GDM AI Control Roadmap

📅 2026-07-13
📈 Citations: 0
Influential: 0
📄 PDF
🤖 AI Summary
As AI agents become deeply embedded in critical systems, their misaligned behaviors pose significant internal security challenges. This work proposes a hierarchical defense framework that pioneers an extension of the MITRE ATT&CK matrix into the TRAIT&R taxonomy, establishing a four-layer detection and three-tier prevention-response mechanism aligned with the evolving capabilities of AI models. By integrating threat modeling, capability-tiered controls, chain-of-thought monitoring, asynchronous alerting, real-time access control, and system-level anomaly detection, the framework systematically incorporates fifteen concrete mitigation measures. These collectively address security requirements spanning from current to future high-capability AI systems, offering an actionable and scalable defense roadmap for AI-controlled environments.
📝 Abstract
AI agents are rapidly accelerating work at frontier AI companies, helping with AI R&D, cyber-defence, and advancing scientific discoveries. As these agents become more tightly integrated into our systems, unlocking their full potential requires rethinking how we do security. We should not assume that AI agents are always perfectly aligned, but should instead build in multiple layers of defence. We present the GDM AI Control Roadmap (v0.1) -- a first-of-its-kind blueprint for internal security against potentially misaligned AI. This report provides: * Threat modelling: We adopt a conservative approach to threat modelling and assume a hypothetical AI adversary pursuing undesirable goals in internal deployment. We introduce TRAIT&R, a taxonomy of tactics and techniques available to such a hypothetical AI adversary, building on the established security framework MITRE ATT&CK. * Capability-based mitigation: Because controlling more capable models requires more costly interventions, we link specific defensive measures to evolving model capabilities (such as the ability to reason opaquely or execute complex cyberattacks). As models get more powerful, our defences should escalate accordingly. We outline four Detection tiers (D1-D4) and three Prevention and Response tiers (R1-R3). * A portfolio of practical defences: We suggest 15 concrete, tiered mitigations. These range from low-cost interventions for current models (e.g., chain-of-thought monitoring, asynchronous alerts) to advanced safeguards for future models (e.g., real-time access control, system-level anomaly detection, internal activations monitoring, and shutdown infrastructure). AI control is a nascent field, and implementing these mitigations requires navigating difficult trade-offs between security and developer velocity. We expect the roadmap to evolve as we gain more experience and as the field in turn evolves.
Problem

Research questions and friction points this paper is trying to address.

AI alignment
AI security
adversarial AI
internal control
threat modeling
Innovation

Methods, ideas, or system contributions that make the work stand out.

AI control
threat modeling
capability-based mitigation
TRAIT&R
tiered defenses
🔎 Similar Papers
No similar papers found.