This page is still being polished. If you have thoughts, please share them via the feedback form.
Data on this page is preliminary and may change. Please do not share or cite these figures publicly.
Foundational safety research, theoretical understanding, and scientific inquiry informing AI development.
Also in Engineering & Development
This area focuses on identifying and mitigating privacy risks arising from new capabilities and deployment scenarios for LLMs, developing robust conceptual frameworks for privacy definitions, and leveraging AI tools to preserve and enhance privacy in various application domains.
Reasoning
Description covers multiple vague activities (risk identification, framework development, tool leveraging) without specifying focal mechanism.
Identifying emergent privacy risks in new paradigms
Examining novel attack vectors (e.g., inference time risks) in new paradigms (e.g., retrieval-augmented generation, agent-based interactions, plugin ecosystems) to uncover how these integrations may lead to unexpected disclosures.
2.4.1 Research & FoundationsResearch on inferring sensitive information from accumulation of innocuous data
Studying how seemingly harmless data points can be combined to reconstruct sensitive information, enabling adversaries to “weaponize” aggregate inferences against individuals.
2.4.1 Research & FoundationsPrivacy challenges in complex data scenarios
Exploring how complex data scenarios, such as cross-lingual and cross-modal transformations (e.g., images, audio, code snippets) can reveal protected content, examining what can be extracted from data presented in alternative formats. This also includes work on context-specific privacy norms, ensuring that privacy measures adapt to different cultural, social, and situational factors rather than relying on one-size-fits-all policies.
2.4.1 Research & FoundationsPrivacy modeling frameworks
Developing more precise models of privacy that align with user expectations—potentially informed by human-computer interaction (HCI) research—and grounding these definitions in implementable policies. This also includes formalizing methodologies to characterize and prioritize the worst-case privacy outcomes, moving beyond ad hoc assessments and towards systematic threat modeling frameworks.
2.2.1 Risk AssessmentData encryption tools for model inputs and outputs
Techniques for encrypting inputs, outputs, and intermediate representations during runtime to ensure confidentiality and prevent unauthorized access to sensitive queries or responses.
1.2.4 Security InfrastructureTheoretical foundations and provable safety in AI systems
Advancing the theoretical foundations of AI safety by building models and frameworks that ensure provably correct and robust behavior. These efforts span from verifiable architectures and formal verification methods to embedded agency, decision theory, incentive structures aligned with causal reasoning, and control theory.
2.4.1 Research & FoundationsTheoretical foundations and provable safety in AI systems > Building verifiable and robust AI architectures
Constructing AI systems with architectures that support formal verification and robustness guarantees, such as world models that enable safe and reliable planning, or guaranteed safe AI with Bayesian oracles. This area emphasizes simplicity and transparency to aid in provability.
1.1.4 Model ArchitectureTheoretical foundations and provable safety in AI systems > Formal verification of AI systems
Applying formal methods to verify that AI models and algorithms meet stringent safety, robustness, and performance criteria. This includes proving resilience against adversarial inputs and perturbations, and certifying conformance to specified safety properties under varying conditions.
2.2.2 Testing & EvaluationTheoretical foundations and provable safety in AI systems > Decision theory and rational agency
Establishing formal decision-making frameworks that ensure rational and safe choices by AI agents, potentially drawing on concepts like causal and evidential decision theory.
2.4.1 Research & FoundationsTheoretical foundations and provable safety in AI systems > Embedded agency
Explores how agents can model and reason about themselves and their environment as interconnected parts of a single system, addressing challenges like self-reference, resource constraints, and the stability of reasoning processes. This includes tackling problems arising from the lack of a clear boundary between the agent and its environment.
2.4.1 Research & FoundationsTheoretical foundations and provable safety in AI systems > Causal incentives
Developing frameworks that formalize how to align agent incentives with safe and desired outcomes by ensuring their causal understanding matches intended objectives. This research provides a formal language for guaranteeing safety, addressing challenges like goal misspecification, and complementing broader efforts in agent foundations and robust system design.
2.4.1 Research & FoundationsExpert Survey: AI Reliability & Security Research Priorities
O'Brien, Joe; Dolan, Jeremy; Kim, Jay; Dykhuizen, Jonah; Sania, Jeba; Becker, Sebastian; Kraprayoon, Jam; Labrador, Cara (2025)
Our survey of 53 specialists across 105 AI reliability and security research areas identifies the most promising research prospects to guide strategic AI R&D investment. As companies are seeking to develop AI systems with broadly human-level capabilities, research on reliability and security is urgently needed to ensure AI's benefits can be safely and broadly realized and prevent severe harms. This study is the first to quantify expert priorities across a comprehensive taxonomy of AI safety and security research directions and to produce a data-driven ranking of their potential impact. These rankings may support evidence-based decisions about how to effectively deploy resources toward AI reliability and security research.
Other (outside lifecycle)
Outside the standard AI system lifecycle
Developer
Entity that creates, trains, or modifies the AI system
Other
Risk management function not captured by the standard AIRM categories
Other
