AI Safety

Anthropic and AE Studio's GRAM method enables modular AI access control, isolating dangerous knowledge

New technique GRAM lets you switch dangerous AI knowledge on/off like a light.

Deep Dive

Frontier AI models possess knowledge that can be misused for harmful tasks like bioweapons or cyberattacks. Current defenses—refusals, classifiers, and tiered access—have drawbacks: refusals can be jailbroken, and tiered access forces a coarse trade-off between capability and safety. To address this, researchers at AE Studio and Anthropic developed Gradient Routed Auxiliary Modules (GRAM), a method that confines dangerous knowledge to specialized modules that can be toggled on or off. This allows a single model to approximate multiple models trained on different filtered datasets, enabling fine-grained access control without retraining separate models.

In experiments, GRAM was tested on a synthetic dataset of children’s stories (26M parameters) and on real-world dual-use data including virology, cybersecurity, nuclear physics, and specialized code (800M-parameter model). Results show that switching a topic off in GRAM performs similarly to training a model from scratch without that data. The method scales from 50M to 5B parameters, and a single GRAM model can match the performance of five distinct filtered models. Importantly, this is preliminary research not yet applied to production at Anthropic, but it offers a promising path toward safer, more flexible AI deployment.

Key Points
  • GRAM isolates dangerous knowledge to switchable modules, enabling per-user access control without retraining.
  • A single GRAM model approximates five separate models trained on different filtered datasets (virology, cybersecurity, nuclear physics, code).
  • Method validated on models up to 5B parameters; still preliminary and not in production at Anthropic.

Why It Matters

Enables granular AI access control per user trust level, reducing misuse risk without sacrificing model capability.

📬 Get the top 10 AI stories daily