On Large Language Models in Mission-Critical IT Governance: Are We Ready Yet?
Esposito, Matteo; Palagiano, Francesco; Lenarduzzi, Valentina; Taibi, Davide (2025-08-20)
IEEE
20.08.2025
M. Esposito, F. Palagiano, V. Lenarduzzi and D. Taibi, "On Large Language Models in Mission-Critical IT Governance: Are We Ready Yet?," 2025 IEEE/ACM 47th International Conference on Software Engineering: Software Engineering in Practice (ICSE-SEIP), Ottawa, ON, Canada, 2025, pp. 504-515, doi: 10.1109/ICSE-SEIP66354.2025.00050
https://creativecommons.org/licenses/by/4.0/
Published under Creative Commons Attribution 4.0 International license.
https://creativecommons.org/licenses/by/4.0/
Published under Creative Commons Attribution 4.0 International license.
https://creativecommons.org/licenses/by/4.0/
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:oulu-202509246047
https://urn.fi/URN:NBN:fi:oulu-202509246047
Tiivistelmä
Abstract
Context:
The security of critical infrastructure has been a pressing concern since the advent of computers and has become even more critical in today's era of cyber warfare. Protecting mission-critical systems (MCSs), essential for national security, requires swift and robust governance, yet recent events reveal the Increasing difficulty of meeting these challenges.
Aim:
Building on prior research showcasing the potential of Generative AI (GAI), such as Large Language Models, in enhancing risk analysis, we aim to explore practitioners' views on integrating GAI into the governance of IT MCSs. Our goal is to provide actionable insights and recommendations for stake-holders, including researchers, practitioners, and policymakers.
Method:
We designed a survey to collect practical experiences, concerns, and expectations of practitioners who develop and implement security solutions in the context of MCSs.
Conclusions and Future Works:
Our findings highlight that the safe use of LLMs in MCS governance requires interdisciplinary collaboration. Researchers should focus on designing regulation-oriented models and focus on accountability; practitioners emphasize data protection and transparency, while policymakers must establish a unified AI framework with global benchmarks to ensure ethical and secure LLMs-based MCS governance.
Context:
The security of critical infrastructure has been a pressing concern since the advent of computers and has become even more critical in today's era of cyber warfare. Protecting mission-critical systems (MCSs), essential for national security, requires swift and robust governance, yet recent events reveal the Increasing difficulty of meeting these challenges.
Aim:
Building on prior research showcasing the potential of Generative AI (GAI), such as Large Language Models, in enhancing risk analysis, we aim to explore practitioners' views on integrating GAI into the governance of IT MCSs. Our goal is to provide actionable insights and recommendations for stake-holders, including researchers, practitioners, and policymakers.
Method:
We designed a survey to collect practical experiences, concerns, and expectations of practitioners who develop and implement security solutions in the context of MCSs.
Conclusions and Future Works:
Our findings highlight that the safe use of LLMs in MCS governance requires interdisciplinary collaboration. Researchers should focus on designing regulation-oriented models and focus on accountability; practitioners emphasize data protection and transparency, while policymakers must establish a unified AI framework with global benchmarks to ensure ethical and secure LLMs-based MCS governance.
Kokoelmat
- Avoin saatavuus [43406]
Ellei muuten mainita, aineiston lisenssi on https://creativecommons.org/licenses/by/4.0/