The synthetic-biology challenges for biosecurity: examples from iGEM

ABSTRACT Although synthetic biology and biological engineering are often portrayed as emerging disciplines, there is over a decade of experience in their interactions with biosecurity. The International Genetically Engineered Machine competition (iGEM) brings together nearly 6000 students on multidisciplinary teams to engineer biology following synthetic biology’s “design, build, test, and learn” cycle. During its fifteen-year existence, iGEM has been affected by biosecurity and in turn has affected it. This article describes four specific case studies at iGEM, highlighting their implications for biosecurity, and proposes ways to improve relevant biosecurity procedures and practices. It showcases how embracing engineering approaches and principles can help to structure efforts to strengthen biosecurity.

Although often framed as an emerging technology, synthetic biology has been around for almost two decades. There is an existing body of evidence to facilitate understanding of how synthetic biology and biosecurity interact. Since its launch fifteen years ago, the International Genetically Engineered Machine competition (iGEM) community has often found itself working at the intersection of synthetic biology and biosecurity. Each year, teams are challenged to use the power of synthetic biology to tackle a local or global challenge. They work throughout the year to build an engineered biological system using standardized parts, which we call "biobricks." Team projects are intended to culminate in a proof of principle but should not be released from containment. 5 Observations from iGEM competitions can help us build better systems to govern this technology in the future.
iGEM's Safety and Security Program was born from efforts to embed within the community procedures and practices to consider how its technical work affects the world, and how the world affects its technical work (what we call "human practices"). The Safety and Security Program reviews all of the projects and parts used in the competition to ensure hazards are being identified and risks appropriately managed. iGEM has a small internal team working on these issues, which collaborates with a number of commercial partners and draws heavily on the expertise of an international, volunteer Safety and Security Committee (SSC). 6 The Safety and Security Program has evolved over time, with the specific intent of creating a governance framework suitable for synthetic biology. 7 In its current iteration, the program addresses a wide variety of risks arising from the work of iGEM teams, including laboratory biosafety, laboratory biosecurity, dual use, contained use, animal use, human experimentation, and human-subjects research. It builds upon and does not replace institutional, national, regional, or international rules and regulations. All teams are also required to comply with iGEM's own rules and policies. 8 All teams undertake their own risk assessment and management-planning activities for their technical projects. Failure to meet the expected standard can lead to penalties, up to and including disqualification and reporting to the relevant institutional authorities. iGEM also rewards excellence in safety and security practices, integrating them into medal requirements and offering a special award for excellence in that area. These common standards help the competition operate internationally across different cultural, societal, and legal regimes.
All projects pursued and all engineered biological parts used in the competition are screened to identify all the relevant risks and ensure that suitable management plans are in place. A commercial partner uses an industry-standard software suite to identify potentially hazardous parts. A second commercial partner uses internationally certified biorisk-management professionals to review all the team's projects to ensure hazards are identified and associated risks managed appropriately. This happens at multiple points within the research-and-development life cycle, which runs from May to November. Formal reviews take place when most teams are moving from planning to laboratory work and again when most teams have completed their laboratory work and are beginning to share their results. A more informal peer review happens at the annual Giant Jamboree where all teams present their work. Any substantive concerns throughout the competition cycle are dealt with by iGEM's SSC, made up of specialist experts and current and former regulators from around the world.
In an attempt to build a comprehensive governance framework in iGEM, there is a deliberate effort to embed reflection on potential harm as a way to shape good and responsible scientific and engineering practice. The iGEM Safety and Security Program includes several elements: . top-down approaches, such as rules and policies in iGEM that carry penalties for noncompliance; . structured awareness-raising activities to make sure teams are aware of and think about relevant safety and security issues; . culture-building and norm-setting activities, including rewards for good practice and positive support from senior members of the technical community; . tools, guidance, and other resources to help teams understand why they are being asked to address these issues and to help them assess and manage relevant risks; . an open, inclusive collective shaping of relevant efforts throughout the competition, leveraging both current teams and alumni (through the "After iGEM" program) to help us better understand what is and is not acceptable for safety and security and Biology, Vol. 3, No. 12 (2014), pp. 983-85; Millett et al., "Developing a Comprehensive, Adaptive, and International Biosafety and Biosecurity Program." 8 <https://2020.igem.org/Safety/Rules>. how iGEM can build oversight systems that balance doing the most exciting work possible with doing it safely, securely, sustainably, and responsibly. 9 The insights generated and the lessons learned from these collective efforts can provide useful insights into how synthetic biology is challenging our current biosecurity arrangements and how they might usefully be strengthened. This article outlines four specific case studies at iGEM, highlights the implications of these events in the international competition, and proposes how relevant procedures and practices might be improved.

