Transport AI Safety Governance Report——What AI Safety Risk Prevention and Control Can Do in the Transportation Sector

Transport AI Safety Governance Report——What AI Safety Risk Prevention and Control Can Do in the Transportation Sector, and How to Do It

A Complete and Detailed Report for Decision-Making Reference by Leaders in the Transportation Sector

Zhendong Xie, Yucong DuanGuangdong Smart Transportation Association

Recommended Use Scenarios: ministerial-level assessment, inter-ministerial communication, local deployment, project reserve, pilot demonstration, standardization promotion

Analytical Main Line: organization-level control | semantic-layer governance | knowledge-layer white-box evaluation | intelligent-agent action auditing | lawful access governance

Special Note: This report is based on current public policies and industry realities. It emphasizes equal attention to development and safety, scenario-driven implementation, standards-first deployment, and audit-supported governance.

April 2026

Transport AI Safety Governance Report | 1

Executive Summary for Leaders

Transportation has entered a high-risk stage of artificial intelligence governance. The objects of risk are not merely algorithmic errors, but goal drift, semantic mismatch, inexplicable knowledge, unauditable action chains, uncontrolled access boundaries, and suspended organizational responsibility.

What the Ministry of Transport should prioritize is not the capability of a single model, but five categories of capability packages: the purpose layer of organization-level control, semantic-layer governance, knowledge-layer white-box evaluation, intelligent-agent action auditing, and lawful access governance.

The current period is a window for systematic layout. The 2025 Implementation Opinions on “Artificial Intelligence + Transportation” proposes that, by 2027, typical scenarios should be widely applied, the comprehensive transportation large-model system should be implemented, and a group of intelligent agents should be popularized and applied; by 2030, a relatively complete AI governance system in the transportation field should be formed.

The Ministry of Transport can immediately do ten things: establish a catalog of high-risk AI scenarios and a graded regulatory framework; build industry white-box evaluation capabilities; promote organization-level control and goal governance; establish an action auditing and responsibility-tracing system; build a lawful access governance system; improve event reporting and review mechanisms; use standardization pilots to drive implementation; organize small-scope pilot demonstrations; establish a cross-level coordination mechanism; and build a talent and training system.

Risk prevention and control should not be turned into a tool of purely ex-post regulation, formalism, or suppression of innovation. Instead, it should be built as an industry foundational project that gives equal priority to high-level safety and high-quality development.

The Four Most Important Signals in the Current Policy Window

Signal	Main Basis	What It Means for the Ministry
Development and governance are placed side by side	The Implementation Opinions on “Artificial Intelligence + Transportation” proposes that a relatively complete AI governance system in the transportation field should be formed by 2030	It is now possible to discuss not only development, but also the governance foundation
Scenarios have entered list-based management	The Ministry of Transport has publicly stated that it is promoting pilot demonstrations and landmark innovation projects around 860 typical scenarios	Work can begin from scenario lists rather than empty statements
Standardization pilots have become project-based	Smart transportation special standardization pilots continued to advance from 2025 to 2026	Safety risk prevention and control can be embedded into pilots and standards validation
Access and OTA regulation are tightening	Requirements for intelligent connected vehicle product access, recalls, and software online upgrades have strengthened testing validation, parameter reporting, and event reporting	White-box evaluation, action auditing, and access governance now have strong real-world entry points

Description of Report Purpose and Analytical Method

This report is a systematic analysis prepared for leaders of the Ministry of Transport around the core question of “what AI safety risk prevention and control can do in the transportation field, and how to do it.” It does not aim at promoting a single technology. Instead, it follows the main line of “governable, evaluable, auditable, and implementable,” and attempts to answer questions at three levels. First, why has the transportation field already entered the stage of high-risk artificial intelligence governance? Second, what exactly can transportation authorities actively do at this stage, rather than merely respond passively? Third, through what kinds of organizational, institutional, standards-based, pilot-based, and capability-building paths can “AI safety risk prevention and control” be turned from an abstract slogan into a sustainably operating work system?

The analytical method adopted in this report is “reality first, technology second; system first, single point second; boundary first, capability second.” In other words, we do not understand AI risk merely as model hallucination, algorithmic bias, or cyberattack. Instead, we place it back into the highly complex real system of transportation: who sets goals, who bears responsibility, who holds definitional authority, who owns data and interfaces, who operates the system, who bears accountability after an accident, and who bears actual costs during pilots. This analytical method requires us to see not only explicit inputs, but also omitted structural conditions, institutional constraints, organizational incentives, and real-world feedback. For the transportation system, risk does not only come from “the model output was wrong.” It also comes from goal drift, semantic mismatch, suspended responsibility, permission overreach, incomplete logs, excessive automation, failure of scenario migration, and the disconnect among technology, institutions, and organizations.

Therefore, this report defines AI safety risk prevention and control as a unified runtime, rather than a collection of scattered measures. It contains at least five categories of core capabilities. First is the purpose-layer capability of organization-level control: clarifying system goals, priorities, and boundaries to prevent local optimization from squeezing public safety and system stability. Second is semantic-layer governance capability: ensuring that rules, terms, states, and alerts are understood in the same way across departments, systems, devices, and modes. Third is knowledge-layer white-box evaluation capability: not only examining “whether the answer is correct,” but also examining whether the knowledge structure, rule dependencies, and reasoning chain are explainable, verifiable, and reviewable. Fourth is intelligent-agent action auditing capability: allowing “who triggered, who decided, who executed, who took over, who exceeded authority, and who is responsible” to be continuously traced. Fifth is lawful access governance capability: establishing boundary control, permission management, and anomaly auditing for data, models, interfaces, tools, and remote calls.

Based on the above method, this report responds to the current national policy deployment of “Artificial Intelligence + Transportation” while also respecting the realistic duty boundaries of the Ministry of Transport as the industry authority. In other words, the report does not pursue abstract theoretical perfection, but practical tools, mechanisms, and routes that can truly be implemented at the ministerial level. For leaders, the most important thing is not to obtain another grander narrative, but to obtain a working draft that can be used for internal assessment, inter-ministerial communication, local deployment, project reserve, and pilot organization.

Executive Summary

The basic judgment of this report is that transportation has become one of the most typical, urgent, and demonstrative industries for high-risk artificial intelligence governance in China. The reason is not that the transportation industry is the most “fashionable” or technologically “frontier,” but that it naturally has six characteristics at the same time. First, it has strong real-world coupling. AI outputs directly enter vehicles, road networks, airports, ports, waterways, warehousing, dispatching, and emergency response, rather than staying at the level of information recommendation. Second, it has strong safety constraints. Any system deviation may spill over into personal casualties, infrastructure damage, or large-scale operational interruption. Third, it has strong multi-actor coordination. Competent authorities, operators, platform companies, equipment manufacturers, map services, vehicle terminals, drivers and passengers, emergency systems, and local governments jointly form a complex coordination network. Fourth, it has strong institutional dependence. Industry access, operating rules, accident reporting, dispatching authority, and safety responsibility are all highly institutionalized. Fifth, it has strong scenario heterogeneity. Highways, railways, water transport, civil aviation, postal services, low-altitude transportation, and integrated logistics each have different risk structures. Sixth, it has strong public visibility. Once the system makes an error, the consequence is not only a technical failure, but also a public trust issue.

Therefore, AI safety risk prevention and control in the transportation field must not be understood as “patch work” for a single technical link. What truly needs to be built is an industry-level governance architecture. Its core tasks include establishing a catalog and grading mechanism for high-risk AI scenarios, building a governance process covering the entire chain of research and development, testing, deployment, operation, upgrade, auditing, and withdrawal, forming a safety capability foundation centered on white-box evaluation, action auditing, and access governance, promoting the construction of high-quality datasets, industry models, and standardized testing and validation platforms, and turning these capabilities into industry rules, toolchains, and organizational habits through pilot demonstrations.

At the level of “what can be done,” the Ministry of Transport can do at least ten major things. First, it can lead the establishment of a catalog of high-risk AI applications in transportation and a graded regulatory framework. Second, it can build industry-level white-box evaluation capabilities and testing scenario libraries around typical high-risk scenarios. Third, it can promote the construction of intelligent-agent action auditing and responsibility-tracing systems. Fourth, it can establish lawful access governance mechanisms for data, models, interfaces, remote upgrades, and cross-system calls. Fifth, it can organize the construction of safety baselines for comprehensive transportation large models and industry intelligent agents. Sixth, it can improve event monitoring, reporting, assessment, and review systems. Seventh, it can use standardization pilots as a lever to promote the implementation of evaluation, auditing, and governance standards. Eighth, it can use key scenario pilots and demonstration projects to form replicable governance templates. Ninth, it can establish a “ministry–province–enterprise–third-party institution” division-of-labor and coordination mechanism. Tenth, it can promote talent training, interdisciplinary teams, and regulatory technology capability building.

