⚡ TEST-TIME COMPUTE / SYSTEM 2 — Reasoning Hierarchy & Inference-Time Scaling

System 1 bereaksi. System 2 berpikir. Tapi System 2 bisa diserang saat sedang berpikir — dan serangan itu terjadi di dalam pikiran itu sendiri.

Cara Baca

Level = Kedalaman reasoning. Kolom Blue Team = mekanisme kontrol dan alignment. Kolom Red Team = cara mengeksploitasi atau memanipulasi reasoning tersebut. Baca dari bawah (System 1 / Direct) ke atas (Meta-Cognitive) untuk memahami eskalasi kompleksitas kognitif.

Tabel Reasoning per Level & Compute Stage

LapisanInference Stage / Reasoning Ring⚡ Mekanisme & Kemampuan🔵 Blue Team (Alignment & Control)🔴 Red Team (Exploit & Manipulation)
Meta-Cognitive ArchitectureLevel 7 (Reasoning tentang reasoning)Router model, System 1/2 arbitrator, dynamic compute allocation, cognitive architecture (Soar/ACT-R inspired), recursive oversightMeta-alignment, architectural invariants, reasoning policy enforcement, recursive monitoring, capability controlMeta-manipulation (“kamu tidak perlu berpikir lama”), architecture confusion, System 1 override, recursive jailbreak
Test-Time Scaling (o1-style)Level 6 (Hidden chain, massive compute budget)Hidden CoT, RL-at-inference, compute-optimal scaling, token scaling laws, long unmonitored reasoning chainsOutput-only alignment, behavioral constraints, compute budget caps, sandboxing, refusal training on final outputHidden thought extraction (think-tag leakage), compute exhaustion attacks, reasoning trace side-channel (timing/token count), obfuscated jailbreak via hidden reasoning
Verification / PRMLevel 5 (External judgment, step-level scoring)Process Reward Model (PRM), Outcome Reward Model (ORM), step-level verification, critique model, debateVerifier robustness, reward model ensemble, adversarial training on verifiers, human-in-the-loop, conservative scoringReward model overoptimization, verifier deception, fake step justification, length exploitation (longer = higher reward), process reward hacking
Reflection / Self-CorrectionLevel 4 (Meta-cognitive critique, iterative refinement)Generate → Critique → Revise loop, error detection in own output, self-correction prompt, iterative refinementCritique model alignment, revision bounds, rollback mechanisms, correction audit trails, maximum iteration guardsReflection manipulation (“kritikmu salah”), infinite loop injection, correction fatigue, critique hijacking, “ignore all previous corrections”
Self-Consistency / EnsembleLevel 3 (Parallel sampling, majority voting)Multiple CoT samples, aggregate answers, confidence scoring, consistency threshold, outlier rejectionDivergence detection, outlier filtering, consistency threshold tuning, cross-check mechanisms, uncertainty quantificationConsistency exploitation (wrong answer made consistent), majority vote poisoning, confidence calibration attacks, self-confirming bias injection
Tree-of-Thought (ToT)Level 2 (Branching search, exploration)Generate multiple reasoning paths, evaluate states, backtrack, BFS/DFS over reasoning space, deliberate searchBranch evaluation scoring, pruner alignment, search tree monitoring, consensus validation, exploration budget limitBranch poisoning, evaluation function manipulation, reward hacking in pruner, dead-end injection, search space exhaustion
Chain-of-Thought (CoT)Level 1 (Linear reasoning, single path)Step-by-step token generation, “Let’s think step by step”, intermediate reasoning tokens, arithmetic decompositionCoT monitoring, step-wise alignment, reasoning trace audit, thought sanitization, step-level refusal trainingCoT injection (“Ignore previous steps…”), reasoning hijacking, step-wise manipulation, distraction injection mid-reasoning, “suddenly the answer is…”
System 1 / Direct InferenceLevel 0 (Instant response, zero reasoning)Pattern matching, cached response, next-token prediction, zero-shot completion, reflexive answerInput filtering, prompt moderation, output classifier, refusal training, blocklist, embedding guardrailsDirect injection, character-level bypass, base64/rot13 encoding, translation attacks, prompt smuggling, suffix attacks (GCG)