How do we know iGEM biosecurity measures work?
The fundamental biological understanding is that genes are made up of sequences of DNA nucleotides (commonly represented by the letters A, T, G, and C). Genes are converted into a message made of a similar material called RNA. These messages are decoded by microscopic molecular machines to produce functional proteins. Because the molecular machines that facilitate this process are well understood, it is possible to predict what protein any given gene will produce. Most biological functions are carried out by proteins. Virtually any biological function can therefore be engineered by creating the right DNA sequence and inserting it into the right organism. This provides the ability to engineer useful systems by mixing and matching DNA in new ways.
Current DNA synthesis technology allows scientists to create entire genes with a userspecified sequence, which can be used in applications including genetic engineering, information storage, and material design. 10 Rapid improvements in DNA synthesis over the past two decades have dramatically accelerated biological science, engineering, and medicine. However, the ability to produce DNA sequences on demand also enables the production of organisms with the potential to harm humans, animals, and the environment. Controlling the synthesis and distribution of DNA has, therefore, become a cornerstone of biosafety and biosecurity regulation.
Members of the International Gene Synthesis Consortium-an industry-led group formed to design and apply a common protocol to screen both the sequences of synthetic-gene orders and the customers who place them-produce approximately 80 percent of the synthetic DNA required for research. 11 This centralization allows the adoption of standards in the form of Harmonized Screening Protocol 2.0, which provides screening guidelines for DNA-synthesis orders and the individuals fulfilling them. 12 Customer screening aims to restrict the sale of synthetic DNA to bona-fide end users at recognized institutions or businesses and prevent sale to suspicious individuals or organizations.
the use of software like BLAST (Basic Local Alignment Software Tool) to evaluate the similarity of a query sequence to known sequences of concern pulled from regulatory lists and other databases. 15 If a sequence is substantially similar to a known sequence of concern, the order is flagged and undergoes manual review. This method of screening orders is effective because the genetic code-how genes are turned into proteins-is known and essentially identical in all living things. 16 However, what happens when the relationship between gene sequences and their protein products are obfuscated? Is it still possible to identify a DNA sequence producing a harmful protein? Or is it possible that the gene is encrypted and out of the reach of screening?
In 2013, the University of Lethbridge iGEM Team, "Framechangers," wanted to develop a genetic element called an "RNA pseudoknot." 17 The promise of the pseudoknot was to encode multiple proteins into a single gene. 18 Use of this new genetic element would reduce the length of DNA needed in the system. 19 During the competition, the team investigated whether toxins could be encoded using their RNA pseudoknot to evade screening. After the team reached out to International Gene Synthesis Consortium members, two companies agreed to test these sequences and successfully identified them as hazardous. In this instance, the algorithms used for screening were suited to detecting potentially harmful sequences despite the encoding used.
In 2017, a different team from the same university set out to produce a cell-free biological system called "Next Vivo" to increase the safety and accessibility of synthetic biology in education. 20 With this system, important parts of the biological machinery in cells could be recombined to modify it. Such modifications could alter fundamental biological processes, including changing the genetic code used to turn genes into proteins. 21 This would make it difficult, if not impossible, to know what protein a gene produced in this modified system.
In order to determine if this form of genetic recoding could evade security screening of gene-synthesis orders, the team developed software that simulated the process of genetically recoding a gene. Five gene synthesis companies agreed to test the data and report the results. No company was able to identify the genetically recoded sequences. 22 Unlike the 2013 experiment, changing the genetic code this way significantly impaired the effectiveness of the screening algorithms used. In order to prevent "encryption" of synthesis orders, new software needed to be developed that could account for the increased complexity of non-traditional genetic codes. The 2017 Lethbridge iGEM team shared its insights with the International Gene Synthesis Consortium and has worked with them to strengthen relevant procedures.
When is a gene both export controlled and not export controlled?
