Toward Reliable, Safe, and Secure LLMs for Scientific Applications

TL;DR

This paper addresses the unique safety, security, and reliability challenges of deploying large language models in scientific research, proposing a new evaluation framework and defense strategies tailored for science-specific risks.

Contribution

It introduces a detailed threat taxonomy for LLMs in science and proposes a multi-agent system for generating domain-specific adversarial benchmarks and defense mechanisms.

Findings

Synthesized a taxonomy of LLM threats in scientific research.

Proposed a multi-agent system for generating security benchmarks.

Outlined a multilayered defense framework for trustworthy LLM deployment.

Abstract

As large language models (LLMs) evolve into autonomous "AI scientists," they promise transformative advances but introduce novel vulnerabilities, from potential "biosafety risks" to "dangerous explosions." Ensuring trustworthy deployment in science requires a new paradigm centered on reliability (ensuring factual accuracy and reproducibility), safety (preventing unintentional physical or biological harm), and security (preventing malicious misuse). Existing general-purpose safety benchmarks are poorly suited for this purpose, suffering from a fundamental domain mismatch, limited threat coverage of science-specific vectors, and benchmark overfitting, which create a critical gap in vulnerability evaluation for scientific applications. This paper examines the unique security and safety landscape of LLM agents in science. We begin by synthesizing a detailed taxonomy of LLM threats contextualized for scientific research, to better understand the unique risks associated with LLMs in science. Next, we conceptualize a mechanism to address the evaluation gap by utilizing dedicated multi-agent systems for the automated generation of domain-specific adversarial security benchmarks. Based on our analysis, we outline how existing safety methods can be brought together and integrated into a conceptual multilayered defense framework designed to combine a red-teaming exercise and external boundary controls with a proactive internal Safety LLM Agent. Together, these conceptual elements provide a necessary structure for defining, evaluating, and creating comprehensive defense strategies for trustworthy LLM agent deployment in scientific disciplines.