Expert Survey: AI Reliability & Security Research Priorities

Written By Joe O'Brien

Our survey of 53 specialists across 105 AI reliability and security research areas identifies the most promising research prospects to guide strategic AI R&D investment. As companies are seeking to develop AI systems with broadly human-level capabilities, research on reliability and security is urgently needed to ensure AI's benefits can be safely and broadly realized and prevent severe harms. To inform strategic investment, we asked 53 experts to rate subsets from a list of 105 technical AI reliability and security research areas on importance and tractability.

This study is the first to quantify expert priorities across a comprehensive taxonomy of AI safety and security research directions and to produce a data-driven ranking of their potential impact. These rankings may support evidence-based decisions about how to effectively deploy resources toward AI reliability and security research.

Our survey revealed the following:

  • Highly promising research directions centered around robust early warning and monitoring of AI risks. Some of the most promising sub-areas included specific capability evaluations (e.g., CBRN, cyber, and deception), understanding emergence and scaling laws, and advancing agent oversight.

  • Multi-agent systems emerged as a critical priority. All multi-agent research areas ranked in the top 30, suggesting these systems present novel risks distinct from single agents that require urgent attention.

  • Experts strongly valued improving both specific AI evaluations, and the science of evals. 6 of the top 10 approaches focus on evaluating dangerous capabilities.

  • We identified high-importance but challenging areas requiring more substantive investments of time and research. Access control and interface hardening, supply chain integrity, weight security, and confidential computing all rated highly on importance but low on tractability

  • For immediate impact (<$10M, 2 years): Fund dangerous-capability evaluations, scalable oversight tools, and multi-agent metrics, oversight, and monitoring—areas with strong expert consensus but currently undercapitalized relative to risk.

  • Notably, 52 of 53 experts identified at least one research direction as both important and tractable, demonstrating broad optimism about accessible, actionable opportunities in AI reliability and security research.

We also provide several policy recommendations:

  • Direct funding: Congress and relevant executive agencies, such as the National Science Foundation, should consider directly appropriating funding toward the most promising research areas identified in this report.

  • Incentivizing investment: Short of providing direct funding, government agencies can use various indirect methods to incentivize additional investment in promising AI R&S research areas, such as by listing research gaps as official government priorities, or providing tax incentives or subsidies.

  • Coordinating investment: Identify and proactively communicate research needs internally and externally, targeting relevant government researchers, industry stakeholders, academia, and the broader research community.

  • Strengthening talent pipelines: Alleviate limited availability of specialized talent by sponsoring upskilling efforts, or consider how to incentivize the use of AI models themselves to differentially accelerate reliability and security research.

  • Expanding researcher access: Because limited model access impedes research, government should support continued use of NAIRR, and encourage industry to waive model access costs for underresourced research organizations.

Joe O'Brien
Previous

Asymmetry by Design: Boosting Cyber Defenders with Differential Access to AI
Next

Location Verification for AI Chips