Artificial General Intelligence (AGI) is on the horizon: many predict that artificial intelligence could advance toward AGI within the next one to three years, closely followed by superintelligence. We must ensure that these increasingly autonomous systems cannot be manipulated or overtaken by bad actors and nation-state adversaries. The national security stakes have never been higher.
As a project inside a 501(c)(3), the SL5 Task Force is collaborating with over 50 participants–including AI lab decision-makers, national security leaders, data center operators, chip providers, security researchers, program managers, and engineers, to develop a technical roadmap and standard for achieving Security Level 5 (SL5) in artificial intelligence: cyber, physical, insider, and supply chain security capable of withstanding operations from the most capable nation-state actors.
A safe future routes through strong security and containment of frontier AI development. Researchers at RAND Corporation developed a blueprint for protecting AI model weights from theft and misuse by malicious actors–ranging from opportunistic criminals to sophisticated nation-state operations. By mapping out 38 distinct attack vectors and estimating the feasibility of exploitation for each, they identify five security levels that frontier AI organizations should look to achieve.
However, achieving Security Level 5 while also maintaining productivity and national competitiveness demands unprecedented coordination across the AI industry, hyperscalers, data center providers, international governments, and more. Current best practices for frontier AI organizations do not reach SL5. In fact, on the default path, it seems likely that SL5 will not be realized before automated AI R&D thresholds are reached.
In response to this challenge, the SL5 Task Force is running a multistakeholder sprint to identify gaps, develop solutions, and facilitate implementation. Led by Lisa Thiergart and Philip Reiner, the SL5 Task Force’s mission is to “create the optionality for U.S. AI Labs to reach security level 5 in the coming years, and to be able to activate SL5 within 3-6 months of choosing to do so.”
The SL5 Task Force aims to develop a technical roadmap and standard for reaching SL5.
1. Convene a multistakeholder working group.
Convene a multistakeholder working group.
2. Clarify the threat and map the attack surface.
Clarify the threat and map the attack surface.
3. Identify the delta between the state of the art security and SL5 requirements.
Identify the delta between the state of the art security and SL5 requirements.
4. Prototype technical solutions to fill gaps with an eye towards the unique challenges facing AI labs.
Prototype technical solutions to fill gaps with an eye towards the unique challenges facing AI labs.
The SL5 Task Force within IST stands at the forefront of convening policymakers, technology experts, and industry leaders to identify and translate discourse into impact, taking collaborative action to advance national security and global stability through technology built on trust. The SL5 Task Force brings together approximately 50 participants across two specialized tracks:
This collaborative approach draws on IST’s global network of experts with expertise in AI security research, ensuring that the most pressing technical challenges are addressed by those best positioned to solve them.
Our primary deliverables include a draft technical standard and a concrete roadmap for achieving SL5-equivalent security, identification and mitigation of key obstacles to SL5 development and adoption, and functional prototypes of new security measures. Expected outcomes include joint statements and papers outlining barriers and solutions, prototypes for cluster-scale security measures, proposals for government R&D partnerships with agencies like DARPA, and establishment of ongoing collaboration between the USG and frontier labs on AI-specific security solutions.
If this work aligns with your expertise, we invite you to help shape one of the defining security efforts of this decade.
