AI & Tech Daily
Europe and Ukraine Build a Drone Alliance as Military AI Testing Accelerates
Europe and Ukraine form a joint drone industrial alliance, while DARPA puts an AI agent in control of a modified F-16 and US lawmakers propose human command responsibility for military AI. We also examine Stormbreaker’s critical-infrastructure testbed, agentic chip-design automation at Rapidus, AWS water-withdrawal reporting, new international vulnerability-disclosure guidance and hosted access to Moonshot’s Kimi K3. Finally, GitHub Copilot adds an on-demand security review for local code changes.
Full transcript
Read the episode.
I'm Jesse Owen. This is AI and Tech Daily.
Europe’s Drone Alliance
Europe and Ukraine are creating a shared pipeline for drones and counter-drone systems. The difficult part will be ensuring that industrial speed doesn’t outrun human control.
On 17 July, the European Commission launched an 18-member EU–Ukraine Drone Alliance. The plan is to establish joint ventures and accelerate the development and production of drone and counter-drone technology.
Ukraine brings hard-earned operational experience: rapid iteration under battlefield conditions, exposure to electronic warfare and direct knowledge of which systems survive contact with a capable adversary. European manufacturers and researchers bring industrial capacity, while defence customers provide a potential route into broader procurement.
For now, this is a framework, not evidence of higher production volumes or better field performance. The alliance still has to turn cooperation into contracts, factories and systems that work reliably. It also arrives as autonomy, targeting support and counter-drone technology are advancing faster than many shared rules governing accountability and exports.
For defence suppliers, the likely gain is a shorter path from battlefield lesson to production design. My concern is that the same compression can reduce the time available for safety review and policy. If the alliance succeeds industrially, meaningful human control will need to be designed into its systems and procurement standards, rather than added after deployment.
An AI Agent Flies an F-16
That tension between fast experimentation and retained authority is already visible in the air.
DARPA said on 16 July that an AI agent had controlled a VENOM-modified F-16 during flight. VENOM converts operationally derived F-16 aircraft into reusable platforms for AI development. That distinguishes it from the specialised X-62A VISTA test aircraft used in earlier autonomous-flight experiments.
The practical value is repeatability. Researchers can test different agents, aircraft combinations and human–machine formations on a platform closer to operational aviation. A human still retains override authority, and the disclosed flight remains an experiment. It isn’t evidence that autonomous combat aircraft are being deployed.
The test nevertheless raises the verification bar. An agent controlling a fast, complex aircraft needs to behave safely not only in expected scenarios, but also when sensors disagree, communications fail or another aircraft does something surprising. A nominal human override is only useful if the operator has enough information and time to intervene.
For military AI teams, VENOM could make realistic testing easier and more frequent. The harder task is now proving that intervention mechanisms work under pressure. Flight capability is an impressive milestone; dependable command responsibility is the condition that determines whether the technology can move beyond controlled trials.
Testing Agents Around the Power Grid
Away from aircraft, US energy agencies are building a place to find agent failures before they reach critical infrastructure.
The Department of Energy and Lawrence Livermore National Laboratory introduced Stormbreaker on 16 July. It’s a testbed for evaluating language models and AI agents in electrical-power and operational-technology environments — the systems that monitor and control physical equipment.
Unlike a fixed benchmark, Stormbreaker can vary the model, prompt, available tools, installed skills and target environment. That matters because an agent that looks competent on a static test can fail once tool permissions, incomplete instructions and changing system conditions interact. Dynamic evaluation can expose unsafe actions or brittle reasoning that a single score conceals.
The announcement establishes the testing capability; it doesn’t demonstrate that current agents are ready for unsupervised grid control. Results inside a testbed also can’t reproduce every operational dependency, legacy device or human response found in a real network.
For energy operators and security teams, this should make it easier to test a proposed agent against realistic failure modes before granting access. My read is that Stormbreaker is most useful as a gate, not a certificate: passing its scenarios can improve evidence, but production systems still need narrow permissions, independent safeguards and a human with final authority.
Agents Enter Advanced Chip Design
A different kind of agent is being aimed at one of computing’s most expensive workflows: designing the chips themselves.
Rapidus announced that it plans to integrate Cadence’s InnoStack AI Super Agent with the Rapidus Raads design environment. The proposed workflow covers architecture exploration, implementation and sign-off, with new Navigator and Indicator tools intended to help coordinate the process.
Rapidus is targeting as much as a twofold improvement in design turnaround time. That’s a company objective, not an independently demonstrated result. It’s still notable because advanced chip development involves many specialised tools, constraints and hand-offs. Agent orchestration could reduce the time engineers spend moving between those stages or repeating work after a design change.
But speed during exploration is only valuable if the result survives sign-off: the rigorous checks used to verify timing, power, physical layout and manufacturability before fabrication. A subtle mistake that reaches silicon is far more expensive than a flawed draft of ordinary software.
For semiconductor and electronic-design-automation teams, the opportunity is to explore more design options within the same schedule. The sensible measure of success won’t be how quickly the agent produces a candidate. It’ll be how much verified cycle time disappears without increasing late-stage failures or forcing engineers to redo opaque automated decisions.
Defining Human Command
The question of who remains responsible for military AI is also moving into legislation, although only at an early stage.
The Human Authority over Autonomous Weapons Act of 2026, numbered H.R. 9729, was introduced in the US House on 16 July and referred to the Armed Services Committee. It proposes appropriate human command responsibility over autonomous weapons and other AI-enabled military systems.
This is not enacted law. Its wording, prospects and enforcement could all change during the legislative process. Even so, the proposal focuses on a critical issue exposed by systems such as AI-controlled aircraft: having a person somewhere in the chain doesn’t necessarily mean that person exercises meaningful control.
