The rapid advancement of frontier artificial intelligence (AI) systems creates an urgent need to protect the infrastructure on which these systems run. As AI advances, the threats associated with it will also increase. Not only can malicious attackers target AI infrastructure to steal model weights or disrupt operations, but untuned AI systems can exploit vulnerabilities in their own infrastructure to bypass safety monitors or steal the AI system itself.
To address this possibility, the authors surveyed 23 experts in early 2026. formal methodUsing mathematical techniques to reason about software behavior and, in some cases, to demonstrate that the system behaves as specified, has the potential to significantly reduce the risks associated with vulnerabilities in AI infrastructure. Survey respondents were experts in the fields of formal methods, AI infrastructure, cybersecurity, software engineering, hardware architecture, and policy.
The authors used survey responses to consider which components of the machine learning inference and training stack are best suited for formal verification, what security properties can be guaranteed, what barriers to development and adoption exist, and how advances in AI-assisted formal methods may change computation. The authors provide preliminary recommendations and starting points for a community technology roadmap aimed at frontier AI labs, the formal methods community, hardware vendors, government agencies, and the broader public.
This publication is part of the RAND Research Report Series. Research reports present findings and objective analysis that address challenges facing the public and private sectors. All RAND research reports undergo rigorous peer review to ensure high standards of research quality and objectivity.
This document and the trademarks contained herein are protected by law. This representation of RAND intellectual property is provided for non-commercial use only. Posting of this publication online without permission is prohibited. We recommend linking directly to this product page. Reproduction or other reuse of RAND research documents for commercial purposes requires RAND permission. For reproduction and reuse permissions, please visit www.rand.org/pubs/permissions.
RAND is a nonprofit organization that helps improve policy and decision-making through research and analysis. RAND publications do not necessarily reflect the opinions of the research customers or sponsors.
