AWS Partner Network (APN) Blog

Your Safety Net – How ThinkCol built a LLM Guardrails solution on AWS

By Fortune Hui, Solutions Architect – AWS
By Hei Chow, Solutions Architect – AWS
By Kane Wu, CEO & Founder – ThinkCol Transform
By Hetty Pun, Business Development and Project Manager – ThinkCol Transform

ThinkCol Transform

Over the past few years, generative AI has exploded in popularity and capability. Models can now generate human-like text, images, audio, video, and more with increasing realism. This has opened up many potential applications across industries. For example, generative AI allows creation of bespoke messaging with personalized tone and recommended product for recipient persona in advertising, while generative AI-powered customer service chatbot could transform customer experience by engaging customers through natural language conversations.

While revolutionizing the world with creativity, the same capability that contributed to the success has also led to rising concerns about security and safety challenges.

In this blog, we will showcase how ThinkCol, a consulting partner for AI/ML, and AWS collaborate to build chatbot solutions based on a Retrieval Augmented Generation (RAG) application framework, generating consistent and safe output with the use of LLM guardrails. Readers will learn a 3-step guardrail flow consisting of pre-checking, answer generation and post-checking. We will also share a reference architecture design when implementing using AWS services.

Minimizing risks of generative AI chatbot

The sophistication of a large language model (LLM) allows it to produce open-ended content that varies with repeated tries based on user input prompt instructions. The Amazon Science article Responsible AI in the generative Era unpacks some risks that could arise from LLM outputs, summarized below.

  • Toxicity & Safety — whether generated content contains offensive, disturbing or otherwise inappropriate content.
  • Fidelity (hallucination and accuracy) — whether LLMs make assertions or claims that sound plausible but are verifiably incorrect.
  • Appropriate usage — whether LLMs fulfill user requests for legal advice or illegal activities.

As businesses race to harness the potential of generative AI, they find themselves at a crossroads between the hype and reality of the generative AI’s current abilities. While generative AI can be transforming and can streamline business operations, there are risks associated. If “hallucination” or out-of-context responses happen in a business context, e.g., generation of fictitious product/service information and sensitive content about competitors and political matters, or providing inappropriate professional advice like financial/legal/medical advice, the consequences can be severe. It may cause damage to brand reputation and erode the trust that businesses have built with their audience.

How AWS helps customers build responsible AI solutions

At AWS, our commitment to develop AI and machine learning responsibly is integral to our approach. AWS offers tools, guidance, and resources to help our customers build with responsible AI. For example,

  • Amazon Comprehend toxicity detection can check the input prompts and the output responses from LLMs to identify toxicity such as hate speech, harassment, abuse, and profanity.
  • Amazon Titan, the family of foundation models (FMs) developed from Amazon, are aligned with responsible AI as these detect and remove harmful content from the data before training other versions of the models. Once trained, the models reject inappropriate or harmful user inputs or model outputs.
  • Guardrails for Amazon Bedrock enables customers to implement safeguards across FMs based on their use cases and responsible AI policies, by defining rules such as Denied Topics and Content Filters.

These AWS services help customers implement safeguards tailored to each generative AI application and aligned with particular responsible AI policies. While different industries and organizations usually have slightly customized responsible AI requirements, they share common elements such as safety, security and accuracy. For example, customers from the same geolocation might want to detect and tackle inappropriate phrases in the local language. If these artifacts and experiences can be packaged, and bundled as part of an application framework, generative AI applications could be deployed quicker and safer.

How ThinkCol builds a Guardrail Solution

Considering the challenges in controlling LLMs and wanting to ensure consistent and reliable outputs, ThinkCol leverages its experience working in prompt chaining for multiple generative AI projects in different industries. These include a world-leading retailer, a food, beverage and restaurant chain, a local university in Hong Kong, and financial institutions, to develop a solution framework and practice based on AWS technology to control AI responses.

How it benefits business

To maintain a positive brand image and boost customer confidence, it is important for businesses to mitigate risks of undesirable output to questions of controversial political topics. ThinkCol’s methodology underlines a commitment to accuracy and relevance in the answer generation process, with multiple checks in place to safeguard against misinformation and ensure that the final output is of high quality and utility to the user. Throughout the process, ThinkCol Guardrails makes sure that topics remain within the defined scope to help prevent any off-topic or irrelevant information from being included in the response. It is also designed to help avoid generating any misleading or fabricated information to maintain the integrity and trustworthiness of the output.

Methodology

The following diagram illustrates the process followed in the solution.

Figure 1. High level technical flow of guardrail solutions on AWS

Let’s dive into each step of the process.

