# AI safety and alignment: the field measuring whether frontier models are safe to deploy
> The field of techniques and institutions trying to ensure frontier AI systems behave as intended and cannot be weaponized, as capability gains outpace safeguards.

**Meta:** type: reference · date: 2026-07-03 · heads:  · 4 takes · 2 lenses · 3 regions

## What it is

AI safety and alignment asks whether frontier models do what their builders intend, whether they can be steered reliably, and whether they can be prevented from causing catastrophic harm. Three research clusters define the field: evaluations (structured pre-deployment tests for dangerous capabilities such as bioweapon assistance or cyberweapon generation), interpretability (techniques to understand internal neural-network computations, not just outputs), and alignment methods (training procedures including reinforcement learning from human feedback, constitutional AI, and debate). A fourth cluster, governance, translates research findings into institutional controls: safety frameworks, red lines, and regulatory thresholds. World-news readers track this beat because the decisions it produces, from whether a model is safe to deploy to which countries receive access, now move markets and trigger government interventions.

## History

The field became a structured research program in 2016, when researchers at Google, UC Berkeley, and OpenAI published "Concrete Problems in AI Safety," the first systematic research agenda for the problem. Anthropic was founded in 2021 by former OpenAI researchers Dario and Daniela Amodei, with safety as its explicit stated purpose. The field's institutional turning point came in November 2023, when 28 governments signed the Bletchley Declaration and mandated an international scientific assessment of AI risks. The UK launched its AI Safety Institute that year; the US followed in 2024. The first International AI Safety Report, chaired by Yoshua Bengio, appeared in 2025. The 2026 edition expanded to 92 contributors representing 29 nations.

## Current state

The 2026 International AI Safety Report (Bengio et al., February 2026) found that leading systems now exceed PhD-level expert performance on science benchmarks and can complete cybersecurity tasks designed for practitioners with more than ten years of experience. Systems capable of designing novel therapeutics can, with minimal modification, design novel pathogens. The US government's response to a Fable 5 jailbreak in June 2026 showed what enforcement looks like in practice: a US Commerce Department export-control order took [the model offline globally](/en/n/fable5-ai-export-controls) within three days of the jailbreak's discovery, before [Anthropic redeployed it 19 days later](/en/n/fable5-global-reinstatement-jul1) with a new cybersecurity classifier developed alongside US intelligence-community partners. Anthropic's Responsible Scaling Policy (version 3.3, May 2026) gates each training run on AI Safety Level threshold evaluations; ASL-3 deployment standards activate when a model can meaningfully assist in chemical, biological, radiological, or nuclear weapon development. More than 12 labs had published frontier safety frameworks as of early 2026, but the UK AI Security Institute finds universal jailbreaks in every system it tests.

## Relationships

The safety beat intersects three live story threads. First, the frontier lab arms race: each capability jump by Anthropic, OpenAI, Google DeepMind, Meta, and Chinese labs such as DeepSeek raises the stakes of unsolved alignment problems. Second, the biosecurity overlap: AI systems topping expert benchmarks on protein design and genomic analysis create dual-use risks that connect directly to the [push for mandatory synthetic-DNA screening legislation](/en/n/dna-synthesis-screening-letter-2026). Third, the geopolitics of access: US export controls on frontier models are justified partly by safety concerns and partly by strategic competition, making commercial access and safety governance inseparable. Independent evaluators, primarily METR (a US nonprofit) and the UK's AI Security Institute, provide the institutional bridge between lab self-assessments and regulatory decisions.

## What to watch

The ASL-4 threshold is the nearest hard line: Anthropic defines it as a model that can meaningfully accelerate the development of biological, chemical, radiological, or nuclear weapons. No deployed model had reached ASL-4 as of mid-2026, but METR's February 2026 Frontier Risk Report put the first potential ASL-4 system within a one-to-three-year window. Watch whether the US Congress codifies mandatory pre-deployment evaluations into law, which would make independent assessments a legal prerequisite for commercial release. Watch also whether international evaluator access survives US-China technology decoupling: Chinese frontier models remain outside the global evaluation framework, a gap the 2026 International AI Safety Report flags as a structural risk to any cross-border governance regime.

## Regional takes (batched by bias / lens)

### official record
- **International AI Safety Report 2026 (Bengio et al., 29-nation Expert Advisory Panel)** (International, en) — February 2026 scientific consensus report on frontier AI capabilities and risks; 92 contributors, 29 national representatives; finds leading models exceed PhD-level science benchmarks and complete expert-level cybersecurity tasks.
  Source: https://arxiv.org/abs/2602.21012
- **Anthropic** (United States, en) — Anthropic's Responsible Scaling Policy (version 3.3, effective May 2026): gates each training run and deployment on AI Safety Level evaluations; defines ASL-3 and ASL-4 thresholds for CBRN-assistance capabilities.
  Source: https://www.anthropic.com/responsible-scaling-policy
- **METR** (United States, en) — METR's published research on autonomous-capability and dangerous-capability evaluations of frontier models from Anthropic, OpenAI, Google DeepMind, and Meta; includes the February 2026 Frontier Risk Report on rogue deployment risk.
  Source: https://metr.org/research/

### UK government evaluator; publishes independent assessments of frontier model capabilities and safeguards
- **UK AI Security Institute** (United Kingdom, en) — First Frontier AI Trends Report: AI cybersecurity task completion by leading models rose from 9 percent in late 2023 to 50 percent by 2025; universal jailbreaks found in every system tested.
  Source: https://www.aisi.gov.uk/blog/5-key-findings-from-our-first-frontier-ai-trends-report

## Across the graph
- Related: [[fable5-global-reinstatement-jul1]], [[fable5-ai-export-controls]], [[dna-synthesis-screening-letter-2026]]

---
Canonical: https://rbtfl.xyz/en/n/compute-frontier-ai-safety-backgrounder