At the level of “how to do it,” this report recommends a route of “one general framework, five categories of core capabilities, seven industry adapters, and a three-level implementation rhythm.” One general framework means treating “organization-level control—semantic governance—white-box evaluation—action auditing—access governance” as a unified main line, rather than mutually separated local projects. The five categories of core capabilities are the five capability packages mentioned above. The seven industry adapters are highways and urban traffic, railways, water transport and ports, civil aviation, postal express delivery, infrastructure construction and maintenance, and integrated logistics and hubs. The three-level implementation rhythm means completing institutional, catalog, pilot, platform, and standards reserves in the first year; forming demonstrations, standards, platforms, and training systems within three years; and promoting institutionalization, scaling, and cross-regional replication within five years.

The final recommendation of this report is that the Ministry of Transport should not understand “AI safety risk prevention and control” merely as ex-post regulation, but should upgrade it into an industry foundational project that gives equal priority to “high-level safety and high-quality development.” In other words, whoever first establishes white-box evaluation, intelligent-agent auditing, and lawful access governance capabilities is more likely to move both fast and steadily to the front in the next round of “Artificial Intelligence + Transportation” competition.

1. Why Transportation Has Entered the Stage of High-Risk AI Governance

To answer “what can be done in the transportation field,” one must first answer a more basic question: why is transportation no longer digital upgrading in the general sense, but has entered the stage of high-risk artificial intelligence governance? Only when this judgment is clear will the subsequent measures avoid fragmentation.

First, AI applications in transportation have moved from information assistance toward operational control and organizational dispatching. In the past, AI applications in transportation were mainly concentrated in relatively peripheral links such as video recognition, route recommendation, ticketing marketing, and facility inspection. Today, the situation has changed. With the development of vehicle–road–cloud integration, combined assisted driving, autonomous collaborative train control, intelligent ships, autonomous port equipment, airport operation optimization, air-traffic flow prediction, unmanned logistics delivery, and comprehensive transportation large models, AI has begun to enter positions that “truly affect operational logic.” Once AI moves from “helping people see” to “helping people control, dispatch, judge, and act,” the nature of risk changes. At this point, system output is no longer merely advice. Through dispatching, control, authorization, alerts, allocation, takeover, and other paths, it substantially changes the operating state of the transportation system.

Second, transportation is a highly coupled systems engineering field. An algorithm cannot change only one local point without affecting other links. A vehicle–road coordination strategy in road traffic may affect tolling systems, emergency command, traffic-police enforcement, vehicle terminals, and public experience. A flight recovery algorithm in an airport may simultaneously affect dispatch, crews, ground services, support resources, and passenger chains. Automated loading and unloading dispatch in a port may affect maritime affairs, yards, railway connections, and foreign trade chains. High coupling means that local optimization can easily become a systemic problem. It also means that AI safety risk prevention and control cannot focus only on the model itself, but must rise to the organizational and system levels.

Third, transportation has an inherent public safety attribute. Unlike most internet services, mistakes in transportation systems often directly enter the physical world, and consequences spill over extremely quickly. A wrong alert, an unauthorized remote control, an incorrect routing instruction, an abnormal OTA upgrade, or a semantic inconsistency among multiple systems may cause casualties, infrastructure damage, regional transportation interruption, or even cross-regional social impact. In other words, AI safety risks in transportation are not only technical risks, but also public safety risks, governance risks, and social stability risks.

Fourth, the responsibility chain in transportation is highly sensitive. Traffic accidents, operational delays, equipment failures, port interruptions, airspace conflicts, and logistics anomalies all require clear responsibility. Once AI becomes deeply involved, the traditional responsibility chain will be lengthened or even broken. What responsibility is borne by the model supplier, platform operator, equipment manufacturer, data provider, algorithm integrator, dispatching department, user, and regulator? Without new auditing and mapping mechanisms, it is easy after an accident to face a situation in which “the technology cannot be explained clearly, responsibility cannot be divided clearly, and rectification cannot be implemented.” One important goal of risk prevention and control is to solidify the responsibility chain before accidents occur, rather than debate after an accident “whose problem it really was.”

Fifth, the transportation industry is in a period where policy promotion and technology sinking overlap. At the national level, China has clearly promoted the scaled innovative application of “Artificial Intelligence + Transportation,” and proposed that by 2027, typical scenarios should be widely applied, a comprehensive transportation large-model system should be deployed, a group of intelligent agents should be popularized and applied, and landmark innovation projects should be completed; by 2030, a relatively complete AI governance system in the transportation field should be formed. The more active the policy is, the more it means that regulatory, testing, standards, and auditing capabilities must be built simultaneously. Otherwise, a structural risk will arise in which “application speed exceeds governance speed.”

Sixth, the real-world governance complexity of transportation is far higher than that of a single product. There are relationships between central and local authorities, between industry authorities and territorial regulators, and among enterprises and public institutions, platform companies, research institutions, equipment manufacturers, standards organizations, and third-party institutions. Many risks are not caused simply by “immature technology,” but by unclear organizational boundaries, inconsistent standards, inconsistent terminology, disconnected logs, and unclear permission allocation. If this is not recognized as a mixed institutional–organizational–technical problem, governance will repeatedly circle between single-point repairs and post-incident accountability.

Therefore, transportation is no longer only an “industry that applies AI,” but an “industry that must build high-risk AI governance capabilities.” This definition is very important. It determines that the core question leaders of the Ministry of Transport should ask is not “what new technology should be deployed next,” but “how to establish a safety risk prevention and control system that can operate over the long term.”

2. Current Policy Window and Real-World Constraints: Why Now Is the Time for Systematic Layout

From a policy perspective, the current period is precisely the critical window for systematically laying out AI safety risk prevention and control in the transportation field. A window period means that, on the one hand, the state has clearly encouraged and promoted the wide application of AI in typical transportation scenarios; on the other hand, governance systems, standards systems, testing and validation systems, and industry capability foundations have not yet fully taken shape. This is exactly the time to take the initiative, position in advance, and establish rules.

The most important top-level document is the Implementation Opinions on “Artificial Intelligence + Transportation”, issued in 2025 by the Ministry of Transport, the National Development and Reform Commission, the Ministry of Industry and Information Technology, the National Data Administration, the National Railway Administration, the Civil Aviation Administration of China, and the State Post Bureau. This document proposes that by 2027, AI should be widely applied in typical scenarios in the transportation industry, the comprehensive transportation large-model system should be implemented and deployed, a group of intelligent agents should be popularized and applied, and a number of landmark “Artificial Intelligence + Transportation” innovation projects should be completed; by 2030, a relatively complete AI governance system in the transportation field should be formed. The weight of this document lies in the fact that it sets development goals and, for the first time in a relatively systematic way, writes “governance system” into the final goal of transportation AI development. In other words, development and governance have been formally placed side by side in policy, rather than one being subordinate to the other.

Further statements by the Ministry of Transport at its 2025 regular press conference also show the strength of this direction. The head of the Department of Science and Technology clearly proposed four key areas of advancement: strengthening scientific and technological research, laying out key technologies in national major science and technology projects under the 15th Five-Year Plan, consolidating the technical foundation by accelerating the construction of comprehensive transportation large models and intelligent-agent development capabilities, deepening scenario applications by promoting pilot demonstrations and landmark innovation projects around 860 typical scenarios that have been identified, and improving the standards system and industrial ecosystem. Two expressions deserve particular attention: “860 typical scenarios” and “standards system.” They mean that the transportation field is moving from conceptual discussion to list-based scenario management and rule-system formation. This provides a strong institutional entry point for safety risk prevention and control.

In the direction of standardization, since 2025, the Ministry of Transport and the State Administration for Market Regulation have successively promoted the first batch of national service-industry standardization pilots for smart transportation and the second batch of national standardization pilots for smart transportation. The focus has been on smart logistics, smart travel, and related new infrastructure, using pilot projects to establish standards systems, promote standards formulation, conduct implementation application evaluation, and form continuous improvement mechanisms. The second batch of pilots was announced in 2026 and required pilot units to complete detailed implementation plans, annual summaries, and achievement promotion within two years. This shows that transportation standardization pilots have moved from “advocacy” to “project-based execution,” providing a very realistic platform for research on the evaluation, auditing, and governance standards of high-risk AI.

