Coordinate with AI developers on contain…

BackDevelop security measures for model deployments

This page is still being polished. If you have thoughts, please share them via the feedback form.

Data on this page is preliminary and may change. Please do not share or cite these figures publicly.

Develop security measures for model deployments

Somai (2025)|LLM classified

Mitigation Taxonomy

2Organisation

2.4Engineering & Development

2.4.3Development Workflows

Version control, prototyping, secure development practices, and engineering processes.

Also in Engineering & Development

2.4.1 Research & Foundations2.4.2 Design Standards2.4.4 Training & Awareness

Additional Informationp. 5

Stage: Containment and Mitigation; Stakeholder: National Government: AISI; Additional information: Government stakeholders should seek to strengthen AI security to protect model weights and algorithmic techniques. Governments could require or incentivise AI developers that exceed specified capability thresholds to implement stricter security protections -- of both model weights and algorithmic insights -- to prevent the theft of dangerous capabilities by malicious actors and the diffusion of models to unmonitored environments. Security improvements could include measures such as hardened bandwidth limitations, automated network monitoring and encryption. Routine hardware supply chain and data centre inspections would also help to detect unauthorised access. Beyond external threats, organisations must also consider security risks from the AI models themselves and thus employ regular memory wiping, adversarial testing and monitoring.

LLM Classification Details

Reasoning

Developing security measures for deployments establishes secure development practices within organizational workflows.

Code: 2.4.3Version: v0.5Classified: Jan 22, 2026

Other mitigations from Somai (2025) (38)

Monitor critical capability levels

2.2.2 Testing & Evaluation

Lifecycle:Other (multiple stages)Actor:DeveloperAIRM:Measure

Identify early warning signs and emergent capabilities

2.2.1 Risk Assessment

Lifecycle:Build and Use ModelActor:DeveloperAIRM:Measure

Establish standardised benchmarks and reporting

3.2.1 Benchmarks & Evaluation

Lifecycle:Verify and ValidateActor:DeveloperAIRM:Measure

Implement compute monitoring and anomaly detection

1.2.3 Monitoring & Detection

Lifecycle:Other (multiple stages)Actor:Infrastructure ProviderAIRM:Measure

Enhance hardware and supply chain oversight

2.3.3 Monitoring & Logging

Lifecycle:Other (stage not listed)Actor:Infrastructure ProviderAIRM:Govern

Lead efforts to establish shared criteria for AI LOC

3.2.2 Technical Standards

Lifecycle:Plan and DesignActor:Governance ActorAIRM:Govern

View all 38 mitigations from this source →

Source Document

Strengthening Emergency Preparedness and Response for AI Loss of Control Incidents

Somani, Elika; Friedman, Anjay; Wu, Henry; Lu, Marianne; Byrd, Christopher; van Soest, Henri; Zakaria, Sana (2025)

As artificial intelligence (AI) systems become increasingly embedded in essential infrastructure and services, the risks associated with unintended failures rise. Developing comprehensive emergency response protocols could help mitigate these significant risks. This report focuses on understanding and addressing AI loss of control (LOC) scenarios where human oversight fails to adequately constrain an autonomous, general-purpose AI.

View source DOI: 10.7249/RRA3847-1

Classification

AI Lifecycle Stage

Build and Use Model

Training, fine-tuning, and integrating the AI model

Verify and Validate

Responsible Actor

Governance Actor

Regulator, standards body, or oversight entity shaping AI policy

NIST AI RMF Function

Manage

Prioritising, responding to, and mitigating AI risks