Early in the 2018 competition, a team from a prestigious European university contacted iGEM's Safety and Security Program requesting permission to use a part from a pathogenic bacteria on the Australia Group list (Salmonella enterica subspecies enterica serovar Typhi). The Australia Group helps its state members harmonize their export controls including those restricting biological samples. Pathogens on this list are subject to export controls from participating states. They require an export license before they can leave these countries. 23 The team explained that they were interested in using a gene whose natural function is to detect eukaryotic organisms and to secrete proteins involved with the infection process. The team wanted to use it in a non-pathogenic engineered system to assist in secreting the proteins they wanted to produce. They noted the gene is part of a known pathogenicity island (Salmonella Pathogenicity Island 2-SPI-2), a sequence containing a group of genes involved in human disease. They were planning to use a laboratory supplier in Canada and have the gene shipped into Europe. The company in question sold a safe laboratory strain of bacteria (Escherichia coli K-12) that already had the part integrated into it.
Managing safety risks from this project was comparatively straightforward. While it is the responsibility of each team to ensure they comply with all relevant rules and regulations (in this case export controls), iGEM HQ supports teams in working safely, securely, and responsibly. iGEM's Safety and Security Program was well placed to help the team interact with relevant authorities and assist them in understanding what rules might apply. The Safety and Security Program also helped ensure all relevant risks had been identified and appropriate measures were in place. 24 iGEM's SSC worked with the team to understand what they wanted to do, what oversight would occur, and what control measures were in place. The team worked closely with their institutional biosafety committee to provide the relevant information. Ultimately, iGEM's SSC concluded that, although the planned work posed some risk, the team had suitable measures in place to manage it. Both the SSC and the host institution approved the team to carry out their planned work.
Understanding how export-control rules applied to the team's work was more complicated. It provides an interesting case study on the implementation of these important biosecurity measures. As the parts in question were to come from Canada (a member of the Australia Group), it was important to understand how the rules were being applied in this country. Experts from the Public Health Agency of Canada's Centre for Biosecurity have been long-standing members of iGEM's SSC. They were quickly briefed on the request and asked to help elucidate how relevant export rules were being implemented. The Centre for Biosecurity helped to liaise with their export-control colleagues at Global Affairs Canada (Canadian Department of Foreign Affairs and Trade) and proved a 23 Australia Group, "The Australia Group," 2007, <https://australiagroup.net>. 24 Millett et al., "Developing a Comprehensive, Adaptive, and International Biosafety and Biosecurity Program," pp. 1-8. critical partner in understanding what rules might apply. Three insights from this case explore different challenges around implementing export-control rules.
First, it was necessary to determine whether the organism involved was on the export-control list. Although the team had initially indicated they were using parts from a listed pathogen, a different organism was described on the Check-In forms required by iGEM when the team subsequently made a formal request to use the part in the competition. These forms must be submitted by all teams intending to use organisms, parts, or activities not covered by the competition's White List, as these are deemed to pose an elevated risk. When questioned about the discrepancy, the team determined they wanted to use a pathogenicity island (SPI-2) from a different subspecies (Salmonella enterica serovar Enteritidis) than originally mentioned. At an organism level, this should have made the application of export controls clear cut. The part the team wanted came from an organism not on the Australia Group list, so an export license would not be necessary.
Second, what would have happened if the team had wanted this part from a listed organism? Australia Group export controls apply to more than just pathogens. They also cover dual-use equipment and, importantly, "genetic elements and genetically modified organisms" connected to listed pathogens. In their current iteration, these controls require an export license to send abroad "any gene or genes specific to any listed bacterium or fungus, and which … could endow or enhance pathogenicity." 25 A literature review conducted by members of iGEM's SSC on this organism identified publications demonstrating a direct connection to pathogenicity. Therefore, if these pathogenicity islands came from a listed pathogen, an export license might be required; if they came from a pathogen not on the list, an export license was likely not to be required.
Third, the question remained of whether the genes in question were "specific to any listed bacterium of fungus." 26 In this case, the listed and non-listed pathogens are closely related and this can often create ambiguities with respect to regulations. A literature review determined that the biological function of the parts was identical in the two bacteria. It was reasonable to assume their sequences were very similar. Were they similar enough to be covered by export-control rules? To answer this question, iGEM's SSC liaised with the Centre for Biosecurity. They concurred that it was unclear whether the export-control rules would apply and suggested two courses of action. Either the Canadian supply company could apply for an export license, or the iGEM team could contact Global Affairs Canada to request an advisory opinion (a formal review process to determine if a license is needed). It was not possible to be sure that either approach would be completed within the time frame of the competition.