In the direction of intelligent connected roads and autonomous driving, in 2025 the Ministry of Industry and Information Technology and the State Administration for Market Regulation further strengthened the management of intelligent connected vehicle product access, recalls, and software online upgrades. They explicitly required enterprises to conduct sufficient testing and validation, fill in technical parameters completely and accurately, submit relevant inspection reports or validation materials for product functions and performance, and strengthen event and accident reporting, risk assessment, and OTA activity management. The signal implied here is very clear: regulators are no longer satisfied with “enterprises saying that the system is usable.” They require verifiability, reportability, traceability, and rectifiability. This is highly consistent with the logic of white-box evaluation, action auditing, and access governance.

At the same time, real-world constraints must also be seen. First, maturity varies widely across transportation sub-industries. Highway autonomous driving, urban traffic signal optimization, port automation, railway autonomous control, civil aviation dispatch optimization, low-altitude traffic management, and postal-logistics robots do not have the same technological maturity or regulatory maturity. Second, many systems are jointly built by multiple organizations, and data, permissions, logs, and responsibility chains are naturally fragmented. Third, local governments are enthusiastic about pilots, but governance and evaluation capabilities may not keep pace. Fourth, enterprises easily understand “safety” as a local concept of “functional safety” or “cybersecurity,” while neglecting more systemic issues such as goal drift, rule conflict, tool overreach, semantic mismatch, and human-machine takeover failure.

Therefore, the key now is not only to “seize the policy window,” but to use this window to build the foundation. Whoever first establishes classification and grading catalogs, white-box evaluation platforms, action auditing mechanisms, lawful access governance rules, and standardized validation systems for high-risk AI in transportation during this stage will truly hold industry initiative in the coming years.

3. What Exactly Are AI Safety Risks in Transportation: The Object Must First Be Clearly Defined

When leaders of the Ministry of Transport ask “what AI safety risk prevention and control can do in the transportation field,” the first thing to face is not the answer, but the definition. If the object of risk is defined incorrectly, all subsequent work will go astray. In reality, there are two common deviations. One is to understand risk too narrowly, leaving only cyberattacks, data leakage, model hallucination, or system failure. The other is to understand risk too diffusely, calling almost every technical uncertainty a risk, with the result that governance cannot be organized. The truly effective approach is to define AI safety risk in transportation as “the combination of probability and consequence by which high-risk AI, in actual transportation operations, harms public safety, operational order, responsibility chains, institutional boundaries, and social trust.”

Accordingly, risks can be divided into eight categories.

First is purpose-layer risk. This means that system goals are defined incorrectly, ranked incorrectly, substituted incorrectly, or drift during operation. The typical manifestation is not that the model says one wrong sentence, but that the system optimizes around local indicators over the long term and sacrifices higher-level safety, stability, compliance, and fairness. For example, a dispatching system may continuously pursue efficiency improvement while compressing safety redundancy and human takeover windows under extreme conditions. A customer-service or capacity-matching system may continuously pursue throughput while gradually squeezing out protection rules for special groups. Purpose-layer risk is often the most hidden, because it looks as if “the system is working hard,” but the direction of effort has already deviated.

Second is semantic-layer risk. Transportation systems depend heavily on cross-actor coordination, and coordination first depends on semantic consistency. Semantic-layer risk means that different actors understand the same state, alert, rule, or permission differently, leading to system coordination mismatch. For example, seemingly simple words such as “takeover,” “stop,” “yield,” “abnormal,” “high risk,” and “return to normal” may cause systemic misjudgment if their definitions are inconsistent across different platforms, terminals, and roles. Semantic-layer risk does not necessarily manifest directly as an accident, but it is often a low-visibility precursor to accidents.

Third is knowledge-layer risk. This refers to gaps, errors, obsolescence, bias, or inexplicability in models, rule bases, knowledge graphs, or business logic. Knowledge-layer risk is different from data error. It is more like a problem in the system’s “understanding structure.” Typical manifestations include: the system can give conclusions, but cannot explain where they came from; different knowledge sources contradict one another without conflict resolution; the model performs well within the training distribution but rapidly degrades in real complex scenarios; the system over-relies on empirical rules and cannot identify new abnormal patterns.

Fourth is action-chain risk. Once AI is connected to actual actions such as dispatching, control, permissions, alerts, resource allocation, and remote upgrades, risk upgrades from “output was wrong” to “the system did the wrong thing.” Action-chain risk includes erroneous tool calls, execution at the wrong time, excessive automation, unauthorized actions, lack of fallback mechanisms, and lack of human takeover points. Many high-risk accidents do not necessarily originate from the algorithm itself, but from the system turning immature judgments directly into real actions.

Fifth is access governance risk. Transportation systems increasingly rely on data interfaces, model services, remote control, API calls, OTA upgrades, and cross-system linkage. If access boundaries are unclear, permission control is crude, log retention is insufficient, and abnormal access recognition is delayed, enormous systemic risk will arise. Access governance risk includes attacks and leakage in the sense of network and data security, but also includes internal organizational over-authorized calls, gray interfaces, broken responsibility chains, and uncontrolled outsourcing dependencies.

Sixth is human-machine collaboration risk. Many transportation AI systems are not fully unmanned, but are in a state of shared human-machine control. The greatest risk here is not independent system failure, but the human thinking the system knows, and the system assuming the human will take over, with neither side truly taking responsibility in the end. Typical manifestations of human-machine collaboration risk include attention transfer, automation dependence, unclear interaction prompts, delayed takeover timing, and ambiguous responsibility allocation. Such risks are particularly prominent in combined assisted driving, airport operation support, port equipment linkage, and emergency decision support.

Seventh is organizational and governance risk. A large part of AI safety problems in transportation does not come from models, but from organizations: who sets KPIs, who decides pilot launch, who has the authority to suspend the system, who is responsible for event reporting, who reviews suppliers, who organizes reviews, and who can veto overly risky deployment. This type of risk may appear “non-technical,” but it is extremely critical. Without organizational and governance capabilities, technical safety capabilities can easily be overridden by speed, cost, and political-performance impulses.

Eighth is social and institutional risk. Transportation is an important component of public service and public safety. Once a large-scale deviation or accident occurs in AI applications, it will affect not only operations, but also public trust, policy legitimacy, local governance pressure, and the pace of industry development. Therefore, AI safety risk prevention and control cannot look only at the local efficiency of a single system. It must consider institutional bearability, social acceptability, and long-term public trust.

Only by clearly distinguishing the above eight categories of risk objects can the subsequent work of the Ministry of Transport avoid remaining at the vague slogan level of “strengthening safety management,” and instead form differentiated measures for different levels of risk.

4. What Can Be Done in the Transportation Field: Systematic Layout from Ten Aspects

Answering “what can be done” cannot stop at principles. It must provide an operable task list. Based on the current policy window, industry reality, and risk structure, the Ministry of Transport can systematically lay out AI safety risk prevention and control from at least ten aspects.

First, establish a catalog of high-risk AI applications in transportation and a graded regulatory framework. Any system that enters chains such as operational control, dispatching decisions, remote upgrades, resource allocation, intelligent-agent actions, and public safety warnings should be prioritized for inclusion in the high-risk catalog. The value of the catalog does not lie in writing one more document, but in clarifying which systems must accept higher levels of testing, auditing, reporting, and review requirements. Without a catalog, regulatory objects are unclear and resources are difficult to focus.

Second, build industry-level white-box evaluation capability. White-box evaluation does not only look at system results. It also examines input structures, knowledge dependencies, rule boundaries, reasoning chains, action logs, and failure modes. The Ministry of Transport can fully lead the construction of industry large-model testing and validation platforms, testing scenario libraries, benchmark datasets, and evaluation specifications, turning “whether it can go online,” “under what conditions it can go online,” and “how to continuously validate it after going online” into institutional capabilities. For high-risk systems, without white-box evaluation, there is no real bottom line.

Third, promote organization-level control and purpose-layer governance. Many systems seem technically fine, but their goal definition and priority ordering are wrong. For example, in complex dispatching, blindly pursuing throughput efficiency compresses safety redundancy. In passenger transport services, blindly pursuing average response speed may harm the rights and interests of special groups. The Ministry of Transport can explicitly propose principles such as “goal constraints,” “priority control,” “human takeover windows,” and “safety priority must not be overridden by local efficiency” in industry guidelines and pilot requirements, thereby moving system-goal governance forward into the design stage.

