Security Level 5

23 posts

Security Level 5 banner
Security Level 5

Security Level 5

@SL5TaskForce

Charting the technical roadmap to SL5 optionality for frontier AI labs. A multistakeholder initiative uniting AI labs, national security leaders & engineers.

Katılım Ağustos 2025
12 Takip Edilen339 Takipçiler
Security Level 5 retweetledi
Luis Cosio
Luis Cosio@luiscosio·
Proud to share I'll be a co-mentor at @MATSprogram for the Autumn 2026 cohort, working alongside @LisaThiergart on the @SL5TaskForce . MATS is one of the strongest talent pipelines in AI safety. Three months, real research with a mentor, on a problem that ships. Many scholars join their mentor's org afterward or spin out their own. Our stream is building SL5: security against priority nation-state attacks for frontier AI infrastructure. This year we're prototyping a real datacenter with frontier labs. The work needs people who can lead. Who we want: 3+ years security or infrastructure engineering Previously led a project with 2+ people on novel technical ground Comfortable in highly automated workflows (Claude Code, etc.) Strong Python or Rust, or excellent technical communication Bonus: TEMPEST, SCIF construction, or datacenter physical security experience. Apply by June 7. matsprogram.org/apply
English
0
5
32
1.9K
Security Level 5 retweetledi
Tao Burga
Tao Burga@taoburr·
These are great steps! Here's 8 other things we could do: 1. Congress should fund CAISI at ~$80 million instead of $10 mn, which is our internal analysis of what it'd take for CAISI to actually fulfill the purposes laid out in the AI Action Plan and other Trump admin directives. 2. The NSA, CAISI + others should plan for the moment when >Mythos-class models are distilled or trained in China, and make a real effort in preemptive cyberdefense. We called this last year, and have some ideas on what to do (ifp.org/operation-patc…, ifp.org/the-great-refa…, ifp.org/preventing-ai-…) 3. OSTP and NSC should coordinate building RAND-style SL-4/SL-5 security for frontier model weights. Distillation is one way to get somewhat capable models, but stealing model weights gets you the best model, and it's completely doable for well-resourced state-backed actors. The weights themselves are the crown jewels, and most labs aren't close to being able to defend them! Once we train a 10x Mythos soon, we'll wish we had a secure environment to run it in. (More implementation details here: ifp.org/a-sprint-towar…) 4. Relatedly, fund + help staff an insider-threat / counter-intel program for frontier labs. It is much harder to protect model weights if adversarial people have privileged access. 5. The White House should direct Commerce/BIS to strengthen AI chip and SME export controls to adversarial countries, so that even if cyber-capable models are distilled or stolen, they can't be deployed at scale on American chips. China has huge domestic production bottlenecks (ifp.org/the-b30a-decis…), so exporting fewer chips makes a difference, pound for pound. 6. And because smuggling is still a problem, we should also be deploying chip security measures like privacy-preserving country-level location verification, which will allow us to export more chips to semi-trusted countries while verifying that they're not being smuggled to adversarial ones (more: rebuilding.tech/posts/conditio…), and there is more AI verification work to be done to enable more mutually beneficial trade without national security downsides (ifp.org/faster-ai-diff…). 7. On top of funding CAISI, we should direct it to run pre-deployment evals for CBRN and cyber uplift on a classified track. You can't hold adversaries accountable for abusing US models if we don't systematically measure what those models can do in the first place. 8. The NSC, NSA and CAISI should write the emergency-response playbook for the day a Mythos-class weight leak is confirmed, or distillation is successful. Who does what, in what order? To be in a good place, we should've started years ago. But it'll only be more urgent each passing month. Compute stock is growing 3.4x/year; LLM inference prices declining at -40x/year for a fixed level of capability; software progress is improving so quickly that the pre-trainig compute we need to reach a capability is 3 times lower each passing year (epoch.ai)... These are just some ideas for government, related to distillation and model weight theft. Philanthropy and the private sector have big roles to play as well. We have so much work to do!
Tao Burga tweet media
Director Michael Kratsios@mkratsios47

The U.S. has evidence that foreign entities, primarily in China, are running industrial-scale distillation campaigns to steal American AI. We will be taking action to protect American innovation. These foreign entities are using tens of thousands of proxies and jailbreaking techniques in coordinated campaigns to systematically extract American breakthroughs. Foreign entities who build on such fragile foundations should have little confidence in the integrity and reliability of the models they produce. The U.S. government is committed to the free and fair development of AI technologies across a competitive ecosystem, from open-source to proprietary models. Read the memo: whitehouse.gov/wp-content/upl…

English
1
46
241
63.9K
Security Level 5
Security Level 5@SL5TaskForce·
12/n We invite frontier AI labs, government agencies, datacenter operators, and security researchers to engage with this work. Read the full standard and get involved: standard.sl5.org
English
2
1
11
866
Security Level 5
Security Level 5@SL5TaskForce·
1/n Today we're releasing the first public draft of the Security Level 5 (SL5) standard, designed to protect frontier AI models against nation-state adversaries. This v0.1 focuses on long lead time interventions: the things that need to start now, before SL5 is urgently needed. standard.sl5.org
English
5
63
188
41.4K
Security Level 5
Security Level 5@SL5TaskForce·
🛡️ Introducing the Security Level 5 (SL5) Standard. This is the first revision of our SL5 Standard, focused on long lead time requirements: interventions that must be planned years in advance, such as facility construction, hardware procurement, and organizational capability development. Some requirements represent significant departures from standard industry practice. We believe these measures are necessary at this security level, while recognizing the need to address real operational constraints. sl5.org/projects/secur… Future revisions will further optimize the intersection of SL5 security and practical deployment, expand mappings from DoD IL6 and related frameworks, and refine areas where government involvement may ultimately be required. We welcome collaboration. This concludes SL5 Shipmas. We’re excited to share this work and continue building toward robust, scalable security for frontier AI systems.
English
1
1
4
731
Security Level 5
Security Level 5@SL5TaskForce·
🔎Introducing the Sensitivity Levels Framework (SenL) - an Insider Risk Management Framework for the AI industry: SenL proposes industry-adapted clearance levels for AI labs, designed to proportionally reduce insider and personnel risk while remaining feasible under private-sector legal, operational, and cultural constraints. It translates government-style continuous evaluation across seven domains into a tiered model that labs can deploy today, with optional pathways to integrate government information sharing as policy allows. Speed, cost effectiveness, and scalability are prioritized. sl5.org/projects/sensi…
English
0
2
8
301