AI Safety Atlas Ch.4 — Compute Governance
Source: Compute Governance | 12 min | Authors: Charles Martinet, Markov Grey, Su Cizem, Charbel-Raphaël Ségerie
Compute is the most promising governance target because only a handful of companies make the chips needed for advanced AI. Government control of supply chains is one of the few practical levers for limiting who can create highly capable AI. See compute-governance.
Why Compute Meets All Three Criteria
- Measurable — FLOPs are precise; training runs leave physical traces (data centers, energy use)
- Controllable — supply chain has chokepoints: NVIDIA ~80% of AI training GPU market share; TSMC dominates fabrication; ASML produces the only EUV lithography machines
- Meaningful — “compute requirements directly constrain what AI systems can be built”
Tracking the Supply Chain
The AI chip supply chain has structural concentration:
- NVIDIA: ~80% AI training GPU market
- TSMC: dominant chip fabrication
- ASML: monopoly on cutting-edge lithography
- Private companies: >80% of global AI computing capacity (governments + academia <20%)
- AWS, Microsoft, Google: ~65% of cloud computing services
The Atlas’s strategic recommendation: target only specialized AI chips, not general-purpose hardware. “By targeting only the most advanced AI-specific chips, we can address catastrophic risks while leaving the broader computing ecosystem largely untouched.”
Monitoring
Frontier training leaves observable footprints:
- Energy consumption — most reliable; hundreds of MW patterns
- Network traffic patterns
- Hardware procurement records
- Cooling/thermal signatures
- Power substation construction
Compute Thresholds in Existing Regulation
- US Executive Order on AI — notification required for training runs >10²⁶ operations
- EU AI Act — risk assessments for >10²⁵ operations
Cloud Providers as Regulatory Chokepoints
“Cloud providers’ position between hardware and developers allows them to implement controls that would be difficult to enforce through hardware regulation alone.” Proposed: KYC requirements for cloud compute access, similar to financial-services KYC.
On-Chip Controls
Active control mechanisms built into hardware:
- Usage limits — capping compute for unauthorized AI workloads
- Secure logging — tamper-resistant chip-usage records
- Location verification — chips operate only in approved facilities
- Safety interlocks — automatic pause if conditions aren’t met
Parallel to existing cybersecurity (Intel SGX, TPMs). Could expand existing chip monitoring for governance purposes.
Limitations
Algorithmic Efficiency Erodes Static Thresholds
“The same compute achieves more capability over time.” Llama-3 8B outperforms Falcon 180B. Reasoning/inference-time scaling improves capabilities without changing training compute. Static compute thresholds become unreliable.
Domain-Specific Risks
Specialized models (biological, cybersecurity domains) might develop dangerous capabilities below typical regulatory thresholds.
Power Concentration
Overly restrictive controls accelerate power concentration — only a few orgs can afford frontier compute. Adds barriers between large tech and academic researchers, reducing independent oversight.
Inference Challenges
Trained models run on much less compute than training required → controlling existing model usage is harder.
Distributed Training
Currently requires concentrated compute (communication-bound). Algorithmic advances could split training across smaller facilities, making detection harder.
Strategic Integration
Compute monitoring works as initial screening, not sole regulatory determinant — “identifying models warranting further scrutiny.” Most effective when triggering downstream oversight (notification requirements, risk assessments).
“Technical measures alone cannot address systemic risks that emerge from competitive dynamics and global deployment.” Compute governance must integrate with corporate, national, and international initiatives.
Connection to Wiki
This subchapter is one of the most strategically actionable in the entire textbook. Connections:
- compute-governance — the dedicated concept page
- effective-compute — the technical decomposition (software × hardware × chips)
- ai-governance — compute governance is the most-developed governance instrument
- atlas-ch1-capabilities-09-appendix-forecasting — chip supply-chain economics
- summary-substack-benjamin-todd — Netherlands/ASML as TAI-relevant ally
- information-security — chip-level security mechanisms
- US-China semiconductor export controls (specific governance instrument; not yet a dedicated wiki page)