Fourth, establish intelligent-agent action auditing and responsibility-tracing mechanisms. In the future, more and more intelligent agents will appear in transportation: road-network operation monitoring agents, safety-warning agents, emergency-command agents, dispatch-optimization agents, warehousing-dispatch agents, and so on. Without unified action logs, call records, authorization chains, and abnormal handling records, it will be difficult once problems occur to determine who triggered, who decided, who executed, who took over, and who exceeded authority. Action auditing is not accountability for the sake of accountability, but to make systems truly governable.

Fifth, build a lawful access governance system. Transportation systems are highly coupled with data platforms, control interfaces, model services, edge devices, and remote upgrade channels. The Ministry of Transport can fully treat “lawful access governance” as an independent topic in high-risk AI governance. It should clarify authorization boundaries, traceability requirements, and anomaly interception mechanisms for data retrieval, model calls, interface connectivity, OTA upgrades, and cross-system command issuance. Only by controlling access rights can system boundaries truly be protected.

Sixth, improve event monitoring, reporting, assessment, and review systems. High-risk AI systems cannot remain accident-free forever. The key is whether problems can be discovered, reported, assessed, and continuously improved in time. Existing accident reporting and event monitoring systems in transportation are mostly built around traditional equipment, vehicles, and operational events. In the future, AI-related elements must be added: model versions, rule updates, tool calls, data changes, OTA activities, human takeover situations, log completeness, unauthorized access, and so on. The Ministry of Transport can promote the establishment of “AI-related event reporting templates” and “high-risk AI review specifications,” so that problems can truly become sources of capability building.

Seventh, use standardization pilots to drive the implementation of the risk prevention and control system. Current smart transportation standardization pilots have entered the project-based implementation stage. The Ministry of Transport can embed high-risk AI white-box evaluation, action auditing, access governance, semantic consistency, and pilot review into the next round of pilot directions, transforming safety risk prevention and control from a single management requirement into a set of standardized validation tasks. This approach is more effective than simply issuing initiatives, because it directly enters project execution and result acceptance.

Eighth, organize a group of “small-scope, strongly validated” pilot demonstrations around typical scenarios. Many departments, when discussing AI risk prevention and control, easily fall into large and comprehensive plans. In fact, the most effective approach is to select several typical high-risk scenarios and do them thoroughly, such as combined assisted driving and roadside coordination on highways, autonomous driving shuttles in parks or port areas, port equipment dispatching, intelligent allocation at airport operation support nodes, low-altitude traffic permission governance, road-network operation monitoring, and emergency dispatching. Each pilot should be designed around “measurable, auditable, responsibility-traceable, and boundary-defensible,” rather than simply competing in automation degree.

Ninth, build cross-level and cross-actor coordination mechanisms. The Ministry of Transport cannot solve all problems alone. Effective risk prevention and control must form a “ministry–province–enterprise–research institution–third-party institution” coordination structure. The ministry is responsible for catalogs, standards, pilot directions, and supervisory frameworks. Provincial departments are responsible for scenario selection, local organization, and coordination. Enterprises are responsible for research and development, operation, and rectification. Research institutions are responsible for methods and tools. Third-party institutions undertake part of the evaluation, auditing, and independent validation tasks. Only with such coordination and division of labor can safety risk prevention and control avoid remaining at the level of “one enterprise proving its own safety.”

Tenth, promote talent, training, and regulatory technology capability building. High-risk AI governance cannot be completed by relying on a small number of experts. The transportation system must internally form a group of compound talents who understand both business and intelligent systems, both rules and technology, and who can examine both models and responsibility chains. For this purpose, the Ministry of Transport can organize cadre training, regulatory technology training, enterprise training, and standardization training, pushing the industry from “being able to use AI” toward “being able to govern AI.”

These ten tasks are not unrelated parallel items, but a closed loop: only with catalogs and grading can objects be focused; with objects, white-box evaluation and action auditing can be built; with evaluation and auditing, standards and pilots can be carried out; with pilots and standards, organizations and talent can be trained in return. For leaders, what truly needs to be grasped is not a single point, but this closed loop.

5. How to Do It, Part I: Establish “One General Framework, Five Categories of Capabilities, and Seven Adapters”

Faced with such a complex problem, if there is no sufficiently clear general framework, departments, industries, and projects can easily speak past one another. Therefore, this report recommends that AI safety risk prevention and control in transportation adopt the overall structure of “one general framework, five categories of capabilities, and seven adapters.”

The “one general framework” means understanding AI safety risk prevention and control as a unified runtime: starting from goal setting, passing through semantic governance, knowledge white-box evaluation, action auditing, and access governance, and finally landing in pilots, standards, reporting, rectification, and continuous optimization. This means that safety risk prevention and control is not an accessory in the research-and-development stage, nor a patch after accidents, but a system engineering project running through the whole chain. Without a general framework, technologies easily proceed separately, management easily governs separately, and the final result is that “there are indicators and there are accidents, but no one knows where the system failed to connect.”

The “five categories of capabilities” refer to the five core capability packages recommended for priority construction in this report. The first is the purpose-layer capability of organization-level control, which solves problems of goal definition, priority, and boundaries. The second is semantic-layer governance capability, which solves semantic mismatch and rule drift in cross-system and cross-actor coordination. The third is knowledge-layer white-box evaluation capability, which solves the difficulty of explaining and verifying models, rules, and reasoning chains. The fourth is intelligent-agent action auditing capability, which solves the responsibility-chain problem of “who did what, when, and why.” The fifth is lawful access governance capability, which solves the permission-boundary problem of data, models, interfaces, instructions, and toolchains.

The “seven adapters” mean attaching different domain adapters according to differences in industry scenarios on top of a unified main line. Specifically, they include the highway and urban traffic adapter, railway adapter, water transport and port adapter, civil aviation adapter, postal express delivery adapter, transportation infrastructure construction and maintenance adapter, and intermodal transportation and smart logistics adapter. The unified main line ensures that different sub-industries will not speak different languages, while scenario adapters ensure that the main line will not be too abstract to implement.

This structure has two practical benefits. First, it can prevent risk prevention and control from being fragmented into isolated “special governance” projects. Without a general framework, road autonomous driving, port automation, airport intelligent dispatching, low-altitude traffic, and logistics delivery can easily develop their own safety language, logging rules, and evaluation standards. Future integration would then be difficult. Second, it gives ministerial leaders a management grip. Leaders do not need to master all technical details, but they do need to know what is being unified, which capability packages must be prioritized, and which sub-industries can be advanced by adapters. This turns a complex problem from “impossible to start” into “guided by a clear outline.”

Therefore, “one general framework, five categories of capabilities, and seven adapters” is not only an analytical model. It can also be directly transformed into a working template for the Ministry of Transport’s subsequent organizational work, standards layout, pilot design, and project reserve.

6. How to Do It, Part II: Detailed Expansion of the Five Key Capabilities

The five key capabilities are not abstract terms, but can each be broken down into a set of clear tasks.

First, the purpose-layer capability of organization-level control. Any high-risk transportation AI system must first answer: what is the primary goal served by the system? How should safety, efficiency, punctuality, capacity, cost, experience, energy consumption, compliance, and emergency resilience be ranked? Which goals must never be overridden by other goals under extreme conditions? If these questions are not clarified at the design stage, remediation after the system goes online will often be extremely costly. The construction of purpose-layer capability includes goal-constraint models, priority rules, human takeover conditions, safety redundancy thresholds, conflict-scenario handling strategies, and approval mechanisms for goal changes. For regulators, this means promoting enterprises to report not only “what the system can do,” but also “under what goal constraints the system operates.”

Second, semantic-layer governance capability. Many accidents in transportation systems are not caused by hardware failure, but by “the same term, different understandings.” For example, terms such as “takeover,” “warning,” “stop,” “yield,” “return to normal,” “high risk,” and “manual priority” may not be consistent across the vehicle side, roadside side, platform side, duty personnel side, and emergency department side. Semantic-layer governance requires that key states, key actions, key alerts, and key permissions have unified terminology, unified state machines, and unified interface interpretations, and that they remain as consistent as possible across systems, vendors, and regions. The Ministry of Transport can fully treat semantic consistency as a focus of standardization and evaluation, rather than treating interface connectivity only as a technical problem.