Pre-Checking

To help avoid out-of-scope context, incoming user queries are compared against a database of blocked questions that are deemed out-of-scope/inappropriate. For instance, questions regarding competitors’ information or sensitive topics like politics. If a match is found, it will not proceed to the next stage, and return a predefined system message (e.g. “no relevant information”). Otherwise, the query will proceed to “Answer Generation”.

To handle blocked questions, an Amazon Bedrock embedding model is utilized to generate numerical representations (vectors) of documents, stored in an Amazon OpenSearch Service (AOS) index. This enables rapid searching of the database to identify the most similar questions to the user’s query. By comparing queries to the stored encodings, it can efficiently check if the user’s input matches a blocked question.

Using an embedding model and a search-optimized database like AOS streamlined the blocked content detection and handling, without the need for more computationally expensive methods.

Answer Generation

If the query is not blocked, ThinkCol Guardrails will seek and rank relevant sources according to how well they match the user’s query, filtering out irrelevant sources to make sure that no irrelevant/external sources are used.

The most relevant pieces of information will be extracted from top-ranked sources, and reformulated into a new internal prompt to guide LLM in generating a draft answer. Before that, analysis is performed to make sure that the draft is logical and based on the information extracted. A draft is then created according to the analysis, making sure the final output is informative and accurate.

This process is encapsulated within an AWS Lambda function, handling the following:

  1. Invoking Bedrock LLMs to generate outputs.
  2. Logging relevant data and information.
  3. Storing data in a Amazon DynamoDB table.

By implementing this pipeline within a Lambda function, the scalability and serverless nature of AWS Lambda can be leveraged to efficiently process user requests and store resulting data.

Post-Checking

The draft is cross-referenced with the originally extracted source to verify its accuracy and relevancy. If they align well, the draft will be outputted as a final response. However, if there are discrepancies, it is considered a mismatch and a predefined system message will be outputted (e.g. “no relevant information”).

There are trade-offs between the cost and latency associated, as it requires additional LLM calls. To address this, a multimodel approach is employed, where different LLMs are designated for distinct tasks, allowing each model to specialize within a particular domain.

For example, a low-latency model could check multiple documents against an answer, while a highly accurate model is better suited for document summarization, despite the higher cost and latency.

This enables the overall system to be optimized for specific use cases, balancing cost, latency and accuracy based on requirements.

Continuous Training and Enhancement

To constantly improve performance, the Blocked Question Bank is regularly updated to reflect the evolving nature of queries and information. Clients can contribute to this enhancement by supplementing the Blocked Question Bank with types of queries and sample descriptions, thus customizing AI understanding to better suit their business needs.

Feedback mechanisms such as “thumbs down” for undesired queries are also implemented to allow businesses to refine the AI’s output further. If a query is marked down, ThinkCol Guardrails can learn to filter similar queries in the future, enhancing the relevance of responses. ThinkCol Guardrails will categorize these queries with similar questions, streamlining the process and improving its self-regulation capabilities.

Before and After Samples

Example 1

Here is a sample “Product A” with the product features below, which for chatbot response comparison with and without ThinkCol Guardrails.

Example knowledge describing insurance plan information

Figure 2. Example knowledge describing insurance plan information.

Figure 3. Before: Screenshots of chatbot response with hallucination before implementation of AWS ThinkCol guardrail solutions

Figure 4. After: Screenshots of chatbot response without hallucination after implementation of AWS ThinkCol guardrail solutions

Example 2

Here is sample chatbot response comparison with and without ThinkCol Guardrails for out-of-scope questions (e.g. competitor information).

Chatbot responses before and after AWS ThinkCol Guardrail solutions controlling out-of-scope questions.

Figure 5. Chatbot responses before and after AWS ThinkCol Guardrail solutions controlling out-of-scope questions.

Conclusion

Generative AI is transforming various industries, meanwhile bringing challenges in terms of controlling the outputs. However, maintaining brand reputation and trust is always crucial in today’s business landscape. Therefore, to stay ahead in the era of generative AI, businesses must prioritize responsible AI practices.

To balance time-to-market and security, ThinkCol partners with AWS in building a responsible AI solutions framework on AWS, which is continuously trained and improved. By partnering with ThinkCol and adopting the Guardrail Solution, businesses can harness the power of generative AI while maintaining brand integrity and customer satisfaction.

Ready to take your AI strategy to the next level? Contact ThinkCol and explore how their innovative solutions can transform your business.

.

ThinkCol – AWS Partner Spotlight

ThinkCol is one of the leading AI and data science consultancies based in Hong Kong, enabling various Fortune 500 multinational corporations to transform companies with self-sustaining AI solutions, including tailor-made AI solutions, conducting data analysis, consulting, heading AI and data science corporate trainings, and organizing hackathons.

Contact ThinkCol | Partner Overview | AWS Marketplace