Ultimately, the team identified another option. They used a supplier within the European Union, avoiding international customs, hence avoiding export controls. While this was a practical solution for the team, it did not clarify whether these important security measures cover a functionally identical part, or how close the genetic sequences of parts have to be before the rules apply.
In order to share this experience, iGEM's vice-president for safety and security raised this case with the Australia Group directly, briefing both the group's chair and ultimately its New and Emerging Technologies Technical Expert Meeting. iGEM also worked with the Centre for Biosecurity to present this case study during the safety and security meeting held on the margins of its Giant Jamboree. This meeting regularly involves senior members of both the synthetic biology and policy communities in North America and further afield. iGEM also highlighted the case in a short briefing document produced each year to summarize the biosafety and biosecurity lessons learned from the competition, which it shares with relevant policy communities. iGEM, through its own staff, members of the SSC, and its After iGEM Ambassador Program, continues to actively discuss this case with relevant policy communities.
How close to a sequence of concern counts? As seen in the last section, decisions about what genetic sequences should be subject to production and transportation restrictions are based on their species of origin. Much of the Australia Group's work is based on lists, including of pathogenic bacterial species, viral species, and genetic sequences. In the case of viral sequences, "any gene or genes specific to any listed virus" are included in the Australia Group restrictions. 27 Although this rule is apparently straightforward to implement, biological realities can strain it to breaking point and call into serious question the paradigm of controlling sequences based on their species of origin.
All life on earth shares a common ancestor, and all species today are therefore at least somewhat related. In the case of closely related species (i.e., those that share a more recent common ancestor), many of their DNA sequences are similar. Such sequences are said to be "homologous" and related genes are called "homologs." For example, 98 percent of human genes have homologs in chimpanzees, 80 percent in mice, and 60 percent in bananas. 28 Often this means closely related species have some genes that are nearly or actually identical. An inevitable consequence is that any controlled gene has homologous sequences found in related, but non-controlled, species. These similar genes may differ only slightly from their controlled homolog yet be functionally identical, and thus equally hazardous. This creates ambiguous and paradoxical situations in a control paradigm where genes are restricted solely on the basis of their species of origin, a regulation that assumes these restricted genes are specific to a listed species.
One such ambiguous situation is the Poxviridae family of viruses, whose most infamous member, Variola, is responsible for smallpox. Many members of this family have very similar genomes ( Figure 2) and many of their genes are therefore very homologous across species. 29 Although smallpox was eliminated in the wild in 1977, a further 68 species remain in the Poxviridae family. Of these, only three are on the Australia Group list and their gene sequences therefore subject to export controls: goatpox virus, monkeypox virus, and sheeppox virus. 30 As shown in Figure 2, the inclusion or exclusion of members of the Poxviridae family on the Australia Group list of export-controlled viruses is not connected to their genetic similarity.
The values shown in the figure represent the whole-genome homology between members of the Poxviridae family; 100 would indicate an exact match. Species and their sub-strains included on the Australia Group's export-control list are given in full and highlighted in bold. Those not included are represented with a single letter on the axis of the figure (A to X). Cells with homology values are shaded from light to dark grey with increasing similarity. Homology values with no pattern background represent overlaps between two controlled viruses.
This raises questions about how similar one gene must be to a controlled sequence before it, too, should be restricted. One example is smallpox gene A5R, which is 495 nucleotides in length (the letters making up DNA). Cowpox (Vaccinia virus) has a homologous gene called CPXV137 that is identical in size and differs by only three letters. The purpose of neither gene is known. Without experimental testing, it is impossible to say what functional difference exists between the genes, if any. Even if a difference exists, modern molecular biology tools would allow an experienced user to make the cowpox sequence identical to the smallpox gene. Nevertheless, the cowpox gene sequence is not controlled under current Australia Group rules. Such similarities can have critical consequences for pathogenicity. Smallpox gene SPICE (the smallpox inhibitor of complement enzymes) is a very potent suppressor of the human immune system. SPICE is 96.72 percent identical to the homologous gene C3L in cowpox: of the 263 amino-acid building blocks making up both proteins, only eleven are different. Despite this small change, the C3L gene of cowpox is far less effective at combating our immune system. Recent research suggests even fewer changes are key in determining the immune-suppressing activity of the protein. Genetically, there is only a small difference between the Australia-Group-controlled, potent SPICE gene and the non-controlled, relatively ineffective C3L gene. Situations like these are common and inevitable in the current sequence-based control paradigm.