A human may technically approve an action while lacking the time, context or system understanding needed to challenge it. Effective command responsibility therefore depends on engineering details — what the operator can see, which actions require confirmation, how control can be recovered and whether decisions can be reconstructed afterwards.
For defence organisations and suppliers, clearer accountability could reduce ambiguity around procurement and deployment. The policy test is whether lawmakers translate “human command” into controls that can be verified. If it becomes only a nominal approval step, responsibility will remain human on paper while practical authority shifts to the system.
AWS Makes Water Use Visible
Now to cloud infrastructure, where AWS customers are getting a new environmental measure alongside their carbon data.
AWS Sustainability now reports annual data-centre water withdrawals by region, service and account through the AWS console and API. Water withdrawal measures water taken from a source; it isn’t automatically the same as water consumed or permanently removed from the local system.
The added detail gives organisations a way to associate their workloads with regional water use. That’s increasingly relevant for large AI deployments, which can drive substantial demand for computing and cooling. An API also makes it possible to incorporate the figures into internal reporting or architecture reviews instead of relying only on a high-level corporate total.
There are limits. Measurement doesn’t reduce consumption by itself, and annual figures can conceal seasonal stress. The same volume can have very different consequences in a water-secure region and an area facing scarcity.
For cloud and sustainability teams, region selection can now include a more specific water signal rather than carbon and cost alone. The useful analysis will combine AWS’s withdrawal figures with local water availability. Otherwise, a precise account-level number may create a sense of accuracy without showing the actual pressure placed on a community or catchment.
A Baseline for Vulnerability Reports
For software suppliers, several national cyber agencies have now set out what a credible vulnerability-disclosure process should contain.
On 15 July, the NSA, CISA, Japan’s JPCERT/CC and Dutch and UK authorities released joint coordinated vulnerability-disclosure guidance. It covers public reporting policies, sufficiently broad testing scopes, communication with researchers, triage, remediation and the use of independent coordinators when direct engagement breaks down.
The guidance addresses a familiar operational failure: a researcher finds a serious flaw, but the report goes to the wrong inbox, receives no acknowledgement or is rejected because the supplier’s policy defines permitted testing too narrowly. A public page alone doesn’t solve that. Someone needs to own incoming reports, assess them consistently and keep the researcher informed while a fix is prepared.
This guidance isn’t binding, and it can’t guarantee quick remediation or consistent legal treatment for researchers. Its value is as a common baseline across several jurisdictions.
For vendors, the editorial takeaway is fairly concrete: vulnerability disclosure should be run as an incident-handling process, not a compliance document. A clear route, named responsibility and reliable communication make it less likely that a valid warning is lost — or disclosed publicly after the supplier failed to engage.
Kimi K3 Opens Through API
In frontier models, Moonshot has added another very large option for developers willing to evaluate vendor claims for themselves.
Moonshot introduced Kimi K3 on 14 July with hosted and API access. The company describes it as a natively multimodal mixture-of-experts model with 2.8 trillion total parameters. Sixteen of its 896 experts are active for each token, and Moonshot claims a context window of one million tokens.
A mixture-of-experts architecture routes each token through only part of the model, aiming to provide large overall capacity without using every parameter for every calculation. Those figures describe the design, though; they don’t establish reliability, latency or cost in a real workload.
Moonshot also reports strong coding and agent benchmark results, but those remain vendor claims pending broader independent testing. Full weights are promised for 27 July. Until they’re actually released, Kimi K3 shouldn’t be described as a currently available full open-weight model.
For developers comparing frontier suppliers, the hosted service creates a genuine evaluation option now. What becomes worth doing is testing it on representative multimodal and long-context tasks, with attention to output quality, operating cost and data handling. Parameter count and an enormous claimed context window are interesting specifications, not substitutes for production evidence.
What Changes for You
One smaller release could be useful before your next pull request, provided you treat it as an extra set of eyes.
GitHub has added a `/security-review` command to the Copilot desktop app. It examines changes in the current workstream for high-confidence issues such as injection, cross-site scripting, path traversal, insecure data handling and weak cryptography. The result includes severity, confidence and suggested fixes.
The public preview is available to Copilot Free, Pro, Business and Enterprise users. For working developers, that means an on-demand security pass can now happen locally in the normal flow, before code is committed or a pull request is opened. It may catch an obvious unsafe pattern while the surrounding decisions are still fresh.
The limitation is substantial: this is an AI-generated review in public preview. It can miss vulnerabilities or propose an incomplete fix, and it doesn’t replace tests, CodeQL, dependency and secret scanning, or specialist review for consequential systems. Its best role is an early filter that makes routine checking easier, while established security controls remain responsible for the harder failures.
You'll find the sources and full transcript at owenonthenet.com. Thanks for listening.
Sources
Reporting behind this episode.
- defence-industry-space.ec.europa.eu/commission-launches-eu-ukraine-drone-alliance-boost-drone-and-counter-drone-technology-2026-07-17_en
- darpa.mil/news/2026/darpa-us-air-force-fly-ai-controlled-f-16
- energy.gov/ceser/articles/ceser-releases-new-testbed-advance-llm-and-agentic-ai-evaluation-critical
- rapidus.inc/en/news_topics/information/20260717-3/
- govinfo.gov/app/details/BILLS-119hr9729ih
- aws.amazon.com/about-aws/whats-new/2026/07/aws-sustainability-water-withdrawals/
- nsa.gov/Press-Room/Press-Releases-Statements/Press-Release-View/Article/4546549/nsa-joins-cisa-and-others-in-releasing-the-cybersecurity-information-sheet-esta/
- kimi.com/blog/kimi-k3
- github.blog/changelog/2026-07-14-security-reviews-now-available-in-the-github-copilot-app/