Third, knowledge-layer white-box evaluation capability. At present, many systems can achieve good indicators on local tasks through black-box testing, but this is far from enough. In high-risk scenarios, it is necessary to know what knowledge the system depends on, what rules it adopts, how reasoning chains are formed, what the boundary conditions are, and how the system responds to data drift and abnormal situations. The construction of white-box evaluation capability includes rule-dependency analysis, knowledge-graph consistency verification, scenario-coverage testing, abnormal and long-tail sample testing, uncertainty labeling mechanisms, failure-mode libraries, and review replay tools. Building white-box evaluation capability is essentially turning “whether it is trustworthy” from an intuitive judgment into a structured judgment.

Fourth, intelligent-agent action auditing capability. Future transportation systems will increasingly adopt intelligent agents or semi-autonomous agents. At this point, “who triggered what action at what time” becomes a core governance issue. Action auditing requires that all key calls, key judgments, key switches, and key takeovers leave searchable, correlatable, explainable, and not-easily-tampered records. For transportation authorities, this capability serves not only daily regulation, but also accident investigation, dispute handling, responsibility determination, and improvement loops. Without action auditing, the stronger the so-called “intelligence,” the higher the opacity after an accident.

Fifth, lawful access governance capability. Many risks in transportation systems are not model errors themselves, but uncontrolled access and call boundaries. Who can access which data? Who can trigger remote instructions? Which models can directly link with vehicles, equipment, or signal systems? What parameter changes are involved in OTA upgrades? How should permissions for cross-platform, cross-enterprise, and cross-region interface calls be approved and recorded? These issues all belong to access governance capability. It requires establishing a graded system for data, models, interfaces, instructions, toolchains, and account permissions, along with boundary control mechanisms, abnormal access recognition mechanisms, post-event auditing mechanisms, and emergency response plans.

These five capabilities are not in a simple serial relationship, but in a networked relationship of mutual correction. The purpose layer determines what counts as deviation. The semantic layer determines how deviation is correctly understood. The knowledge layer determines why the system deviates. Action auditing determines how deviation can be traced. Access governance determines whether deviation may be amplified through overreach and boundary loss. A truly mature risk prevention and control system must build all five capabilities at the same time, rather than focusing on only one of them.

7. Industry- and Scenario-Based Implementation: What Different Transportation Modes Should Focus On

Although AI safety risk prevention and control needs a unified main line, the risk structures of different transportation modes vary greatly. Implementation must therefore be industry- and scenario-based.

In highways and urban traffic, the priorities should be combined assisted driving, vehicle–road–cloud coordination, road-network operation monitoring, safety warnings, and emergency dispatching. The core issues here are, first, semantic consistency between the vehicle side and the roadside side; second, human-machine takeover boundaries in combined assisted driving and remote coordination; third, long-tail risk identification in complex scenarios such as expressways, tunnels, bridges, and hubs; fourth, the impact of OTA upgrades and software-version changes on system boundaries. Therefore, the highway field should prioritize the construction of roadside–vehicle–cloud white-box evaluation systems, takeover and abnormal logging specifications, OTA change review and reporting mechanisms, and typical high-risk scenario test libraries.

In railways, scenarios such as intelligent driving, group operation control, intelligent power supply, and self-diagnosis and self-repair all belong to highly coupled, high-safety scenarios. One characteristic of railways is that the system structure is highly complex and the rule system is highly rigorous. Therefore, it is more suitable to prioritize the construction of organization-level control, rule consistency, abnormal response, and operations-and-maintenance auditing capabilities. AI risk prevention and control in railways should not focus only on “algorithmic accuracy,” but on system-level safety redundancy, trustworthiness of fault diagnosis, boundaries of automatic operation, and coordination of standards systems.

In water transport and ports, the key focuses are port automation, equipment dispatching, waterway inspection, intelligent ships, and maritime regulatory systems. Risks here are more often manifested as equipment coordination, dispatch conflicts, remote operation, complex logistics-chain linkage, and integrated regional water-traffic organization. Water transport and ports particularly need action auditing and access governance because there are many cross-system, cross-enterprise, and cross-node coordination activities. Slightly unclear boundaries can cause responsibility disputes. Scenarios such as ports and ship locks are suitable for local pilots first, to validate three-layer auditing mechanisms at the equipment, system, and organizational levels.

In civil aviation, risk prevention and control should focus on operational situation awareness, disturbance recovery, dispatching decisions, crew scheduling, airport node support, air-traffic control assistance, low-altitude aircraft applications, and intelligent regulation. The Civil Aviation Administration of China has separately issued the Implementation Opinions on Promoting the High-Quality Development of “Artificial Intelligence + Civil Aviation”, proposing six key areas—safety, operations, travel, logistics, regulation, and planning and construction—and refining 42 specific application scenarios with high promotion prospects. This means that civil aviation already has a good foundation for further refining high-risk AI governance catalogs and pilot routes. Civil aviation should especially emphasize the principles of “safety and controllability,” “demand orientation,” and “scenario empowerment,” advancing intelligent applications and safety-support systems simultaneously.

In postal express delivery, although single-point risks may appear lower than in civil aviation and railways, the sector is extremely large in scale, dense in network, complex in chain, and already heavily uses automated sorting, intelligent warehousing, unmanned delivery, intelligent dispatching, and remote monitoring. What needs the most attention here is access governance, equipment logs, remote safety monitoring, terminal-equipment boundaries, and full-chain data consistency. If the express delivery industry excessively pursues efficiency while neglecting permissions and logs, large-scale systemic hidden dangers can easily form.

In transportation infrastructure construction and maintenance, risk prevention and control should focus on monitoring, warning, assessment, and maintenance decision-making for bridges, tunnels, waterways, embankments, port basins, airport runways, and other infrastructure. One core issue here is that if AI output directly enters maintenance priorities and risk handling, it will generate major resource allocation and public safety consequences. Therefore, white-box evaluation, data-quality review, responsibility traceability, and human review must be emphasized.

In intermodal transportation and smart logistics, risks mainly manifest as interface and rule issues in cross-chain coordination, electronic documents, blockchain support, hub intelligent dispatching, and smart supply chain management. Such scenarios are suitable for advancing cross-actor semantic governance, lawful access governance, and event auditing, to avoid systemic risks caused by unclear interfaces, inconsistent standards, and broken responsibilities.

In short, different transportation modes each have their own focus, but none should depart from the unified main line. A truly mature governance architecture should achieve unified rule foundations, differentiated industry adaptation, phased pilot paths, and standards-system connectivity.

8. How to Design Pilot Demonstrations: Start from “Small-Scope, Strongly Validated, and Replicable”

Many industries make a common mistake when promoting AI: they pursue whole-system upgrading from the beginning. As a result, the scenarios are too large, the goals too many, and the responsibilities too dispersed, making the work difficult to validate and difficult to replicate. AI safety risk prevention and control in transportation must avoid this. What it needs most is a group of “small-scope, strongly validated, and replicable” pilot demonstrations.

A small scope does not mean trivial work. It means focusing on a local scenario with high value, high risk, a clear chain, and clear responsibility. Examples include combined assisted driving and vehicle–road coordination on a specific expressway section, dispatching and auditing of autonomous shuttle equipment in a port area, intelligent auxiliary allocation at a key airport support node, command-access governance in a low-altitude pilot area, and abnormal recovery auxiliary decision-making in an integrated hub. The purpose of a small scope is to make problem boundaries controllable and first make the evaluation and auditing chain solid.

Strong validation means that pilots must embed evaluation indicators, logging specifications, abnormal sample libraries, takeover conditions, fallback mechanisms, and review templates from the beginning. It is not enough to “make the system run.” The pilot must answer: under what conditions is it stable; under what conditions does risk rise; which logs are sufficient to support responsibility tracing; which access behaviors are unauthorized; which changes alter system boundaries. In other words, pilots should serve governance capability, not only display capability.

Replicability means that after a pilot ends, it must leave transferable outputs, rather than only a local story. Replicable outputs should at least include scenario definitions, evaluation frameworks, logging specifications, takeover and fallback rules, boundary-control mechanisms, accident or abnormal review methods, draft standards proposals, training materials, and organizational coordination mechanism descriptions. Without these outputs, even a successful pilot will be difficult to turn into industry capability.

