Published by Emerging Technologies Laboratory · via ETL Newswire
Security· 

CEPI Publishes Biosecurity Plan for AI Pandemic Engine as Dual-Use Risk Debate Sharpens

The Coalition for Epidemic Preparedness Innovations disclosed its 'biosecurity-by-design' framework for an agentic AI vaccine platform, and named misuse by malicious actors as a design constraint, not an afterthought.

By Renée Kovac, Correspondent · Security Desk

The Coalition for Epidemic Preparedness Innovations published a detailed account on June 11 of how it plans to govern biosecurity risks inside the Pandemic Preparedness Engine for Disease X, a platform it describes as the first AI system purpose-built for end-to-end vaccine development. The document, co-authored by CEPI biosecurity consultant Dr. Sarah R. Carter and PPX access lead Mats Olsen and reviewed by this reporter on the CEPI website, lays out a managed-access model and calls out the dual-use problem directly, which is worth noting, because preparedness platforms rarely do that in public.

The engine itself is designed to compress the time from pathogen identification to a deployable vaccine. According to the CEPI site, the platform will incorporate what the organization calls "agentic" capabilities, AI that can plan, coordinate, and execute multi-step tasks, pulling together genomic surveillance data, vaccine design tools, and regulatory submission workflows into a single system. The architecture is also meant to serve as a global public good, with CEPI working to build a network of regional computing hubs so that researchers in lower-income countries can reach the platform without routing through a single national chokepoint.

The dual-use flag is the more interesting part of the filing. CEPI states plainly that it recognizes "the potentially serious biosecurity risks that new biological AI systems pose in the event they are intentionally misused by malicious actors to cause harm." That's a reasonable but still underspecified statement: it doesn't say which capability classes concern them most, broad pandemic-capable pathogen design, targeted toxin synthesis, or something else, and the document doesn't quantify the threat at any confidence level. Readers should treat the concern as a high-confidence observation that the risk exists, and a low-to-moderate-confidence picture of its contours.

What CEPI does commit to is a multi-layer mitigation stack. According to the CEPI biosecurity page, the architecture includes rigorous vetting of researchers, controlled data transfer protocols, and an embedded autonomous "biosecurity agent" that monitors activity in real time as a guardrail against misuse. The Carter and Olsen piece adds that access governance needs to be context-dependent, pre-defined, objective criteria for who counts as a trusted user, and that governance mechanisms must be representative, transparent, and trusted if they're going to hold in a crisis. That's a governance aspiration, not yet a governance structure; the criteria haven't been published.

CEPI is partnering with philanthropy Sentinel Bio on the biosecurity-by-design layer, and has described the approach as a departure from research models that tack on risk mitigation after a technology is already built. According to the CEPI website, the organization has codified biosecurity's role in its 2027-2031 strategy document. Whether that codification translates into enforceable access controls with actual verification teeth is a question the documents don't yet answer.

The timing matters. This disclosure came on the same day CEPI CEO Dr. Richard Hatchett addressed the Biosecurity at the Frontier conference at Imperial College London, where the UK Security Minister warned that biological threats are becoming "more complex, more frequent and more interconnected." Dr. Hatchett's remarks, published on the CEPI site, noted the current Bundibugyo Ebolavirus outbreak as a live example of agentic AI already shaping an outbreak response, analyzing epidemiological data and contextualizing events against prior outbreaks.

The combination of a live hemorrhagic fever outbreak, a publicly named dual-use risk from a major preparedness platform, and a UK government characterization of the threat landscape as worsening in 2026 alone gives the CEPI filing more operational weight than a routine governance paper. The question the public record doesn't answer yet: what happens when a "responsible user" determination is contested across jurisdictions, and who arbitrates it. That's the governance gap worth watching.

Sources cited:
- CEPI, Biosecurity-by-design for CEPI's Pandemic Preparedness Engine (https://cepi.net/biosecurity-design-cepis-pandemic-preparedness-engine)
- CEPI, The 100-Day Imperative: pandemic preparedness, AI-driven threats, and the case for a new global architecture (Hatchett speech, June 10, 2026) (https://cepi.net/100-day-imperative-pandemic-preparedness-ai-driven-threats-and-case-new-global-architecture)
- CEPI, Securing The Pandemic Preparedness Engine (https://cepi.net/securing-pandemic-preparedness-engine)
- CEPI, Building a global AI platform for pandemic preparedness (https://cepi.net/building-global-ai-platform-pandemic-preparedness)
- Imperial College London, Imperial launches Biosecurity Network of Excellence (https://www.imperial.ac.uk/news/articles/2026/biosecurity-at-the-frontier-conference/)
- Bulletin of the Atomic Scientists, 'Agentic' life sciences AI is exacerbating bioweapons concerns (https://thebulletin.org/2026/02/agentic-life-sciences-ai-is-exacerbating-bioweapons-concerns-heres-what-to-do-about-it/)

Reporting by Renée Kovac, Correspondent, for the Security desk · ETL Newswire staff
Read more at the source

This release was originally distributed via ETL Newswire. Visit CEPI, Biosecurity-by-design for CEPI's Pandemic Preparedness Engine for the full story, related releases, and contact information.

Visit CEPI, Biosecurity-by-design for CEPI's Pandemic Preparedness Engine →