Updated Guidelines for Managing Misuse Risk for Dual-Use Foundation Models

The U.S. AI Safety Institute (US AISI) at the National Institute of Standards and Technology (NIST) released the second public draft of its guidelines on Managing Misuse Risk for Dual-Use Foundation Models (NIST AI 800-1), which outlines voluntary best practices for identifying, measuring, and mitigating risks to public safety and national security across the AI lifecycle.

US AISI made a number of improvements to the initial public draft (released July 2024) to improve usability and incorporate thoughtful feedback from more than 70 industry, academic, and civil society experts submitted during the initial comment period. 

Key updates in this expanded version include: 

• Detailing Best Practices for Model Evaluations: This version was expanded to include a new appendix, which provides a detailed overview of existing approaches to measuring misuse risk and is intended to help make these guidelines more actionable for developers and other users.
• Expanding Domain-Specific Guidelines on Cyber and Chemical and Biological Risk: In order to help operationalize these guidelines in high-priority public safety and national security domains, US AISI added two extensive appendices to the document – one on chemical and biological misuse risk and a second on cybersecurity misuse risk.
• Underscoring a Marginal Risk Framework: Throughout the document, US AISI further clarified the importance of a “marginal risk” framework for assessing and managing risk when analyzing the potential impact of a given foundation model.
• Addressing Open Models: These guidelines were updated to support their proportional application to and usefulness for open model developers, underlining US AISI’s continued support of the trustworthy development and deployment of both open and closed models. 
• Managing Risk Across the AI Supply Chain: While model developers remain the main audience for these guidelines, US AISI included additional content to support risk management practices for a range of actors across the AI supply chain. 

Input from a variety of stakeholders meaningfully strengthened the resulting guidelines. US AISI is committed to ensuring broad input and extensive collaboration to safely harness the immense potential of this technology and advance American leadership in artificial intelligence innovation.

US AISI is seeking another round of public feedback on this second draft of its guidelines on Managing Misuse Risk for Dual-Use Foundation Models (NIST AI 800-1). 

The comment period is now open through March 15, 2025, at 11:59PM Eastern Time. Responses can be submitted via email to NISTAI800-1 [at] nist.gov (NISTAI800-1[at]nist[dot]gov) or online at regulations.gov.