Based on this, this report recommends prioritizing three types of ministerial-level demonstration paths. The first type is a “high-risk AI white-box evaluation pilot.” The goal is to make testing and validation platforms, scenario libraries, indicator systems, and report templates operational. The second type is an “intelligent-agent action auditing pilot.” The goal is to solidify call logs, decision chains, responsibility mapping, and event review mechanisms. The third type is a “lawful access governance pilot.” The goal is to clarify boundary rules and abnormal governance mechanisms for data, models, interfaces, OTA, remote control, and other elements.

These three types of pilots can be attached to different transportation modes. For example, the highway field is more suitable for first conducting white-box evaluation of combined assisted driving and road-network operation monitoring. Ports are more suitable for action auditing of automated equipment coordination and intelligent dispatching. Low-altitude transportation is more suitable for command-permission and access governance. Civil aviation is more suitable for controllability validation of operation support nodes and disturbance recovery auxiliary decision-making. This maintains a unified framework while fully utilizing each industry’s own advantages.

In terms of organization, the Ministry of Transport does not need to personally implement all pilots, but it should clarify pilot directions, pilot requirements, acceptance points, and achievement-transformation mechanisms. Provincial transportation departments and pilot entities are responsible for project organization, while third-party institutions and research teams participate in evaluation and auditing. The key is for the ministry to “straighten out” pilots into a unified capability-building chain, rather than allowing localities to experiment, narrate, and summarize separately, ultimately failing to deposit industry consensus.

9. Standards, Platforms, Reports, and Training: Turning Governance Capability into Long-Term Infrastructure

If AI safety risk prevention and control remains only at the level of projects and pilots, it will be difficult for it to become a long-term industry capability. What truly allows the industry to move forward steadily is turning governance capability into infrastructure. Infrastructure here does not only mean computing power and data platforms. It also includes standards, platforms, reporting systems, and training systems.

First is the standards system. Current smart transportation standardization pilots already provide a good institutional entry point. The next step should not be to pursue grand “international standards” from the beginning, but to first produce several key standards related to high-risk AI, such as: specifications for identifying and grading high-risk AI scenarios; indicator systems for white-box evaluation of transportation AI systems; specifications for intelligent-agent action logs and auditing; guidelines for access-permission and boundary governance of transportation AI systems; specifications for AI-related event reporting and review in transportation; and specifications for human-machine takeover and responsibility mapping. Once these standards take shape, they will not only improve project quality, but also significantly reduce later regulatory and dispute-handling costs.

Second is the testing and validation platform. The Ministry of Transport has already clearly proposed in implementation opinions and press conferences that high-quality datasets, toolchains, and testing and validation platforms should be built. The next step can further refine platform capabilities into three categories. One is a model and scenario white-box testing platform, used to evaluate rule dependencies, knowledge chains, long-tail samples, abnormal responses, and uncertainty labeling. One is an action auditing platform, used to manage logs, calls, versions, permissions, takeovers, and reviews. One is a risk warning and emergency support platform, used to connect event monitoring, reporting, analysis, alerts, and handling. For leaders, the greatest value of platform construction is not “building a large system,” but bringing scattered testing, logging, reporting, and review capabilities into a unified framework.

Third is the reporting system. High-risk AI governance must move from “experience-based reporting” to “structured reporting.” It is recommended to establish at least three types of report templates: pre-access evaluation reports, in-operation event and abnormality reports, and post-event review and rectification reports. The report templates should clearly record system goals, boundary conditions, model versions, rule updates, data sources, key indicators, tool calls, human takeover, log completeness, permission changes, and rectification-loop status. Only by solidifying these elements can transportation gradually form real regulatory technology capability, rather than always relying on a few experts’ temporary judgments.

Finally, there is the training system. Many accidents become harder to handle in the AI era not because the technology itself is unknowable, but because the organization lacks enough people who truly understand system boundaries and responsibility chains. In response, the Ministry of Transport can promote the formation of a hierarchical training system. One category targets regulatory cadres, focusing on catalog grading, report assessment, boundary judgment, and event handling capability. One category targets enterprise executives, focusing on goal governance, responsibility-chain management, and pilot governance awareness. One category targets technical teams, focusing on white-box evaluation, log auditing, interface boundaries, and compliance design. One category targets frontline operators, focusing on human-machine collaboration, takeover timing, and abnormal reporting. Once training becomes a system, risk prevention and control will no longer remain in the documents of a few experts, but enter the industry’s daily operational capability.

Therefore, standards, platforms, reports, and training are not auxiliary work. They are infrastructure projects for high-risk AI governance. For leaders, these tasks may not look like the “flashiest AI,” but they often determine whether the industry can truly use AI well over the long term and in a stable way.

10. Organizational Mechanisms and Division of Responsibilities: How the Ministry Should Lead, How Provinces Should Implement, How Enterprises Should Act, and How Third Parties Should Enter

From the perspective of organizational governance, AI safety risk prevention and control in transportation cannot be completed by any single actor alone. The Ministry of Transport, local transportation authorities, enterprise entities, research institutions, and third-party institutions should all bear different responsibilities. The key is not that “everyone participates,” but that “each level knows exactly what it is responsible for.”

At the Ministry of Transport level, the core responsibilities are sixfold. First, establish the high-risk AI scenario list, graded regulatory framework, and key-task catalog. Second, clarify basic institutional requirements for testing and validation, reporting, review, auditing, and rectification. Third, promote the construction of industry standards, guidelines, pilots, and platforms. Fourth, organize cross-industry, cross-mode, and cross-regional experience exchange and capability replication. Fifth, coordinate major project reserves and scientific and technological resource layouts. Sixth, form unified interpretive authority and coordination capability on major events and key issues. The Ministry of Transport should not become involved in the daily operation of specific enterprise systems, but it must become the provider of the rule framework and capability foundation.

The responsibilities of provincial transportation authorities are more implementation-oriented: selecting high-risk AI scenarios and key pilots in their regions according to the ministerial framework, organizing local enterprises and institutions to apply for pilot and standardization projects, urging enterprises to implement reporting and rectification requirements, coordinating with local market regulation, cyberspace, public security, emergency management, and other departments to form linkage mechanisms, and feeding scenario differences, pilot progress, and institutional bottlenecks back to the ministry. The provincial level is the key node for turning the ministerial framework into real action.

The responsibilities of enterprise entities must be further tightened. At present, many enterprises still understand “safety” as the work of a few technical teams, rather than elevating it to overall responsibility covering goal setting, organizational processes, log management, permission governance, and event reporting. In fact, enterprises should assume safety-design responsibility during development, sufficient-validation responsibility during testing, logging and monitoring responsibility during operation, boundary-management responsibility during upgrades, and reporting and rectification responsibility after accidents. Especially enterprises involved in remote upgrades, intelligent assisted driving, automatic dispatching, and cross-system calls must not evade their own responsibility by citing “algorithmic complexity” or “supplier provision.”

The responsibilities of research institutions and universities should further shift from “paper orientation” to “tool and method supply.” The ministry can consciously guide research institutions to conduct research around white-box evaluation, semantic governance, action auditing, lawful access governance, and other directions, rather than only around larger models and higher accuracy. This can both connect with national science and technology tasks and more easily form methods and tools useful to the industry.

The introduction of third-party institutions is also important. High-risk AI systems cannot rely entirely on enterprises’ self-testing and self-certification. Otherwise, a structural risk will arise in which enterprises “define the problem themselves, test it themselves, and declare safety themselves.” The Ministry of Transport should explore having third-party institutions with corresponding qualifications and capabilities participate in part of the evaluation, auditing, and review work. Of course, the prerequisite is that evaluation standards, responsibility boundaries, and rights-and-responsibilities relationships must be clear. Third parties are not introduced to increase formal complexity, but to improve governance credibility and correction capability.

What organizational mechanisms truly need to solve is not “multi-party meetings,” but “who is responsible for what, when, and in what form.” Without this division of labor, AI safety risk prevention and control can easily become an issue that everyone says is important, but no one truly underwrites when problems occur.

11. Twelve Months, Thirty-Six Months, and Sixty Months: A Phased Roadmap

High-risk artificial intelligence governance is not work that can be “completely finished” within one year. Therefore, it must be advanced through a phased route. It is recommended to deploy it at least across three levels: 12 months, 36 months, and 60 months.

Within the next 12 months, the most important task is to build the underlying framework and the first set of practical levers. This includes completing a preliminary draft of the high-risk AI scenario catalog and grading principles; selecting several key scenarios to launch small-scope pilots; forming at least one white-box evaluation indicator framework, one action auditing framework, and one access governance framework; establishing event reporting and review templates; launching a group of standardization pre-research projects and training pilots; and conducting project demonstration around major task reserves and key research and development plans. The keyword at this stage is not “large-scale promotion,” but “turning methods and frameworks into usable prototypes.”

