Building a safer future for AI research
AI research has scaled fast - and so have the risks. In FY 2025, the National Science Foundation (NSF) invested $2 billion in AI R&D to keep the U.S. competitive. With that momentum comes exposure to espionage, misuse, and ethical missteps. A Virginia Tech team has secured a $300,000 NSF award to strengthen research security across the AI project life cycle.
Why research security needs an upgrade
Security concerns used to cluster around military or commercially sensitive work. That boundary is gone. "There's now a concern with the entire research life cycle, especially with emerging technologies like AI and biotechnologies, in a way that there just wasn't before," said Rockwell Clancy, research scientist in the Department of Engineering Education. "The risks of stolen intellectual property can happen during data collection, while co-developing models with international collaborations, throughout evaluation and publication, or even in routine conversations about project progress."
Several pressures are driving change: rapid translation of research to applied tech overseas, more cases of IP diversion and illicit transfer, and the reality that AI data, models, and methods can be exploited long before publication. Federal agencies have acknowledged that current standards leave gaps. For reference, see NSF's guidance on research security and integrity (NSF Research Security) and NIST's AI Risk Management Framework (NIST AI RMF).
From talk to tools: evidence-based scenarios and training
Many universities are discussing research security. Fewer are giving faculty practical tools they can use day to day. Agencies are asking for discipline-specific training that shows researchers what threats look like in their own fields - not just high-level policy.
"Our team here at Virginia Tech is one of the few groups developing evidence-based, scenario tools to help researchers understand and determine what threats across the AI research life cycle look like," said Qin Zhu, associate professor of engineering education and principal investigator. The team will interview and survey stakeholders - including active AI researchers - to surface real patterns of risk. Those insights will inform fictional but realistic scenarios that model breaches or misconduct across stages of work, from data collection to dissemination.
Once refined, the scenarios and guidance will be packaged into a digital toolkit that universities, funders, and industry partners can use to recognize and respond to risks. "Our ultimate goal is to show our industry partners and funding agencies that we are knowledgeable and care deeply about secure research," said John Talerico, assistant vice president for research security. "We want to be able to say, 'Come sponsor your research here at Virginia Tech. Your work is safe with us.'"
What the toolkit will help protect
- Data assets: collection pipelines, sensitive datasets, access controls, and retention.
- Models and code: checkpoints, weights, proprietary methods, and version history.
- Collaboration channels: cross-border work, shared infrastructure, and vendor access.
- Publication and review: preprints, peer review confidentiality, and artifact release.
- Informal exchanges: lab meetings, conference networking, and routine status updates.
Practical steps AI researchers can take now
- Map your project's life cycle and mark where data, models, and IP are most exposed.
- Segment access by role; log and review access to datasets, repos, and checkpoints.
- Set collaboration terms early: IP ownership, data handling, and export controls.
- Run a pre-publication risk review for datasets, code, and model artifacts.
- Keep sensitive discussions off unsecured channels; use vetted platforms and MFA.
- Document decisions on data provenance, model training sources, and third-party tools.
- Incorporate short, scenario-based refreshers into lab onboarding and quarterly meetings.
Meet the research team
- Qin Zhu, principal investigator, associate professor, Department of Engineering Education
- Rockwell Clancy, research scientist, Department of Engineering Education
- Lisa M. Lee, senior associate vice president, Office of Research and Innovation; director, Division of Scholarly Integrity and Research Compliance
- John Talerico, assistant vice president for research security and chief research officer
The mandate is clear: pair AI progress with concrete safeguards. This project moves beyond policy statements to give researchers practical tools they can put to work - the kind that reduce risk without slowing discovery.
Your membership also unlocks:
