card, are joining as initial partners. Park Se-jun, CEO of Theori Inc., a domestic security company founded by a white-hat hacker, will serve as Chairperson.
Canopy plans to operate three programs with approximately 3 billion won worth of AI security analysis credit funds secured entirely through donations in advance. They are the "open-source program," which provides free AI-based vulnerability assessment credits to global critical infrastructure and domestic and international open-source project maintainers; the "public infrastructure defense program," which focuses support on institutions with limited security capacity; and the "coordinated disclosure and patch reward program," which compensates white-hat hackers for their efforts.
Starting in mid this month, Canopy will begin the first governance process of selecting targets for vulnerability assessments and sharing reports and patches. Early next month, it plans to open a public sign-up page for corporations and institutions worldwide.