Within the next 36 months, the focus should shift to demonstration, solidification, and diffusion. Specifically, several pilot templates with industry influence should be formed; a group of group standards, industry guidelines, and tool platforms should be released; provincial authorities and key enterprises should be promoted to form relatively stable reporting, rectification, and auditing mechanisms; a high-risk AI event sample library and case library should be established; a compound talent team of initial scale should be formed; and risk prevention and control should gradually move from “special work” into part of routine industry operations. The keyword at this stage is “system formation.”

Within the next 60 months, the goal should be institutionalization and scaling. In other words, AI safety risk prevention and control should no longer rely only on individual pilots and a small number of experts, but should become part of the standards system, project management system, access system, operating system, and training system of the transportation industry. At that point, the ministry should be able to answer relatively clearly: which high-risk scenarios must be tested before launch; which systems must retain traces for auditing; which permissions cannot be handed over to models or agents; which events must be reported using unified templates; and which demonstration models can already be replicated across regions. The keyword at this stage is “internalization.”

The value of a phased roadmap is that it prevents two common misjudgments. One is taking the problem too lightly and thinking that issuing a document can solve it. The other is taking the problem too heavily and thinking that without an ultimate solution, there is no need to start. The truly effective approach is to recognize that this is a long-term project, while completing a few tasks each year that truly accumulate industry capability.

12. What Must Not Be Done: Avoiding Three Misunderstandings in Risk Prevention and Control

While emphasizing “what can be done,” it is also necessary to clarify “what must not be done.” High-risk AI governance most easily goes astray in three places.

The first misunderstanding is to turn risk prevention and control into purely ex-post regulation. That is, in ordinary times, only encourage launch and pilots, and after problems occur, pursue accountability. This approach seems efficient, but in reality it carries the greatest risk. Many problems with high-risk AI, once they enter real operational chains, will rapidly magnify in cost. Truly effective risk prevention and control must move forward to the stages of catalogs, standards, testing, boundaries, and log design, rather than waiting for accidents to occur before patching institutions.

The second misunderstanding is to turn governance into formalism. When many organizations mention governance, their first reaction is to fill in more forms, hold more meetings, issue more systems, and add more approvals. The problem is that without substantive capabilities such as white-box evaluation, action auditing, and access governance, no amount of forms can answer “what the system actually did,” “why it did so,” or “how to quickly locate the problem.” Governance cannot only build the “shell.” It must build the “core.”

The third misunderstanding is to understand high-risk AI governance as suppressing innovation. In fact, capable regulation does not stifle innovation. It helps the industry more quickly distinguish what can be tested, what cannot be tested, and what must be tested within boundaries. Without governance capability, innovation becomes a matter of luck. With governance capability, innovation becomes easier to replicate at scale. If the Ministry of Transport can first build risk prevention and control as infrastructure rather than as a temporary brake, it will actually be more favorable to genuinely high-quality industry innovation.

There is one additional misunderstanding that deserves particular vigilance: being captured by “black-box worship.” Once many systems perform well, it is easy for people to believe that “the inside is too complex, there is no need to ask why it works, as long as the result is good.” This may be barely acceptable in ordinary information services, but it is very dangerous in high-risk transportation scenarios. The stronger the black box, the greater the helplessness after an accident. As a public safety industry, transportation must uphold one bottom line: key systems may be complex, but they must not be unaccountable; they may be intelligent, but they must not be unauditable; they may be adaptive, but they must not be boundaryless.

13. Specific Recommendations for Leaders of the Ministry of Transport: Fifteen Things That Can Be Promoted Now

For the convenience of direct use by leaders, this report finally condenses the recommendations into fifteen specific actions that can be promoted.

Organize the preparation of the Catalog and Grading Recommendations for High-Risk Artificial Intelligence Scenarios in Transportation as soon as possible.

Clarify the basic principle for high-risk AI systems: “test before launch, manage while testing, and review after incidents.”

Rely on existing science and technology platforms and pilot mechanisms to initiate the construction of transportation AI white-box evaluation capabilities.

Establish technical and institutional requirements for intelligent-agent action logs, auditing, and responsibility tracing.

Incorporate lawful access governance into the core agenda of industry governance, covering data, models, interfaces, OTA, and remote control.

Promote the formation of monitoring, reporting, assessment, and review templates for high-risk AI-related events.

Incorporate white-box evaluation, action auditing, and access governance into smart transportation standardization pilot directions.

Prioritize the organization of a group of “small-scope, strongly validated” scenario pilots, rather than pursuing large and comprehensive demonstrations.

Around the construction of comprehensive transportation large models and intelligent agents, simultaneously clarify safety baselines and access boundaries.

Promote the construction of third-party evaluation, auditing, and review capabilities, and avoid complete enterprise self-certification.

Establish a ministry–province–enterprise–research institution–third-party institution division-of-labor and coordination mechanism.

Launch cadre training, enterprise training, and technical training to form a compound talent foundation.

Combine high-risk AI risk prevention and control with major science and technology tasks, key research and development plans, and demonstration-project reserves.

Strengthen coordination with relevant departments such as market regulation, cyberspace administration, public security, emergency management, civil aviation, railways, and postal services.

Form an annual release mechanism, such as annual reports, case collections, risk alerts, and standards progress updates, to continuously accumulate industry knowledge.

If five to eight of these fifteen tasks can truly be accomplished in the coming year, high-risk AI governance in transportation will move from the “conceptual stage” to the “capability stage.” This is precisely the most critical gap in the next round of “Artificial Intelligence + Transportation” development.

Conclusion

When leaders of the Ministry of Transport ask “what AI safety risk prevention and control can do in the transportation field, and how to do it,” they are essentially not asking for a single technical solution. They are asking how the industry should rebuild safety, responsibility, boundaries, and trust after AI begins to deeply enter the operating logic of transportation systems.

The core answer of this report is that what can be done is not a single model upgrade, nor simply adding one more approval procedure. It is to build a systematic capability centered on organization-level control, semantic-layer governance, knowledge-layer white-box evaluation, intelligent-agent action auditing, and lawful access governance. The key to how to do it lies in turning this capability into catalogs, standards, platforms, pilots, reports, and training, and embedding them respectively into ministerial rules, provincial deployment, enterprise operation, and third-party evaluation.

In one sentence: what AI safety risk prevention and control in transportation must truly guard against is not merely “models making mistakes,” but “high-risk AI entering the real world directly without boundaries, without auditing, without a responsibility chain, and without organization-level control.” Whoever first completes this foundation will be able to ensure high-level safety and obtain genuine high-quality development in the next round of transportation intelligence.

Appendix 1. Mid-Level Reality Board: Why This Is Not a Purely Technical Governance Problem

To avoid misjudging AI safety risk prevention and control in transportation as a purely technical problem, it is necessary to separately list the mid-level reality board. So-called mid-level reality is neither grand slogans nor local details, but structural conditions that determine why the problem will exist over the long term and why it cannot be solved through one-time rectification alone.

The first category of variables is resources. High-risk AI governance in transportation will inevitably consume computing power, data governance capability, testing budgets, scenario coordination costs, personnel training costs, and third-party evaluation resources. If the resource allocation structure does not change, many organizations will naturally prefer “launch the system first, supplement governance later,” because the former is easier to convert into short-term performance, while the latter looks more like a cost center. The second category of variables is power. Who has the authority to define “whether this system counts as high risk”? Who has the authority to suspend the system? Who can require enterprises to supplement logs, tests, and reports? If these powers are not institutionalized, risk prevention and control will remain at the level of advocacy for a long time. The third category of variables is boundaries. Many accidents cannot be explained clearly not because the technology is absolutely complex, but because boundaries were never written clearly: what exactly are the respective responsibilities of vehicle companies, platforms, map services, equipment suppliers, operators, and competent authorities? The fourth category of variables is incentives. Project-based systems, assessment systems, pilot competition, demonstration impulses, and investment-attraction pressure will all push some organizations to value “landing first” more than “governing steadily.” The fifth category of variables is the cost-bearing method. Who bears the real accident cost, who bears the rectification cost, and who bears the reputational cost after pilot failure are not evenly distributed. If cost bearing and benefit acquisition remain misaligned over the long term, systems will naturally outsource risk. The sixth category of variables is dependency. Local dependence on platform suppliers, operators’ dependence on equipment manufacturers, and regulators’ dependence on information reported by enterprises all affect the actual strength of governance. The seventh category of variables is interpretive authority. Who is qualified to define “what the real problem is” often determines where subsequent resources flow. The eighth category of variables is repair mechanisms. After a problem occurs, if there is only accountability without review, only notification without rule updating, and only case-by-case handling without structural adjustment, risk will return in another form. The ninth category of variables is institutional entry. Which problems can enter formal handling channels through ministerial orders, guidelines, pilots, standards, projects, finance, assessment, or platform mechanisms determines whether governance can continue. The tenth category of variables is hard-to-reverse consequences. Loss of life, damage to public trust, major accidents, regional operational interruptions, uncontrolled public opinion, and broken responsibility chains, once they occur, will greatly compress future policy and industrial space.

