Foundations of Language Model Security Workshop @ EurIPS 2025

EurIPS workshop 2025 header
Date: December 6-7, 2025

We are excited to announce that ELSA members are co-organizing a workshop at the 2025 EurIPS conference: Foundations of Large Language Models – Theory, Practice, and Open Problems.

This workshop brings together researchers in adversarial robustness, conversational and sociotechnical AI safety, and broader LLM security to move beyond surface-level observations—probing the mechanisms behind vulnerabilities and charting a path toward genuinely secure architectures.

Emphasizing foundational understanding over incremental improvements, we ask:

  • What mathematical and computational properties make language models inherently vulnerable?
  • How can interpretability inform our view of attack surfaces and defense mechanisms?
  • Which evaluation frameworks can bridge the gap between benchtop metrics and real-world security failures?
  • What blind spots persist in our current research programs and conceptual frameworks?

Our goal is to catalyze rigorous, cross-disciplinary discussion that advances the theoretical, empirical, and evaluative foundations of language model security.

Workshop Format

The workshop consists of four thematic blocks. Each block includes an expert keynote (45 minutes), two contributed talks (15 minutes), and an extended guided discussion (45 minutes) among participants, presenters, and domain experts. Our format prioritizes deep engagement and discussion over talk density.

  1. Emergent Security in Complex AI Ecosystems
    Keynote: Verena Rieser (Google DeepMind)
  2. TBA
    TBA
  3. Trade-offs in System-level defences against Prompt Injections
    Keynote: Ilia Shumailov
  4. Practical LLM security
    Keynote: Kathrin Grosse (IBM Research)

Call for Talk Contributions

The workshop organizers invite short contributed talks that advance the foundations of language model security. They are especially interested in work that clarifies the mathematical and computational properties underlying vulnerabilities, sheds light on how model internals process adversarial inputs, and proposes evaluation frameworks that better capture real-world security risks.

Submission deadline: October 17

Submission Guidelines

  • Format: Talk proposals only—no papers, no archival proceedings
  • Requirements: Title, 200-300 word abstract, optional one-page summary or single slide
  • Platform: OpenReview (link forthcoming by October 7)
  • Talk Length: 7-minute spotlights (8 talks total, 2 per thematic block)

Learn more

You can find an information overview, the detailed schedule, and more information about the organizers, speakers, and contact possibilities on the official workshop website.

Official website