[2510.06790] Get RICH or Die Scaling: Profitably Trading Inference Compute for Robustness

Computer Science > Machine Learning arXiv:2510.06790 (cs) [Submitted on 8 Oct 2025 (v1), last revised 26 Mar 2026 (this version, v3)] Title:Get RICH or Die Scaling: Profitably Trading Inference Compute for Robustness Authors:Tavish McDonald, Bo Lei, Stanislav Fort, Bhavya Kailkhura, Brian Bartoldson View a PDF of the paper titled Get RICH or Die Scaling: Profitably Trading Inference Compute for Robustness, by Tavish McDonald and 4 other authors View PDF HTML (experimental) Abstract:Test-time reasoning has raised benchmark performances and even shown promise in addressing the historically intractable problem of making models robust to adversarially out-of-distribution (OOD) data. Indeed, recent work used reasoning to aid satisfaction of model specifications designed to thwart attacks, finding a striking correlation between LLM reasoning effort and robustness to jailbreaks. However, this benefit fades when stronger (e.g. gradient-based or multimodal) attacks are used. This may be expected as models often can't follow instructions on the adversarially OOD data created by such attacks, and instruction following is needed to act in accordance with the attacker-thwarting spec. Thus, we hypothesize that the test-time robustness benefits of specs are unlocked by initial robustness sufficient to follow instructions on OOD data. Namely, we posit the Robustness from Inference Compute Hypothesis (RICH): inference-compute defenses profit as the model's training data better reflects the...