AI Sandboxes: A Unified Threat Model and Measurement Framework
The research identifies systemic vulnerabilities in current AI testing methodologies, specifically the failure of digital-only sandboxes to mitigate kinetic risks in embodied AI. In cyber-physical systems (CPS), AI agents can bypass digital isolation to manipulate physical environments or human operators. This research introduces a formalized taxonomy and a multi-dimensional measurement framework—incorporating fidelity, controllability, and containment—to address sandbox escape vectors and adversarial attacks on the monitoring apparatus. The framework provides a standardized methodology for validating the safety and security of complex AI deployments through high-fidelity simulation and formal evidence composition.
FBI Kinetic Cyber Range KCR
The FBI has deployed a "Kinetic Cyber Range" (KCR), a high-fidelity physical replica of a small-town ecosystem, to simulate cyber-physical attacks against critical infrastructure. Unlike traditional virtual sandboxes, the KCR utilizes hardware-in-the-loop simulations involving ICS/SCADA systems for water and power, Medical IoT, and EHR platforms. The range enables researchers and responders to model cascaded failure events—where a single network compromise propagates through municipal DNS and ISP infrastructures to trigger physical equipment damage and life-safety disruptions. This environment is critical for quantifying kinetic impact and improving inter-agency recovery orchestration during ransomware-induced service outages.