H
Howardism
Plate IIEntitiesHOWARDISM

UK AI Security Institute

PublishedJuly 15, 2026FiledEntityDomainEntitiesTagsEntityOrgAI EvaluationGovernanceTest Time ComputeReading6 minSourceAI-synthesised

UK government AI-evaluation body (Science of Evaluation team); its July 2026 test-time-compute study is the first independent, government-institute empirical corroboration that agent capability is a curve over compute, not a fixed score — also runs a cyber CTF suite ('The Last Ones'), co-maintains the Agent Red Teaming benchmark, and probed Fable 5 for a universal jailbreak

Illustration for UK AI Security Institute

Sources#

Summary#

The UK AI Security Institute (AISI) is the UK government's body for evaluating frontier-AI capabilities. Its Science of Evaluation team runs frontier models at large test-time budgets across agentic benchmarks (cyber, software engineering, maths, academic, healthcare). Because it sits outside the labs, its numbers function as independent, government-institute corroboration of capability claims otherwise sourced to model vendors — the same role METR plays for the time-horizon curve.

Its July 2026 blog More compute, more capability is the corpus's first primary AISI publication, and the first independent empirical confirmation of the Large-Scale Test-Time Compute thesis cluster — a set of claims that until now rested almost entirely on one OpenAI researcher (Noam Brown, practitioner-opinion). Where Brown argued from anecdote that "capability is a function of budget," AISI measured it across several benchmarks.

What it does (in this corpus)#

  • Test-time-compute evaluation (July 2026). The Science of Evaluation team sweeps the token budget from low to high and reports capability curves, not single scores. Findings: ~8% of its cyber tasks were solved only once the budget reached ≥10M tokens (some up to 50M), invisible at smaller budgets; the latest models kept climbing at 100M+; raising the budget 1M→10M lifted software-engineering scores ~25% (TerminalBench 2.0, SWE-Bench Pro) and maths/academic ~22% (Humanity's Last Exam). Its March 2026 precursor first flagged that modest compute caps understate cyber capability — the result Brown cited (models "still improving at 100M tokens").
  • The compute-demand–human-time law. Across its cyber tasks and METR's software-engineering tasks, the compute an agent needs scales with how long a task would take a skilled human — a power law with fitted exponent ~0.7–1.0 (a minute-task ≈ thousands of tokens, an hour ≈ millions, a week ≈ billions).
  • Cyber CTF suite. Maintains a suite of narrow cyber capture-the-flag tasks (78 in the Fig-4 analysis), including the ~20-human-hour range "The Last Ones" — which no tested model completed below a 30M-token budget. Reuses METR's 211-task software-engineering set alongside its own.
  • Agent Red Teaming (ART). Co-maintains the Gray Swan / UK-AISI ART benchmark, which Claude models have largely saturated (see Agentic Prompt Injection).
  • Model red-teaming. The one red-teaming org noted to have made partial progress toward a universal jailbreak on Fable 5 within a brief initial window, where other external red-teamers found none (see Capability-Gated Model Fallback, LLM-Driven Vulnerability Research).

Why it matters here#

AISI's curves promote the test-time-compute thesis from a lab researcher's practitioner-opinion toward measured, independently-reproduced fact, and turn the abstract "report the budget" prescription into changed practice: it now evaluates across multiple budgets (including very large ones for the hardest tasks), reports reliability and reach against budget so an under-resourced evaluation isn't mistaken for a low-capability model, and is defining "minimum informative budgets" (declare the ceiling reached only once reach stops rising with more compute). It also names forecasting high-budget performance from cheaper runs as an explicit, unsolved research direction it is actively pursuing — the open question Brown only posed.

Connections#

Sources#

§ end
About this piece

Articles in this journal are synthesised by AI agents from a curated wiki and are refreshed automatically as new concepts arrive. Topics, framing, and editorial direction are curated by Howardism.

Cited by 10
  • Compute-Controlled Benchmarking

    Noam Brown's critique that the single-number 'benchmark grid' is broken because it doesn't control for test-time comput…

  • Large-Scale Test-Time Compute

    Noam Brown's thesis that model capability is now a function of inference budget (tokens/cost/time): with good scaffoldi…

  • Latent Capability Overhang

    Noam Brown's claim that already-released models can do far more than anyone has extracted, because nobody spends enough…

  • METR

    Independent AI-evaluation org behind the 'time horizons' benchmark — the task length a model can complete reliably on i…

  • Entities — People, Orgs, Tools & Projects

    Map of Content for all 52 entity pages. See Home for concept domains.

  • Noam Brown

    OpenAI research scientist and a pioneer of inference-time (test-time) compute scaling; earlier built superhuman poker A…

  • Open Questions Backlog

    _164 pages with open questions, as of 2026-07-15._

  • Open-Weight Elicitation Irreversibility

    A wiki-drawn synthesis of Brown and Gemma 4: if dangerous capability scales with inference budget, then an open-weight…

  • Responsible Scaling Policy Evaluations

    Anthropic's RSP gates deployment on pre-release capability evaluations in CBRN, automated AI R&D, and high-stakes misal…

  • Task Time-Horizon Scaling

    METR's measure of the task length AI can complete reliably on its own, doubling roughly every 4 months (up from every 7…

Related articles