Sarah R. Carter, PhD
Principal, Science Policy Consulting
A Framework for Managed Access to Biological AI Tools
Safeguarding Innovation while Supporting Responsible Use of Biological AI Tools
The convergence of artificial intelligence (AI) and the life sciences has driven the development of biological AI tools with a range of beneficial applications. However, some of these tools have also raised concerns among biosecurity experts that they could be misused by malicious actors to cause harm, including by making it easier to engineer dangerous pathogens.
Building off the work and recommendations of previous NTI | bio reports, this paper proposes a framework for managed access to biological AI tools, including guidance for assessing the risks posed by individual tools and for verifying user identity and legitimacy. It offers recommendations for funders, model developers, and hosting services to support future development and implementation of managed access.
A smart approach to managing access to biological AI tools will decrease the possibility of accidental or deliberate misuse while supporting innovation through equitable and legitimate access to these transformative capabilities. Effective managed access will also provide a foundation for other built-in guardrails, reducing the risk that such guardrails will be avoided or removed.
Principles and Framework
Informed by interviews with more than 20 experts in biosecurity, biological AI tool development, and bioscience research, the framework adopts two central principles:
- Access should be tiered based on the tool’s risk level.
- The need for security should be balanced with the need to provide equitable access.
These principles seek to maximize the benefits of these powerful tools while effectively reducing risk and underpin the framework and its elements: risk levels of biological AI tools, criteria for user legitimacy, and practices for verifying users. The paper also includes a set of considerations for establishing managed access within platforms, including necessary infrastructure, governance approaches, and recommendations for equitable implementation. These platforms will be vital for the successful implementation of managed access framework.
Recommendations
This paper represents an important starting point for an ongoing conversation about how to responsibly and effectively implement managed access for biological AI tools. The elements proposed here will need to be further developed, adapted by different communities of tool developers, and refined over time. To support this, the paper offers the following recommendations:
- Funders of biological AI tools should
- Offer low- or no-cost access to computational infrastructure to host models for developers who follow appropriate managed access procedures
- Fund the development of new managed access platforms, where needed
- Fund technical projects and practical workshops to support development of tools and best practices in support of managed access
- Model developers, in partnership with biosecurity experts and others, should
- Use a tiered risk framework to consider biosecurity risks during development
- Implement managed access approaches that are appropriate to the risk level of their tools
- Record lessons learned from implementing managed access and work with other model developers to identify best practices
- Platforms that provide or host biological AI tools should implement managed access procedures consistent with this framework that
- Support scientific innovation—for example, by enabling tools to be discovered, verified, used, adapted, compared with similar tools, and maintained over time
- Maintain equity and access for responsible users with transparent, defensible, and consistently applied criteria for users to establish legitimacy
- Expand access through secure, user-friendly APIs that include oversight to ensure responsible use
Managed access will be critical for reducing biosecurity risks related to the misuse of biological AI tools. By working to develop best practices for each element of this framework—risk levels, tiered access, and practices to verify legitimacy—developers of biological AI tools and the broader life sciences community can reduce risks while maintaining the benefits of these tools.
Stay Informed
Sign up for our newsletter to get the latest on nuclear and biological threats.
More on
AIxBio Horizon Scan Winter 2025-2026
The AIxBio field stands at a critical juncture where rapid capability advances are outpacing governance frameworks and safety measures. The next 18 months will likely prove pivotal in determining whether voluntary safety practices by AI companies, emerging evaluation frameworks, and international coordination efforts can keep pace with technological development.
Safeguarding Against Global Catastrophe
AIxBio capabilities hold immense promise—but they also introduce unprecedented risks. The exploitation of AIxBio capabilities for harm is a plausible near-term risk—and the time for action is now. NTI | bio offers actionable recommendations for governments, industry leaders, and philanthropic organizations to prevent catastrophic misuse.
AIxBio Horizon Scan: Spring 2026
Since the AIxBio Horizon Scan Winter 2025-2026 published in March 2026, there has been steady, incremental progress across AI-enabled biological tools. Protein design tools have continued to improve, agentic coding tools have matured in ways that lower barriers to computational biology, and commercial AI companies are making significant investments in the life sciences.