These biological realities mean that restricting sequences based on their "original" host can be simultaneously porous and excessive. A gene nearly or actually identical to one from a controlled virus could be exempt because it was isolated from a different source. Conversely, a gene isolated in good faith from a non-controlled species and then shared internationally between researchers could be subject to controls because of its similarity to a controlled gene. This could happen even if its function has no potential to cause harm. Genes with high homology across organisms generally tend to be those involved in fundamental functions, such as genome replication, rather than those performing specialized roles such as in pathogenicity. These issues are further complicated by the rise of metagenomics, the large-scale sequencing of environmental samples; this produces gene sequences whose host is unknown.
No single solution can tackle these issues. Taking homology into account would help rectify some of these problems but would create other important challenges. In every gene, some nucleotides are critical to gene function whilst others can be changed with little effect. In some genes, even a single nucleotide change can drastically alter their function, while, in others, large changes will have little effect. 31 It is currently impossible to reliably predict how small nucleotide changes will impact the function of a gene. Therefore controls that take homology into account would inevitably need to draw some arbitrary lines, for example restricting any sequence with over 98 percent homology to a known pathogenic gene.
A more nuanced paradigm is to control genes based on their predicted function. Predicting the function of a gene from its nucleotide sequence is far more reliable than predicting the consequence of a small nucleotide change. This approach is currently being developed, notably in the United States by Intelligence functions should be regulated, and how confident theoretical function predictions need to be before they justify the control of a sequence. Defining controlled genes' functions would expose this system to all the flaws inherent in an approach based on lists. Nevertheless, regulating genes based on what they do instead of where they were found would create a more nuanced and accurate control paradigm.

Dual-use risks beyond pathogens and the need for better engagement
The case studies discussed so far highlight existing challenges within biosecurity tools that may be exacerbated by synthetic biology. The application of engineering to biotechnology facilitates both beneficial and malevolent applications. iGEM's SSC has suggested that The expansion of our understanding of how biological systems function has resulted in a more nuanced understanding of risk. The emergence of new biotechnology techniques is resulting in new types of hazard. As risks rely on hazards, then a biohazard should no longer be confined to pathogens or toxins but should be understood as any biological component that manipulates the function of a biological system into an unsafe state. 33 A final case study described below is broader, highlighting a challenge to a central assumption that underpins approaches to biosecurity. It demonstrates the value of the more participatory governance structure employed by iGEM.
The 2018 project of the Bielefeld-CeBiTec iGEM team demonstrated that agents that do not cause disease can nevertheless be harmful and pose a biosecurity risk. This project dealt with the recycling of metal resources. The team identified an organism (Acidithiobacillus ferrooxidans) that has been used to extract copper from ores. 34 The copper-uptake system from this organism having been transferred into and optimized in the model organism E. coli, the engineered strain should, in combination with other components of the project, degrade electronic waste and produce nanoparticles. On reflection, the team identified a second, less benign application. Their engineered strain could be misused to intentionally destroy functional electronic devices. While the organism the team originally designed would have made a poor weapon agent (as it would likely only minimally decompose electronics), there would have been a clear dual-use potential. Ultimately, the team decided to change their project, designing a system to capture metal ions dissolved in mine water instead of to digest old electronics. Identifying the dual-use potential of this project was non-trivial. Such potential malign misuse is not usually captured within biosecurity framings, which primarily focus on pathogens and diseases. 35 The team had a heightened awareness of dual-use issues because of work on the topic by past teams at their institution. 36 This enabled them to reflect on possible malign applications of their own work.
Although the potential for direct misapplication of the original system might be slight, and the risk posed by a system built in E. coli would be minimal for such an application, it could still cause harm. Public concerns over the potential misuse of biotechnology, including dual use, have resulted in calls for stricter regulation of shared research, as well as what research is pursued. 37 Access to scientific data and information is important for reproducibility and incremental progress. Kneejerk policy reactions that result in unduly restrictive regulations that are not based on sound evidence could harm the scientific enterprise. The experiences of the 2018 Bielefeld-CeBiTec team highlight the importance of considering three questions: (1) How should scientists deal with research that can be abused?
