In the last decade, various labs that allow users to remotely conduct physical and life science research have been established around the world. Known as cloud labs, these facilities often rely on standardized procedures, highly automated workflows, and sophisticated data management to support research in areas such as drug discovery and materials chemistry in a fee-for-service model. Users do not need direct access to a laboratory for their own research.
At the same time, though, these remotely operated cloud labs pose new risks of accidents and misuse. By adopting comprehensive security measures, including routine evaluations and monitoring via artificial intelligence (AI), the scientific community, ideally through a consortium, can harness the full potential of cloud labs while ensuring safe and secure research environments.
Cloud labs are changing scientific research by offering fully remote, on-demand, and highly automated laboratory environments that confer a high degree of autonomy to scientific research as an on-demand service. Users can plan and customize experimental workflows without ever having to step foot inside a physical laboratory. Cloud labs, and their user interfaces, are the link between the digital and physical domains in science.
With their increased accessibility, scalability, and operational flexibility, cloud labs enable researchers to collaborate across geographical boundaries and reduce the costs of acquiring expensive instrumentation needed for research.
Cloud labs enable researchers to collaborate across geographical boundaries and reduce the costs of acquiring expensive instrumentation needed for research.
Emerald Cloud Lab (ECL) is one example of this innovative approach. Established in 2010 with a $100 million investment, ECL operates two main facilities: a 105,000-square-foot laboratory in Austin, Texas, and a 20,000-square-foot site in Pittsburgh, Pennsylvania, developed in partnership with Carnegie Mellon University.
Although on-site human operators are needed, researchers can design and manage experiments, drastically reducing costs and time to achieve key data. The advantages of cloud labs, as demonstrated by ECL, include improved efficiency, flexibility, and productivity.
By ensuring reproducibility at the push of a button and capturing data automatically, cloud labs overcome typical challenges faced by traditional laboratories, such as limited access to instruments and high operational costs. This cloud lab model not only maximizes the use of laboratory resources but also facilitates collaboration among distant researchers, streamlining data management and potentially reducing costs in areas like drug discovery, ultimately advancing scientific progress and societal benefits.
Automation in science is not new, nor are scientific cloud labs. What is new is the possibility for artificial intelligence to transform how users interact with cloud labs to direct a range of experiments, from peptide synthesis, to high-throughput compound screens, to cell culture.
Integration of AI systems, as demonstrated by the Coscientist agent, can also provide semi-autonomous experimental design and execution. AI has allowed for natural language inputs to be translated into carefully planned steps that happen inside a laboratory. While this could drive research, it also has implications for biosecurity. A lower technical skill barrier to designing experiments, combined with the kind of one-stop-shop research that cloud labs may provide, could expand the pool of bad actors.
Currently, there is a lack of data regarding cloud lab operations, their workflows, or their number and types of customers. There are no public documents that detail the locations or capabilities of cloud labs around the world, akin to Global Biolabs' tracking mechanisms that document high-containment laboratories conducting pathogen research.
In addition, there are no standardized approaches for customer screening that are public and shared between different cloud lab organizations. Although the DNA synthesis community, recognizing the security risks of DNA synthesis misuse, has come together to form the International Gene Synthesis Consortium (IGSC) with a standard screening protocol (PDF), there is no cloud lab equivalent.
Accidental pathogen release from research laboratories have been well documented and at times debated. Such breaches, and any potential for breaches, should be noted at cloud labs. Aside from accidents, the threat of cloud lab misuse should also be taken seriously. As stated above, AI can potentially lower the barrier to entry for bad actors, and the one-stop-shop model for biological research could make cloud labs attractive targets for exploitation.
In the policy space, cloud labs have been referenced in several official documents. Several DNA synthesis screening frameworks from both the United States (PDF) and the United Kingdom mention or are inclusive of the work done in cloud labs. The White House Executive Order on Safe, Secure, and Trustworthy Artificial Intelligence also focuses on synthesis screening as a way to prevent AI-created products from being actualized. The White House National Security Memorandum on AI mentions cloud labs and screening of orders and data streams.
Synthesis screening can provide effective mitigation against potential misuse, however, it should be treated as one tool in a broader arsenal. The security concerns raised by cloud labs go beyond just the end products, such as DNA, RNA, protein, organisms, and so forth. Concerns also include equipment, how research becomes centralized, and natural language inputs. To that end, more direct guidance specifically designed for cloud labs, and autonomous science in general, may be warranted.
Developing robust biosecurity measures for cloud labs does not necessarily mean reinventing the wheel. Established organizational models and practices could be replicated and adapted specifically for cloud labs. A cloud lab security consortium (CLSC), similar to the IGSC for DNA synthesis providers, could set the stage for sharing best practices, norms, and self-regulating actions in addition to establishing community-driven standards and protocols.
Established organizational models and practices could be replicated and adapted specifically for cloud labs.
This proposed CLSC could undertake various actions that improve end-to-end security and deter certain bad actors. A unified screening protocol that includes know-your-customer screening as well as tracking of all lab tasks that are executed and data generated per customer could improve end-to-end security. Cloud labs also can generate large volumes of data, especially as the number of customers and workflows increase. The consortium could collectively develop AI systems to do real-time monitoring of requests and experiments that would flag certain user activities across its ecosystem. Data sharing within the CLSC could also identify users that may split orders and activities between different cloud labs in an attempt to obfuscate activities and reduce the chances for detection.
Promotion of consortium membership could create an environment where involvement is desired and new cloud labs are brought into the fold of standardized practices. These efforts could also streamline data collection for identifying and assessing cloud labs in a manner similar to that of the Global Biolabs initiative mentioned above.
Lastly, biosecurity measures at cloud labs could be developed around the results of evaluations that include routine reviews and red teaming results. Reviews, likely conducted internally, could ensure that standards are being met. Red teaming conducted by third party evaluators of both physical facilities and digital infrastructure of cloud labs could unearth unique attack vectors and vulnerabilities. Evaluation results would be the foundation for protocol updates and patches that would then be shared across the CLSC.
The creation of a CLSC could be a worthy first step toward enhanced security. It would not only safeguard against potential misuse, but also promote a culture of responsibility and trust in the rapidly evolving landscape of cloud labs that conduct physical and life science research.
