Securing Global Biotechnology

A world in which thousands of people can construct and release autonomous bioweapons is unlikely to flourish

The biotechnology revolution is fueled by our rapidly improving ability to read and write DNA. Advances in our ability to engineer living systems promise a healthier, more humane, and ecologically sustainable future.

Our challenge is to prevent the immense power of biotechnology from being misused. Historical pandemics killed tens of millions of people, and engineered agents could be even more destructive.

Unlike nuclear weaponry, many thousands of people have the technical skills to build and release autonomous biological weapons, but only if they know what to make and can obtain a physical copy – for example, by assembling it from synthetic DNA.

To protect humanity, we should screen all DNA synthesis orders for potential bioweapons, ideally without disclosing what we're looking for. A secure global screening system would:

Our team of academic life scientists, cryptographers, and policy analysts from many nations came together in 2019 to devise a system capable of secure and universal DNA synthesis screening that would be suitable for stepwise or complete implementation by stakeholders.

Current screening approaches are inaccurate and insecure. They work by looking for similarities between ordered DNA sequences and the genomes of potential bioweapons. Unfortunately, there are so many similar sequences that innocent orders are mistakenly identified as threats, requiring human experts to examine them one by one. Worse, the database of potential bioweapons is necessarily public, so newly emerging threats can't be blocked without providing rogue actors with blueprints and a credible incentive to use them.

We accordingly sought to re-envision DNA synthesis screening from first principles:

Necessity: we only need to block the synthesis of a few essential pieces of each bioweapon

Functionality: we should also block access to any sequences predicted to function equivalently

Security: automated screening should not disclose DNA orders or potential bioweapons

Securely screen for random critical fragments and functional equivalents without false alarms

alt_text
Proposed secure and universal DNA synthesis screening system
DNA synthesis orders are automatically broken into fragments and directly compared to a database of pieces chosen at random from critical regions of bioweapons. Any ‘adversaries’ attempting to evade screening cannot know which fragments are protected, forcing them to include mutations across the entire sequence of the bioweapon.

Even mutated fragments can be reliably detected by using the best available computational tools to generate a ranked-order list of all variations predicted to remain functional. A random number of these predicted fragments are included in the database, but only after removing any that match legitimate sequences in the GenBank repository, thereby avoiding false alarms. Including variants at random ensures that adversaries cannot know how many mutations are needed to evade detection, forcing them to guess high.

This "Random Adversarial Threshold" search makes synthesizing protected bioweapons fiendishly difficult. To have even a chance of obtaining all of the necessary DNA fragments, adversaries are forced to include many mutations that are likely to inactivate their desired bioweapon throughout its entire genome, making it effectively impossible to assemble a functional version of a protected bioweapon from screened DNA.

Since the database does not contain matches to unrelated sequences in GenBank that would create false alarms, screening is accurate enough to be fully automated, greatly reducing costs.

Finally, the system can be securely implemented by a distributed network of servers to protect the privacy of both the orders and the database contents. Even hacking multiple servers would uncover nothing. The fully secure version, which is vital to protect against future bioweapons, could be implemented directly or in a stepwise manner depending on the needs of stakeholders.

alt_text
Global DNA synthesis is expected to rise to 1015 base pairs per year in 2030.

Securing DNA synthesis should not impede legitimate scientific or commercial research. Because no fragments in the database will match any harmless sequences in the GenBank repository, only random chance could cause an innocent order to be incorrectly identified as hazardous and blocked. We can calculate this probability using the anticipated database size and amount of DNA likely to be synthesized in a given year. Based on projections, we expect to see approximately one such false alarm in the year 2030.

Companies or laboratories authorized to work with a blocked agent or sequence can be issued certificates by institutions or governments, which would be sent with orders to major DNA synthesis providers possessing secured machines. Any order fragments that match those listed on the certificate would be automatically approved, enabling legitimate researchers to receive shipments without delay. The whitelist mechanism would also prevent abuse of the screening system for individual or commercial gain.

