ARIA has opened a £20 million funding call to prove that AI can make cyber defence far stronger by backing critical software with mathematical proof. Through its Safeguarded AI programme, teams can win grants of up to £3.5 million to build and test security-critical software whose key properties are guaranteed by machine-checked proofs. The deadline to apply is 1 July 2026.
AI is making it cheaper and faster to attack software, and the number of capable attackers is growing. ARIA, the UK’s Advanced Research and Invention Agency, thinks the answer is to flip that advantage back to defenders by using AI to formally prove that critical software behaves exactly as it should. This funding call, part of the Safeguarded AI programme, is where that idea gets tested on real, high-value systems.
Below, I’ve explained the key things you need to know about this competition before you apply: who is eligible, how much funding is on the table, and what the application process looks like.
Find Out if You're Eligible Now
To find out if you and your project are suitable for this grant, book in a free Competitiveness and Eligibility Assessment. In just 25 minutes, I’ll tell you:
- Whether you’re a strong candidate for this competition
- Other grants you may be eligible for
- What other sources of funding we can help you secure
Never Miss a Funding Opportunity
New grant competitions are opening all the time. Make sure you don’t miss out by subscribing to GrantTree’s newsletter.
Who is Eligible?
Your Organisation
ARIA welcomes applications from across the R&D ecosystem, so whether you’re a startup, a small or medium-sized enterprise (SME), an established company, a university or a non-profit, you can apply. You can apply as a single organisation or as a team spanning several institutions, including across academia, industry and non-profits.
To be eligible, you must:
- Carry out the majority of the project in the UK, meaning more than half of your project costs and your team’s time, although ARIA can make exceptions where there’s a strong case for UK benefit
- Keep the Red Team and Blue Teams independent, so while you’re free to apply to both tracks, ARIA won’t appoint the same organisation or team to both
Your Project
Your project must:
- Finish by the end of November 2027
- Run for 10 to 15 months
- Start from around 1 September 2026, with later start dates possible as ARIA reviews applications on a rolling basis
The majority of your project, meaning more than half of its costs and your team’s time, must be carried out in the UK, and you’ll need to show how the work benefits the UK.
Your project must also:
- Make AI a load-bearing part of how you reach the speed, scale or level of assurance you’re aiming for
- Publish your specifications and proof artefacts openly
- Show a credible route to getting the work into real-world use, like direct deployment, upstreaming, partnership or a spinout
- Target a high-leverage component, like one that sits at a trust boundary or choke-point, where proven correctness gives outsized security gains
How Much Funding Can I Apply For?
How much you can apply for depends on which of the two tracks you go for, and ARIA funds 100% of project costs.
Individual grants range from around £2 million to £3.5 million. You’d apply to the track that fits what your team does best.
Track 1: Blue Teams
ARIA will fund 3 to 6 teams to build and formally verify production-grade, security-critical software components. Each project gets around £2.5 million to £3.5 million under ARIA’s R&D funding terms. Your job is to build components whose key security properties are backed by machine-checked proofs, using AI to reach a level of formal proof that wouldn’t otherwise be practical. ARIA expects most of the budget to go on a small, high-calibre technical team, usually 2 to 4 people, plus compute costs.
Track 2: Red Team
ARIA will also fund one central Red Team to stress-test every Blue Team’s system on each cycle and document what they find. This sits at around £2 million to £3 million under ARIA’s commercial service terms, which is a service contract rather than an R&D grant. As with the Blue Teams, AI needs to be central to how you find and develop attacks. You’d work across 3 to 5 Blue Teams at once, so you’ll need the discipline to keep each engagement independent.
How Do I Apply?
The deadline for applications is 1 July 2026.
Applications are submitted through ARIA’s grant platform.
This is a single-stage competition, so there’s no expression of interest to clear first. You submit one written proposal: up to five pages for Track 1, and up to three pages for Track 2. ARIA also keeps reviewing applications on a rolling basis after the first deadline, so later submissions can still be considered if the right teams haven’t been found.
Your proposal needs to cover three things.
Project and Technical Information
This is the core of your proposal. It should set out:
- How you’ll use AI across the full workflow, from specification through to proof and testing, and how you’ll keep the quality of your assurances high as that workflow scales
- The component you’ll target first, why securing it matters, the threat model you’re assuming, and the exact security properties you’ll specify and prove
- The more ambitious follow-on targets you’d move on to if the first one succeeds
- The trusted base, key dependencies and remaining assumptions that sit outside your proof boundary
Track 1 proposals can be up to five pages, and Track 2 proposals up to three pages.
Information About Your Team
Use this section to show you can actually do the work. ARIA wants to see who your core contributors are, how you split the work across security, systems engineering, formal methods and AI, the most relevant things you’ve built or verified before, and how you’d drive real-world adoption. It cares more about demonstrated capability and ambition than about conventional signals of prestige.
Administrative Questions
You’ll also answer a set of administrative questions in the portal, covering your budget, any background IP you rely on, conflicts of interest, and, for non-UK applicants, how the project benefits the UK. These don’t count towards your page limit.
Your proposal will be reviewed by ARIA’s Programme Director alongside expert technical reviewers, both inside and outside ARIA.
If you’re successful, you’ll be notified by 31 July 2026. Shortlisted applicants can be invited to meet the Programme Directors on 21 and 22 July 2026, and this can happen virtually.
ARIA makes its final decision by looking at the strength of the whole programme portfolio and how well it fits the programme’s goals, not just individual proposal scores. This means a strong proposal on its own won’t guarantee that your application is successful.
Maximise Your Chances of Securing Funding
GrantTree has 15 years of experience helping startups, scaleups and established businesses secure over £500 million in innovation funding.
We offer Full Service Write, Grant Review and Grant Matching, plus our bespoke Elevate package, which combines writing, review, coaching and matching to maximise your chances of success.
We work closely with active grant assessors to understand exactly what it takes to prepare a compelling application.
To find out how we can help, just get in touch.
