With frontier AI, capability jumps will likely be unpredictable and non-linear and often invisible until they cross some deployment threshold. The detection lag needs to be shorter than capability emergence timescales, but right now it's inverted. We need metrics that can signal dangerous capability before it actually happens. This is urgent because by the time a lab can detect dangerous capability through current methods, it may already be deployed or too late to stop.
Problem 2: Calibrating Likelihood × Severity Without PrecedentMost control layers assume some calibration of likelihood × severity, but we don't have a way to measure how likely dangerous outcomes are and how severe they would be. The goal is to set limits so we can say something like - under these assumptions, risk could exceed X%. Because frontier AI is so new and develops so rapidly, we can't just copy what we learned from nuclear or biotech regulation. We need models that tell us how AI scales with more compute, and how real threat actors would actually use those capabilities. Right now, each safety evaluation gives us pieces of information about the risks, but we have no systematic way to combine all those pieces into risk assessment. Without clear risk thresholds, every frontier model deployment is a gamble on unknowable tail risks.
Problem 3: Organisational Readiness and Accountability StructuresEven if we solve technical risk, governments and labs may still be dysfunctional and create some issues. The problem is that even if governments establish safety requirements, many labs developing frontier AI lack clear compliance structures. Many labs equate safety with having an internal policy, but what some don't have is clarity about how decisions will be made when something goes wrong and who can stop the release of a potentially dangerous model. Who bears risk ownership? Where does accountability live? This is urgent because governance structures take years to mature. The field may only have quarters before truly frontier-level models appear. You can't build organisational readiness overnight.
Problem 4: Cross-Jurisdictional Incident ResponseOpen-source and fine-tuned derivatives make it difficult to have a centralised response. Incident response across jurisdictions is unclear - who shuts down a rogue API endpoint hosted abroad? Cybersecurity has CERT networks for coordinated disclosure, but frontier AI doesn't have an equivalent. Without cross-border incident protocols, a frontier model deployed in one jurisdiction can be exploited everywhere else before response mechanisms activate.
Problem 5: Competition-Driven Norm SolidificationThe current norms in frontier AI development are driven by competition and profit rather than safety. Labs race to deploy first, and safety measures that slow development are seen as competitive disadvantages. If we don't establish different norms now - while the field is still relatively small and malleable - these competition-first practices will solidify into industry standards. Once norms become entrenched, changing them becomes exponentially harder. We have a narrow window to align frontier AI development on safety before the race dynamics become permanent.