Why a misleading “red team” study of the gene synthesis industry wrongly casts doubt on industry safety


The International Gene Synthesis Consortium (IGSC), an organization of the world’s leading gene synthesis companies, continues to drive the advancement of biosecurity screening. A recent “red teaming” (i.e. adversarial) screening evaluation performed by a group of graduate students under the guidance of SecureBio, a non-profit, and highlighted in media reports draws inaccurate and specious claims about the results of the red team’s evaluation.

The IGSC and its member companies support the continued evolution of biosecurity screening protocols and view red teaming as an important tool to measure screening system performance. These companies manufacture synthetic DNA for a wide range of applications, including development of new therapies for devastating disease, development of diagnostic tests, pandemic preparedness, agriculture, biomaterials, and more. Today, IGSC member companies screen both customers, to ensure they engage only in responsible research, and the nucleic acid sequences ordered, to identify any sequences that convey pathogenicity.

In April, the White House Office of Science and Technology Policy (OSTP) published a screening framework building on the  government’s updated guidance to the synthetic DNA industry released last October. The framework extends the guidance to a wider array of synthetic nucleic acid producers, asks that providers and benchtop manufacturers publicly attest that they adhere to the framework, and requires that providers and manufacturers ensure cyber- and information security in their systems. The framework also limits the purchase, by federal agencies and by organizations funded by federal agencies, of synthetic nucleic acids to only those companies attesting they adhere to the framework. Several IGSC member companies already operate by these more stringent standards, the most rigorous in the industry.

The recent red-teaming evaluation by Rey Edison, Shay Toner, and Kevin Esvelt incorrectly characterized industry biosecurity screening performance. Specifically, in late 2023, Edison and Toner, graduate students from the Massachusetts Institute of Technology (MIT), working with Esvelt, a professor at the university, ordered short segments of a virus from multiple commercial DNA synthesis companies, including IGSC member companies, to be delivered to a commercial building adjacent to MIT’s campus.

AI in war: Can advanced military technologies be tamed before it’s too late?

The authors of the evaluation make two major arguments in this report: 1) that DNA synthesis companies ‘missed’ the pathogen sequence in the orders and 2) that ordering pieces of DNA from multiple vendors allowed them to reconstruct a gene from the 1918 influenza virus. Both of these arguments demonstrate a misunderstanding of the government guidance and the state of the art in biosecurity sequence screening to enable safe, responsible research to proceed.

IGSC member companies screened both the sequence and the customer in accordance with 2023 guidance from the US government. Multiple IGSC member companies detected the ordered sequence and determined the order to be legitimate as defined in the 2023 guidance. Specifically, the orders were placed on behalf of SecureBio, an organization known to IGSC member companies given the role played by SecureBio in the SecureDNA project, an effort to build a DNA synthesis screening system. In addition, the name on the orders was an individual who has co-published multiple times with  Esvelt, an individual well known to IGSC companies to work in viral evolution and who is known to have access to laboratory facilities sufficient to work safely with the ordered material.

In short, the system worked as designed: a legitimate individual ordered DNA sequence that, by itself, posed no risk of misuse, for delivery to a company associated with legitimate scientific contributions directly relevant to the sequence that was ordered.

Biosecurity screening has been actively supported and prioritized by the synthesis industry since at least 2009, and the IGSC formed, in part, to enable cross-organizational communication when concern arises. Detecting the ordering of small pieces of a given DNA sequence from multiple DNA providers is a challenge that has been well-described since at least 2010. This red-teaming exercise again demonstrated that there remains no screening solution to address this challenge, including the use of the SecureDNA tool suggested by the authors. SecureDNA would only have detected the combined output of these orders if all synthesis companies, globally, adopted their software platform for biosecurity sequence screening. It is not reasonable to assume a single screening platform could or should address the needs of dozens of synthesis companies and benchtop synthesis manufacturers across diverse company sizes and markets. The IGSC remains supportive of any efforts to address this well-understood gap but also believes it is critical to maintain a robust community of sequence screening tools, algorithms, and vendors to spur continued innovation.

How AI surveillance threatens democracy everywhere

The government has recently taken steps to incentivize biosecurity screening and recognized the need for standards by which to measure screening system performance. The National Institute of Standards and Technology (NIST) has begun this important work but this red teaming effort highlights the need for more formal government guidance on structured evaluation and stress testing of screening systems to be led by the Department of Homeland Security (DHS) as required under the 2023 Executive Order on Artificial Intelligence.

Maintaining robust biosecurity measures and responsible DNA screening protocols is paramount for fostering a thriving and sustainable biotechnology industry. Accurate representation of any evaluations or red teaming surrounding these safeguards builds public trust, mitigates potential misuse of sensitive materials, and ensures regulatory compliance. The proactive approach to biosecurity practiced by the IGSC since its inception in 2010 upholds the integrity of the industry, protects intellectual property, and cultivates an environment conducive to innovation. Publication of third-party red teaming containing inaccurate and misleading information, as in this case, casts doubt on the safety of the industry and undermines stakeholder confidence while providing no public benefit.

The IGSC and its member companies remain dedicated to the responsible synthesis and use of nucleic acids. The organization and its members will continue to collaborate to improve biosecurity screening practices and to ensure the use of synthetic nucleic acids remains safe.

Together, we make the world safer.

The Bulletin elevates expert voices above the noise. But as an independent nonprofit organization, our operations depend on the support of readers like you. Help us continue to deliver quality journalism that holds leaders accountable. Your support of our work at any level is important. In return, we promise our coverage will be understandable, influential, vigilant, solution-oriented, and fair-minded. Together we can make a difference.

Keywords: AI, gene synthesis
Topics: Biosecurity

Get alerts about this thread
Notify of
Inline Feedbacks
View all comments


Receive Email