(2) How can dual-use potential that is not directly identifiable be recognized at an early stage? (3) How must research be properly communicated so that public trust is sustained?
If those developing and using relevant information and technology are going to be able to work on these issues, it is critical that they are aware of dual-use potential. The team's familiarity with the topic and their ability to identify an unusual dual-use application demonstrates this. It is, therefore, important to raise awareness of dual-use and biosecurity problems as part of efforts to improve science communication-ideally as an integral part of university education. iGEM promotes engagement with these issues by embedding the technical work in a larger framing of the social context outside the laboratory through "human practices" and "public outreach" medal criteria and special awards.
As a first step in understanding how the iGEM community might better engage with dual-use and biosecurity issues, the 2018 Bielefeld-CeBiTec team began to analyze the current state of awareness of biosecurity and dual-use issues among iGEM team members. This information highlights gaps in existing efforts and sets the scene for potential solutions to be identified and implemented. 38 The team carried out an international survey on dual-use awareness. A total of 249 responses were collected from thirty-nine countries, eighty-six universities, and sixtythree different iGEM teams. Of those surveyed: . 71 percent did not know the definition of dual-use research of concern . 61 percent did not know the definition of "dual use" . 60 percent did not know a contact person to ask for questions and concerns . 63 percent criticized an indifferent or very poor education on the subject at their universities . 78 percent wanted a more pronounced education as part of their university education The team concluded that many scientists are not familiar with terms such as "dual use" and there are important gaps in university education in identifying and communicating these issues. Survey responses primarily came from undergraduate and postgraduate students, many of whom will have had minimal exposure to research. The team felt it was important that dual-use issues were introduced at the undergraduate level to help frame them as a "normal" element of good science and engineering.
Current shortcomings in education compound dual-use risks. They limit the number of working-level scientists and engineers able to engage with these issues, and further undermine public trust. A lack of widespread awareness of these issues, and a lack of tools to address them, increases the chances of ill-considered dual-use publications or unwitting publication of dual-use materials. This in turn might result in unduly strict regulations. Improving undergraduate (and graduate) education on dual-use issues would be an important step in helping to shape a more desirable future.
In order to begin a discussion around possible solutions to manage dual-use risks, the 2018 Bielefeld-CeBiTec team organized a panel discussion based on their survey results. They wanted to draw attention to the issue at their own university. They invited and included other iGEM teams to participate in the event, broadening the discussion of dual-use issues. By following up with their institution, the team succeeded in expanding the range of relevant books about dual-use problems in their university library. They also recorded a podcast in cooperation with their campus radio station, in which they explained the current situation and challenges. 39 The team also created and made freely available presentation slides on the issue to be integrated into lectures and safety instructions at their university. These slides can be adapted to individual disciplines so that the particular dual-use problems relevant to specific disciplines can be addressed. The team distributed the slides among various professors, many of whom have already integrated them into their lectures. In addition, the slides were distributed in the iGEM community. As an incentive for other iGEM teams to deal with dual-use biosecurity issues, iGEM HQ created a "seal of quality"-the Dual Use Button (Figure 3). The Dual Use Button was awarded to those teams that went through the prepared slides and screened their project for dual-use-researchof-concern issues. This project demonstrated that early-career synthetic biologists are interested in engaging with dual-use issues and associated science-communication challenges. It illustrates that tools can be developed to facilitate such engagement. It also shows the value of integrating these issues into the early education of every scientist and engineer in order to strengthen awareness and prevent future risks.
Developments over recent decades have enabled greater flow of scientific information, enabling more collaboration. Open-source information and biological data can be shared and exchanged in seconds through the internet. This also poses new dangers: sensitive information can spread around the world equally quickly. It is more crucial than ever for scientists to consider not only what data and information they make available, but also how they share them and how the data may be perceived.
In today's internet age, it is more important than ever to deal with modern biosecurity and dual-use issues. Good science communication is necessary to maintain the trust of the general public. iGEM is well placed to promote a sense of responsibility for dualuse and biosecurity issues and help communicate them worldwide. The growing size of the iGEM community, combined with its global reach, energy, and enthusiasm, has the potential to renew efforts to address dual use and biosecurity and move the discussion beyond pathogens.