Precisely because of these mid-level reality variables, AI risk prevention and control in transportation must not rely only on enterprise consciousness or technical-team patches. Institutions, organizations, resources, and interpretive authority must be built simultaneously.

Appendix 2. Truth Gradient and Kill Conditions: Which Judgments Are Relatively Stable and Which Must Retain Revision Space

When facing high-risk AI problems, the greatest mistake is to give ultimate judgments from the beginning. A more robust approach is to distinguish local truth, structural truth, and ultimate claims, and to equip key judgments with withdrawal conditions.

In this report, local truths include the following: AI applications in transportation are moving from information assistance toward operational control; once high-risk AI enters real transportation chains, its risks are not only technical problems, but also public safety and responsibility problems; current policy has clearly required the formation of a relatively complete AI governance system in the transportation field; standardization pilots, event reporting, OTA management, comprehensive transportation large models, and intelligent-agent deployment have all become real issues. These all belong to local truths with relatively high real-world support.

Structural truths include the following: without a catalog, it is difficult to focus high-risk objects; without white-box evaluation, it is difficult to truly establish trustworthy boundaries; without action auditing, it is difficult to bring “intelligence” into the responsibility chain; without access governance, it is difficult to protect the boundaries of interfaces, remote calls, and cross-system linkage; without the combined advancement of pilots, standards, platforms, and training, risk prevention and control will have difficulty moving from documents to capabilities. These judgments are not directly stated in a single document, but are jointly supported by policy trends, industry structure, and accident logic. They belong to relatively stable mid-level structural judgments.

Ultimate claims must remain restrained. For example, claims such as “AI will certainly take over traffic control completely,” “all transportation systems must be driven by large models in the next five years,” “only the artificial consciousness route is correct,” and “traditional safety systems have completely failed” cannot be treated as proven truths at this stage. At most, they are possible directions of judgment, not policy foundations that can be directly implemented.

Correspondingly, several core recommendations in this report should also be equipped with Kill Conditions. First, if the future proves that large-scale black-box systems can also stably meet auditing, responsibility, and safety requirements in high-risk scenarios, then the weight of “white-box evaluation as the core lever” can be moderately adjusted. Second, if enterprises and localities have already formed high-quality logging, event reporting, and permission-governance systems in actual operation, then the unified ministerial requirement can shift from “supplementing the foundation” to “integration.” Third, if some scenarios, after long-term validation, show significant improvements in takeover failure rate, unauthorized calls, and review efficiency, then action auditing and access governance can gradually shift from mandatory requirements to graded requirements. Fourth, if more advanced organization-level control and verifiable self-monitoring technologies emerge in the future, the current five categories of capability packages will also need to be reweighted.

This judgment method with withdrawal conditions does not weaken the recommendations. Instead, it protects the credibility of judgment in complex problems. For leaders, the most trustworthy analysis is not the one with the strongest tone, but the one that knows under what conditions it should be revised.

Appendix 3. Nine Categories of Pilot Menus Recommended for Priority Launch

To help the ministry and localities quickly move into action, this section provides a pilot menu rather than a single solution. The significance of the pilot menu is that different regions, modes, and organizations with different maturity levels can select their own entry points according to their conditions, but all pilots should be conducted around “evaluable, auditable, reviewable, and replicable.”

First, a pilot on white-box evaluation of highway combined assisted driving and roadside coordination. The focus is to validate vehicle-side, roadside, and cloud-side capabilities in alerts, takeover, abnormal recognition, and log consistency.

Second, a pilot on road-network operation monitoring and safety-warning intelligent agents. The focus is to validate the explainability and responsibility chain of intelligent agents when identifying risks, generating recommendations, and supporting emergency dispatch.

Third, a pilot on action auditing for autonomous driving shuttles in parks or port areas. The focus is to validate equipment dispatching, path decisions, takeover records, and overreach recognition.

Fourth, a pilot on automated port equipment coordination and access governance. The focus is to validate cross-system interfaces, remote control, and permission boundaries.

Fifth, a pilot on smart maritime regulation and intelligent-ship auxiliary decision-making. The focus is to validate audit chains in monitoring, warning, inspection, dispatching, and public services.

Sixth, a pilot on intelligent assistance and disturbance recovery for airport operation support nodes. The focus is to validate priority management, human takeover, and log tracking under high-pressure conditions.

Seventh, a pilot on low-altitude traffic command access governance and risk grading. The focus is to validate who can issue what commands, how the system identifies unauthorized access, and how traces are retained.

Eighth, a pilot on compliance for postal express automated sorting and remote monitoring. The focus is to validate abnormal recognition, remote safety monitoring, and responsibility definition in large-scale equipment environments.

Ninth, a pilot on white-box evaluation of intelligent monitoring and maintenance decision-making for infrastructure construction and maintenance. The focus is to validate monitoring data quality, rule dependencies, and the explainability of decision recommendations.

These nine types of pilots do not require simultaneous full-scale rollout. They should be advanced in layers according to local maturity and risk exposure levels. Regions with high maturity, clear scenarios, and clear entity responsibilities can move first. Regions that do not yet have the conditions can begin with training, standards pre-research, and sample scenario sorting. The key is to make pilots truly become the entry point for governance capability building, rather than another round of “technology shows.”

Main Policy and Public Information Sources

Ministry of Transport, National Development and Reform Commission, Ministry of Industry and Information Technology, National Data Administration, National Railway Administration, Civil Aviation Administration of China, and State Post Bureau: Implementation Opinions on “Artificial Intelligence + Transportation” (Jiao Keji Fa [2025] No. 92, publicly released on September 26, 2025).

Regular press conference of the Ministry of Transport in October 2025: the head of the Department of Science and Technology introduced key work on “Artificial Intelligence + Transportation,” clarifying the directions of national major science and technology projects, comprehensive transportation large models, the “Ten-Hundred-Thousand” innovation action, and standards-system construction.

General Office of the Ministry of Transport and General Office of the State Administration for Market Regulation: Notice on Publishing the List of the First Batch of National Service-Industry Standardization Pilots (Smart Transportation Special Program), April 9, 2025.

General Office of the Ministry of Transport and General Office of the State Administration for Market Regulation: Notice on Soliciting Projects for the Second Batch of National Standardization Pilots (Smart Transportation Special Program), June 30, 2025; Notice on Publishing the List of the Second Batch of National Standardization Pilots (Smart Transportation Special Program), March 24, 2026.

Ministry of Industry and Information Technology and State Administration for Market Regulation: Notice on Further Strengthening the Management of Intelligent Connected Vehicle Product Access, Recalls, and Software Online Upgrades (MIIT Lian Tongzhuang [2025] No. 45).

Interim Measures for the Management of Generative Artificial Intelligence Services (promulgated by the Cyberspace Administration of China and six other departments on July 13, 2023).

Civil Aviation Administration of China: Implementation Opinions on Promoting the High-Quality Development of “Artificial Intelligence + Civil Aviation” (Minhang Fa [2025] No. 24).

意识简史

人工意识的数学：语义数学与3-No问题

语义数学概论

智驾新纪元：AI标准引领未来交通

人工意识与人类意识

人工意识日记

玩透DeepSeek：认知解构+技术解析+实践落地

人工意识概论：以DIKWP模型剖析智能差异，借“BUG”理论揭示意识局限

人工智能通识 2025新版 段玉聪 朱绵茂 编著 党建读物出版社

主动医学概论 初级版

世界人工意识大会主席 | 段玉聪

邮箱|duanyucong@hotmail.com

世界人工意识科学院

邮箱 | contact@waac.ac