Systems Security track - MATS Program

Research in this track covers software and infrastructure-level hardware security mechanisms for monitoring and securing AI development and deployment, including side-channel analysis, cluster security, and physical-layer verification. Importantly, this track is distinct from the broader "AI security" framing that refers to adversarial robustness or jailbreaking; the focus here is on literally securing the systems that advanced AI runs on, including data centers, hardware supply chains, compute clusters, and model weights.

Apply by June 7th

Application process

Initial application: No track-specific questions.
Stream applications & follow-up: Apply to individual streams; follow-up includes interviews and/or additional assessments depending on the stream.

Systems Security track overview

Systems Security track streams

No items found.

Epoch AI

Empirical

Systems Security

This stream will work on gathering and analyzing data in order to shed light on the driving forces behind AI and monitor its impacts.

Mentorship structure

Scholars will have individual weekly meetings for half an hour with their mentor, as well as a group meeting with their mentor for half an hour. Additionally, scholars will attend Epoch’s weekly Work In Progress meeting.

Desired scholar characteristics

Some useful characteristics (don't need all of these):

a background in statistics (e.g., majored in stats in undegrad)
prior forecasting experience
pandas/matplotlib knowledge
background in AI and economics
experience with AI benchmarking (running or analyzing results from them)
enthusiasm about the work epoch has already done
scientific writing – e.g., being able to take a statistical result about some data and put it in plain english people without as technical a background can understand

Project selection process

Scholar will pick from a list of projects

Gabriel Kulp

Systems Security

In this project, we will explore GPU side-channel attacks to extract information about model usage. A simple example is to observe (via radio, power fluctuations, acoustics, etc.) which experts were used in each forward pass of an MOE model, then use those observations to guess which tokens were produced.

Mentorship structure

Co-working 2-4 hours per week, including detailed guidance. Flexible. 1 hour check-ins per week. You can schedule ad-hoc calls if stuck or wanting to brainstorm.

Desired scholar characteristics

Please note: experience with hardware is not a requirement for this stream, as long as you are willing to work hard and learn fast, and can show other evidence of exceptional ability. If in doubt: we encourage you to apply!

We will provide you with a lot of autonomy and plug-and-play access to a rare combination of tools and equipment—in exchange we expect you to have a strong self-direction, intellectual ambition, and a lot of curiosity. This stream requires you to have a tight experiment loop to form and test hypotheses on the fly.

Example skill profiles:

Machine learning: familiarity with LLM architecture, especially for mixture-of-experts. Making classifier, regression, and generative models for unusual data types.
Math: statistical tests of correlation and mutual information.
Electrical engineering: signal processing, transmission lines, antennae and radio, switching power supplies.
Hardware: GPU architecture (memory and compute), PCIe traffic, matrix multiplication circuits, dynamic frequency scaling.

Must have: Trained or fine-tuned a transformer language model in PyTorch (toy models and following guides is fine). Familiar with basic electronics concepts (voltage, current, transistors). Has experience writing research papers, even as a class assignment.

Nice to have: Familiarity with LaTeX, PyTorch internals, CUDA/OpenCL, GPU architecture, chip design, oscilloscopes, signal processing, electrical engineering.

Project selection process

There is a cluster of potential projects to choose from. As a team, we will decide which to pursue based on individual interest and skills. Mentors will pitch example projects and scholars can then modify and re-pitch them. Once the research problem, hypothesis, and testing plan are written and agreed on, scholars begin object-level work. We encourage failing fast and jumping to a fallback project.

Keri Warr

Systems Security

Implementing SL4/5 and searching for differentially defense-favored security tools.

Mentorship structure

I love asynchronous collaboration and I'm happy to provide frequent small directional feedback, or do thorough reviews of your work with a bit more lead time. A typical week should look like either trying out a new angle on a problem, or making meaningful progress towards productionizing an existing approach.