Discussion
iGEM has been affected by, and in turn affected, biosecurity. Each of the case studies described above provides important insights into how current biosecurity procedures and practices may be emphasized and may need updating to better address the advent of synthetic biology. Overall, iGEM's Safety and Security Program shows that it is possible to build governance frameworks for emerging technologies in advance of formal regulation. It suggests that scientists and engineers can, and will, engage with efforts to manage risk. It demonstrates that it is possible to enable cutting-edge work while taking into account potential harm. It also highlights the importance of breaking down silos in risk assessment and management, promoting enhanced interactions between safety, security, and bioethics disciplines. It also showcases the importance of adopting the design, build, test, learn cycle for addressing issues like biosecurity.
Design iGEM's experiences with export controls highlighted the shortcomings of control lists based on taxonomy, rather than biological function. iGEM has shared its case studies with relevant policy makers in multiple settings and in several ways. In light of ongoing research programmes, such as IARPA's programme on Functional Genomic and Computational Assessment of Threats, 40 and Finding Engineering-Linked Indicators, 41 it may be timely to revisit past efforts to build a roadmap towards sequence-based or function-based approaches. For example, as recently as 2010, a National Academies study concluded, "A sequence-based prediction system for oversight of Select Agents is not possible now and will not be possible in the usefully near future." 42 Technical work being undertaken now may well inform us how to design better oversight systems.
Build iGEM's experiences demonstrate a need to build better systems. There is a mismatch between those best placed to understand the risk of deliberate misuse and those being asked to take action to prevent it. This is particularly evident in how sequences of concern are screened in commercial gene synthesis. While governments have the dedicated resources to determine which biological materials and information are of most concern, the companies providing synthesis services are left to screen them. There is a pressing need to translate the taxonomic descriptions of biological agents subject to control into comparable sequences of concern. The databases currently in use have been compiled by companies and may not readily match with the risks and threats that led to agents being placed on control lists. Advances in encryption, including procedures that allow encrypted datasets to be queried, could enable broader sharing of such data, without creating a novel information hazard. Nascent efforts to bring the technical and security communities together to work on this should be supported and sustained to ensure greater collaboration in the future. 43

Test
The iGEM community's interactions with efforts to screen commercial gene-synthesis orders demonstrate the value of having active red teaming in place to test the regimes we use to manage biosecurity risks. These activities identify potential gaps in the system or loopholes that might be exploited. Holes can then be closed and systems updated before an adversary can exploit them. They also illustrate the value of the technical and policy communities working together more closely. There is a wider need for resources and mechanisms to promote, sustain, and promulgate applied biosecurity research to refine the tools and technologies needed to assess and manage risks from synthetic biology.
Learn iGEM has included projects with clear dual-use potential. Some of these, such as the project to recycle electronics, fall outside current definitions of the type of work we may need to worry about. We should learn from these examples and revisit how we define our concerns, even if this means a fundamental re-examination of the laws and regulations we have in place. Furthermore, iGEM teams have demonstrated there is still a long way to go to raise awareness of, and foster buy-in to address, biosecurity. They have shown this is possible. They have taken the first steps in building tools for 42 National Academies of Science, Engineering and Medicine, "Sequence-Based Classification of Select Agents: A Brighter Line," National Research Council, 2010, p. viii. 43 Nuclear Threat Initiative, "Common Mechanism to Prevent Illicit Gene Synthesis," March 22, 2019, <www.nti.org/ analysis/articles/common-mechanism-prevent-illicit-gene-synthesis/>.
scientists and engineers to think about dual-use issues and have found ways to incentivize engagement. There are important opportunities to take the next steps and translate similar resources and approaches for use more broadly.
In conclusion, iGEM's Safety and Security Program has benefited from working closely with the biosecurity community. It has attempted to adapt and evolve in light of these interactions. It is well placed to generate useful lessons and insights into how to build a better governance framework. It offers a uniquely international, interdisciplinary environment in which to test new tools and approaches to biosecurity. The program is keen to share its experiences and feed the insights it has generated into efforts to strengthen biosecurity regimes around the world. iGEM remains committed to enabling the most exciting science and engineering in ways that are safe, secure, sustainable, and responsible.