iv_update_risk_atlas_nexus_version (#3)

- Update to also show ai eval benchmarks and risk controls, where available (e9b41a7d8e7ad3438660890db492287a07e1cb63)


Co-authored-by: Inge V <[email protected]>

app.py

@@ -65,7 +65,7 @@ class UI:
             with gr.Column(scale=2):
             
                 self.assessment_sec = gr.Markdown()
-                self.assessed_risks = gr.Dataset(label=None, visible=False)
+                self.assessed_risks = gr.Dataset(elem_classes="risks", label=None, visible=False)
                 self.assessed_risk_definition = gr.Markdown()
 
                 gr.Markdown(
@@ -74,7 +74,7 @@ class UI:
                 """
                 )
                 rrtb = gr.Markdown()
-                self.relatedrisks = gr.Dataset(components=[rrtb], label=None, visible=False)
+                self.relatedrisks = gr.Dataset(elem_classes="related-risks", components=[rrtb], label=None, visible=False)
 
                 gr.Markdown(
                 """<h2> Mitigations </h2> 
@@ -82,8 +82,16 @@ class UI:
                 )
                 self.mitigations_text = gr.Markdown()
                 self.mitigations = gr.DataFrame(label=None, visible=False)
-                self.download = gr.DownloadButton("Download JSON", visible=False)
             
+                gr.Markdown(
+                """<h2>Benchmarks </h2> 
+                Select a potential risk to determine possible AI evaluations. """
+                )
+                self.benchmarks_text = gr.Markdown()
+                self.benchmarks = gr.DataFrame(label=None, visible=False)
+
+                self.download = gr.DownloadButton("Download JSON", visible=False)
+
         gr.Markdown("---")
         gr.Markdown("<br>")
 
@@ -119,8 +127,9 @@ class UI:
                 fn=mitigations,
                 inputs=[self.assessed_risks, self.taxonomy], 
                 # NOTETOSELF: Intent based risk is stored in self.risk (if needed)
-                outputs=[self.assessed_risk_definition, self.relatedrisks, self.mitigations, self.mitigations_text]
+                outputs=[self.assessed_risk_definition, self.relatedrisks, self.mitigations, self.benchmarks, self.mitigations_text]
             )
+
         return demo
 
 

executor.py

@@ -45,7 +45,9 @@ def risk_identifier(usecase: str,
         usecases=[usecase],
         inference_engine=inference_engine,
         taxonomy=taxonomy,
+        max_risk=5
     )[0]
+    
 
     sample_labels = [r.name if r else r.id for r in risks]
 
@@ -68,12 +70,13 @@ def risk_identifier(usecase: str,
     
 
 @lru_cache
-def mitigations(riskid: str, taxonomy: str) -> tuple[gr.Markdown, gr.Dataset, gr.DataFrame, gr.Markdown]:
+def mitigations(riskid: str, taxonomy: str) -> tuple[gr.Markdown, gr.Dataset, gr.DataFrame, gr.DataFrame, gr.Markdown]:
     """
     For a specific risk (riskid), returns
     (a) a risk description
     (b) related risks - as a dataset
     (c) mitigations
+    (d) related ai evaluations
 
     """
     
@@ -84,8 +87,10 @@ def mitigations(riskid: str, taxonomy: str) -> tuple[gr.Markdown, gr.Dataset, gr
         risk_sec = ""
 
     related_risk_ids = [r.id for r in ran.get_related_risks(id=riskid)]
+    related_ai_eval_ids = [ai_eval.id for ai_eval in ran.get_related_evaluations(risk_id=riskid)]
 
     action_ids = []
+    control_ids =[]
 
     if taxonomy == "ibm-risk-atlas":
         # look for actions associated with related risks    
@@ -94,12 +99,19 @@ def mitigations(riskid: str, taxonomy: str) -> tuple[gr.Markdown, gr.Dataset, gr
                 rai = ran.get_related_actions(id=i)
                 if rai:
                     action_ids += rai
+                
+                rac = ran.get_related_risk_controls(id=i)
+                if rac:
+                    control_ids += rac
     
         else:
             action_ids = []
+            control_ids = []
     else:
         # Use only actions related to primary risks
         action_ids = ran.get_related_actions(id=riskid)
+        control_ids = ran.get_related_risk_controls(id=riskid)
+       
     
     # Sanitize outputs
     if not related_risk_ids:
@@ -111,22 +123,37 @@ def mitigations(riskid: str, taxonomy: str) -> tuple[gr.Markdown, gr.Dataset, gr
         samples = related_risk_ids
         sample_labels = [i.name for i in ran.get_related_risks(id=riskid)] #type: ignore
 
-    if not action_ids:
+    if not action_ids and not control_ids:
         alabel = "No mitigations found."
         asamples = None
         asample_labels = None
         mitdf = pd.DataFrame()
         
     else:
-        alabel = f"Mitigation actions related to risk {riskid}."
+        alabel = f"Mitigation actions and controls related to risk {riskid}."
         asamples = action_ids
-        asample_labels = [ran.get_action_by_id(i).description for i in asamples] # type: ignore
-        asample_name = [ran.get_action_by_id(i).name for i in asamples] #type: ignore
+        asamples_ctl = control_ids
+        asample_labels = [ran.get_action_by_id(i).description for i in asamples] + [ran.get_risk_control(i.id).name for i in asamples_ctl]# type: ignore
+        asample_name = [ran.get_action_by_id(i).name for i in asamples] + [ran.get_risk_control(i.id).name for i in asamples_ctl] #type: ignore
         mitdf = pd.DataFrame({"Mitigation": asample_name, "Description": asample_labels})
-        
+    
+    if not related_ai_eval_ids:
+        blabel = "No related AI evaluations found."
+        bsamples = None
+        bsample_labels = None
+        aievalsdf = pd.DataFrame()
+    else:
+        blabel = f"AI Evaluations related to {riskid}"
+        bsamples = related_ai_eval_ids
+        bsample_labels = [ran.get_evaluation(i).description for i in bsamples] # type: ignore
+        bsample_name = [ran.get_evaluation(i).name for i in bsamples] #type: ignore
+        aievalsdf = pd.DataFrame({"AI Evaluation": bsample_name, "Description": bsample_labels})
+    
     status = gr.Markdown(" ") if len(mitdf) > 0 else gr.Markdown("No mitigations found.")
 
     return (gr.Markdown(risk_sec), 
             gr.Dataset(samples=samples, label=label, sample_labels=sample_labels, visible=True),
             gr.DataFrame(mitdf, wrap=True, show_copy_button=True, show_search="search", label=alabel, visible=True),
+            gr.DataFrame(aievalsdf, wrap=True, show_copy_button=True, show_search="search", label=blabel, visible=True),
             status) 
+

requirements.txt

@@ -1,5 +1,5 @@
 gradio==5.18.0
-pydantic==2.10.6
+pydantic==2.9.2
 linkml==1.8.6
 linkml_runtime==1.8.3
 ibm_watsonx_ai==1.2.8