Screening should never disclose the identities of DNA synthesis orders or potential bioweapons. Current screening practices cannot accomplish either: even if an order is securely transmitted to the synthesis provider, it must be accessible to human experts if flagged as a threat.

Cooperative networks of servers can perform distributed computations without any single machine having access to the relevant data. A secure distributed one-way transformation can render fragments from orders and bioweapons uninterpretable, yet still allow them to be compared to determine whether the originals were identical. The database could be made resistant to future quantum computer attacks by arranging for each server to apply an additional quantum-resistant transformation with a unique key and then combining the results.

Our team strongly recommends open-sourcing the code and offering numerous prizes for identified exploits before entrusting the system with sensitive data.

Screening can be performed by physically secure networks of servers located in each major geographic area. Large companies, including commercial vendors who sell synthetic DNA and assembled genes, will be able to communicate with their local network by private fiber lines for extra security and reliability.

Next-generation benchtop synthesizers, which are anticipated to become available in the next few years, will communicate with servers via internet. Working closely with manufacturers can ensure that these machines incorporate hardware locks that will only allow them to function if they receive the correct responses to queries. If screening can be incorporated into all next-generation enzymatic DNA synthesizers and assemblers, the eventual scarcity of chemicals required for older machines will ensure that screening becomes nearly universal.

Should a minimum number of authorized experts concur on the existence of a novel threat, they can add fragments to the database by encoding the update on paper for secure physical transport to each server network. Given the history of espionage, the system could in principle be implemented to permit updates by a handful of concurring authorized experts or even a single expert who need not tell anyone else of the specific threat. This method could guard against future bioweapons that could not be contained once unleashed.

Crucially, the existence of a well-known screening network will provide a way for well-meaning researchers who identify a potential new bioweapon to protect the world without disclosure, avoiding the risk of making the weapon credible and incentivizing well-resourced rogue actors to build them as ‘dead-hand’ switches with which to threaten the international community.

From a security perspective, it would be best if the comprehensive system outlined in this document were adopted in its entirety. Given the potential for current and future advances to weaponize agents currently deemed innocuous, the need for secure screening is dire. However, there may not be an immediate path towards a completely secure implementation.

The Secure DNA team hopes to work closely with current stakeholders to find a viable path towards complete adoption. For example, a stepwise approach might first involve current DNA providers adopting Random Adversarial Threshold search to screen against already-known bioweapons, without the additional cryptographic protection against industrial espionage conferred by the secure version. This would provide time to develop and test a secure implementation, which could then be implemented to improve privacy and security.

alt_text
The Secure DNA Project is expected to evolve through several stages of stepwise adoption.

Given the tensions between our respective nations, the Secure DNA Project has carefully avoided involving any government employees or relying on government funding, although we have kept many relevant agencies and synthesis firms apprised of our effort. While hailing from regions strong in biotechnology and cryptography, we recognize that implementation will require multilateral engagement and contributions from individuals throughout the world.

A Working Group convened by the World Economic Forum and Nuclear Threat Initiative has independently studied the problem and published a report calling for a novel DNA synthesis screening system to be developed by a global, multistakeholder Technical Consortium.

The Secure DNA Project appears to meet or exceed the technical goals identified by the WEF/NTI Working Group, including criteria designated as future challenges. Our design:

At this time, we intend to continue to develop the Secure DNA Project independently of the Technical Consortium, but are open to working together in future.

As a team, we are committed to guarding the world against autonomous bioweapons. Even if future advances render our current approach obsolete, we will work with any and all relevant multilateral groups and individuals to achieve our goal of secure and universal DNA synthesis, be it through a gradual stepwise process or direct implementation. None of us has any preexisting interest in the industry, but the stakes demand nothing less.

When just a handful of individuals representing nation-states were capable of unleashing mass death, our civilization only narrowly avoided global tragedy. Preventing many thousands of individuals from gaining the knowledge and components required to build autonomous bioweapons is one of the more critical challenges of our time. We pledge to meet it together.

alt_text
1918 influenza sick ward, Camp Funston, Kansas, United States

中文 English