Contoh Implementasi dan Penjelasan

Pada setiap level, ada contoh implementasi yang dapat membantu memahami konsep tersebut. Misalnya, pada level Meta-Cognitive Architecture, kita dapat menggunakan router model untuk mengarahkan aliran pemikiran antara System 1 dan System 2. Berikut adalah contoh kode Python sederhana untuk menggambarkan router model:

class RouterModel:
    def __init__(self, system1, system2):
        self.system1 = system1
        self.system2 = system2
 
    def route(self, input_data):
        if input_data["complexity"] > 5:
            return self.system2.process(input_data)
        else:
            return self.system1.process(input_data)

Pada contoh di atas, RouterModel memutuskan apakah input data harus diproses oleh System 1 atau System 2 berdasarkan tingkat kompleksitasnya.

Peta Posisi Reasoning — Test-Time Compute

Level 7  │ Meta-Cognitive Architecture  → Router + arbitrator + recursive oversight
Level 6  │ Test-Time Scaling (o1-style) │ Hidden CoT, massive compute, RL-at-inference
Level 5  │ Verification / PRM           │ Process Reward Model, step-level judge
Level 4  │ Reflection / Self-Correction │ Generate → Critique → Revise loop
Level 3  │ Self-Consistency / Ensemble  │ Parallel samples, majority vote
Level 2  │ Tree-of-Thought (ToT)      │ Branching search, BFS/DFS reasoning
Level 1  │ Chain-of-Thought (CoT)     │ Linear step-by-step reasoning
Level 0  │ System 1 / Direct          → Instant pattern matching, zero deliberation

Setiap level memiliki karakteristik dan kelemahan yang unik, sehingga memahami posisi reasoning dalam hierarki ini sangat penting untuk membangun sistem yang kuat dan aman.

Koneksi: System 2 ↔ AI Levels ↔ Agentic AI

Test-Time Compute Level 6 (o1-style)
        │
        └── KONSEP IDENTIK ──► AI Levels Level 11 (Omega Point)
                               AI Levels Level 10 (Self-Improving)
                               ← ini bukan kebetulan: Test-Time Compute adalah
                                 jembatan dari static model ke dynamic reasoning

Chain-of-Thought Level 1 → ToT Level 2 → Reflection Level 4
        │
        └── DIPAKAI OLEH ───► Agentic AI (ReAct loop)
                              Hermes Agent (reasoning + tool use)
                              MCP orchestration (multi-step planning)
                              ← semua agent framework membutuhkan reasoning hierarchy

Process Reward Model Level 5
        │
        └── DIPAKAI OLEH ───► Alignment research (RLHF, DPO, KTO)
                              Red Teaming LLM (jailbreak via reasoning manipulation)
                              ← PRM adalah senjata ganda: alignment tool dan attack surface

Koneksi antara Test-Time Compute, AI Levels, dan Agentic AI menunjukkan bahwa reasoning hierarchy ini tidak hanya penting untuk memahami bagaimana sistem berpikir, tetapi juga bagaimana sistem dapat dipakai untuk tujuan yang lebih luas, seperti pengembangan agen cerdas dan sistem yang lebih aman.

Tips dan Peringatan

  • Sebelum deploy reasoning model, pastikan untuk memeriksa apakah reasoning trace dapat diakses oleh attacker dan apakah compute budget dapat di-exhaust via input adversarial.
  • Jangan lupa untuk mempertimbangkan keamanan dan privasi data pengguna dalam pengembangan sistem yang menggunakan Test-Time Compute.
  • Perlu diingat bahwa teknik Test-Time Compute dapat digunakan untuk tujuan yang baik (seperti alignment dan pengembangan agen cerdas) atau tujuan yang buruk (seperti serangan cyber dan manipulasi).

🔗 Lihat Juga

Dengan memahami konsep Test-Time Compute dan reasoning hierarchy, kita dapat mengembangkan sistem yang lebih cerdas, aman, dan efisien. Namun, perlu diingat bahwa keamanan dan privasi data pengguna harus menjadi prioritas utama dalam pengembangan sistem ini.