The British AI Security Research Institute has become a policy model, and countries have begun to test the large model.

The New York Times reported that researchers at the British AI Security Institute (AISI, formerly the AI ​​Safety Institute) will test cutting-edge AI models to find security vulnerabilities and risk boundaries, and this approach is being copied by other governments.

In the past few years, AI regulation has often stopped at the words transparency, responsibility, principles, risk management and voluntary commitments. Now the question is more specific: Will a model help hackers before it is released? Will it lower the threshold for manufacturing hazardous substances? Will it bypass security restrictions in critical scenarios?

This is a question that companies cannot answer alone. Companies can do red team testing and publish security reports, but if the government does not have its own evaluation capabilities, it can only make judgments between press conferences, papers, and corporate commitments. The value of the British AI Security Research Institute lies in its inclusion of the government in the testing process.

This model has begun to spread to international cooperation. The British government announced on May 25 that the British AI Security Institute will cooperate with the Australian AI Security Institute to track cutting-edge AI risks, including how AI systems are used for cyber attacks and how they can be used to strengthen defenses. The announcement also mentioned that the two parties will share insights into AI capabilities, conduct research on emerging risks, and promote international best practices in AI testing and evaluation.

The United States is also heading in a similar direction. The Center for AI Standards and Innovation (CAISI) under the U.S. Department of Commerce recently reached an agreement with Google DeepMind, Microsoft, and xAI to conduct national security-related assessments before the model is publicly released. Microsoft also announced the establishment of cooperation with the US CAISI and the British AISI at the same time to test cutting-edge models, evaluate security protection, and reduce national security and large-scale public safety risks.

This means that cutting-edge model companies will not only face market competition in the future, but also a process that increasingly resembles a "pre-release security assessment." Under such cooperation frameworks as the United Kingdom and the United States, the stronger the model capabilities, the more likely it is that companies will need to provide more materials and access rights to government testing agencies. For startups, if government procurement, corporate procurement or cross-border compliance will refer more to this type of assessment in the future, security testing capabilities will become part of product competition.

In the future, AI supervision will no longer just ask "Has the company written a safety commitment?" but will start asking "Has anyone actually tested it?" This is more troublesome than a statement of principle and closer to reality.