Many current AI system models and algorithms are difficult to ensure data quality and cleanliness during the training process, and there are significant issues with model design security and training stability. Therefore, for ubiquitous and ubiquitous AI application systems, various endogenous security issues and dangers are bound to emerge endlessly. The hardware environment of AI application systems also has common issues with endogenous security such as vulnerabilities and backdoors, which is a headache in the cyberspace. Vulnerabilities are difficult to completely avoid, backdoors cannot be eliminated, and existing technological capabilities cannot thoroughly investigate vulnerabilities, which is a common problem. Recently, at the 11th Internet Security Conference (ISC 2023) held in Beijing, Wu Jiangxing, an academician of the CAE Member, delivered a speech entitled "Endogenous Security Experiment of Dynamic Heterogeneous Redundancy (DHR) Architecture Enabling AI Application System". Wu Jiangxing proposed that the AI era is a "double-edged sword" that not only brings great impetus to human society, but also poses a potential huge security threat, and may even bring huge disasters. We should attach great importance to the security of the AI era and use endogenous security methods to fill the gaps. Currently, AI applications centered on deep learning are entering a new round of rapid development, with breakthroughs in artificial intelligence technology. Artificial intelligence or generative AI is providing information, digital, and intelligent solutions for various fields, triggering significant changes in economic structure and driving the overall leap in social productivity. Artificial intelligence security issues include both endogenous and non endogenous security issues, which are further divided into individual and common security issues. The application system of artificial intelligence consists of basic software and hardware, environment or data systems, and algorithms and models of artificial intelligence. However, there are three possible issues with deep learning AI models. The black box nature of neural networks leads to the inexplicability of artificial intelligence. The excessive dependence of deep learning on training samples leads to undecidable learning results, irreversible antecedent progression of neural networks, and non inferential results. This is the "three musts" of artificial intelligence. Regarding the expression of personality issues, there are four types of personalities, namely algorithm black box, data dependency, model security, and input sensitivity, from data collection, model design, training, and finding patterns to the inference stage based on optimizing execution tasks. Many current AI system models and algorithms are difficult to ensure data quality and cleanliness during the training process, and there are significant issues with model design security and training stability. Therefore, for ubiquitous and ubiquitous AI application systems, various endogenous security issues and dangers are bound to emerge endlessly. In addition to personality issues, the hardware environment of AI application systems also has common issues with internal security such as vulnerabilities and backdoors, which is a headache in the cyberspace. Vulnerabilities are difficult to completely avoid, backdoors cannot be eliminated, and existing technological capabilities cannot thoroughly investigate vulnerabilities, which is a common problem. The inherent security personalities and commonalities in AI application systems are often intertwined and overlapped, with issues caused by vulnerabilities, backdoors, and black box effects. Therefore, it is a more complex security system. The interweaving and stacking together make the security issues of AI application systems extremely complex, which brings about challenges for safe use and maintenance