Desired scholar characteristics

Essential:

Excited about doing Security Engineering work in partcular
Non-zero experience in all three of: Software engineering, Cybersecurity, and Machine Learning
Ability to quickly unblock yourself
Willing to trade off against how shiny your project is in favor of doing work that will be impactful within the next 12 months

Preferred:

Significant depth in at least two of: Software engineering, Cybersecurity, or Machine Learning
Excited about delivering working open source code in addition research papers

Project selection process

Mentor(s) will talk through project ideas with scholar, or scholar will pick from a list of projects.

Kristian Rönn

Systems Security

Mauricio Baker

Systems Security

Policy and Governance

This stream focuses on AI policy, especially technical governance topics. Tentative project options include: technical projects for verifying AI treaties, metascience for AI safety and governance, and proposals for tracking AI-caused job loss. Scholars can also propose their own projects.

Mentorship structure

We'll meet once or twice a week (~1 hr/wk total, as a team if it's a team project). I'm based in DC, so we'll meet remotely. I (Mauricio) will also be available for async discussion, career advising, and detailed feedback on research plans and drafts.

Desired scholar characteristics

No hard requirements. Bonus points for research experience, AI safety and governance knowledge, writing and analytical reasoning skills, and experience relevant to specific projects.

Project selection process

I'll talk through project ideas with scholar

Frequently asked questions

What is the MATS Program?

The MATS Program is a 10-week research fellowship designed to train and support emerging researchers working on AI alignment, transparency and security. Fellows collaborate with world-class mentors, receive dedicated research management support, and join a vibrant community in Berkeley focused on advancing safe and reliable AI. The program provides the structure, resources, and mentorship needed to produce impactful research and launch long-term careers in AI safety.

Who are the MATS Mentors?

MATS mentors are leading researchers from a broad range of AI safety, alignment, governance, field-building and security domains. They include academics, industry researchers, and independent experts who guide scholars through research projects, provide feedback, and help shape each scholar’s growth as a researcher. The mentors represent expertise in areas such as:

Agent foundations and decision theory
Control & monitoring of AI systems
Mechanistic and concept-level interpretability
Capability evaluations and benchmarking
Cybersecurity, adversarial robustness, and safeguards
Forecasting, game theory, and national/international governance
Threat modeling, compliance verification, and compute proliferation
Model organisms, red-teaming, and deceptive alignment
Hardware interventions and information security

View past and current mentors

What are the key dates of the MATS Program?

Key dates

Application:

General application period (May 12th to June 7th)
Additional evaluation (June 7th through late July)
Final offers (late July/early August)

The main program will then run from September 28th to December 4th, with the extension phase for accepted fellows beginning in December.

‍

Who is eligible to apply?

MATS accepts applicants from diverse academic and professional backgrounds - from machine learning, mathematics, and computer science to policy, economics, physics, cognitive science, biology, and public health, as well as founders, operators, and field-builders without traditional research backgrounds. The primary requirements are strong motivation to contribute to AI safety and evidence of technical aptitude, research potential, or relevant operational experience. Prior AI safety experience is helpful but not required.

How does the application and mentor selection process work?

Applicants submit a general application, applying to various tracks (Empirical, Theory, Strategy & Forecasting, Policy & Governance, Systems Security, Biosecurity, Founding & Field-Building.

In stage 2, applicants apply to streams within those tracks as well as completing track specific evaluations.

After a centralized review period, applicants who are advanced will then undergo additional evaluations depending on the preferences of the streams they've applied to before doing final interviews and receiving offers.

For more information on how to get into MATS, please look at this page.

The MATS Program seeks individuals who are deeply motivated by AI alignment, transparency, and security, and who are equipped with the skills and mindset to contribute to cutting-edge research. Sign-up below to get updates from our newsletter.

Thank you! Your submission has been received.

Something went wrong, please try again.

Organization

Research About Us Careers Transparency FAQ

People

MATS Mentors MATS Alumni MATS Team

MATS Program

Program Application Getting into MATS

Applications Open

Autumn 2026

Get involved

Donate Contact us

Cookies Notice: This website uses cookies to identify pages that are being used most frequently. This helps us analyze data about web page traffic and improve our website. We do not and will never sell user data. Read more about our cookie policy on our privacy policy. Please contact us if you have any questions.

Site by Osborn Design Works