English

Expanding ML-Documentation Standards For Better Security

Cryptography and Security 2025-07-17 v1 Machine Learning Software Engineering

Abstract

This article presents the current state of ML-security and of the documentation of ML-based systems, models and datasets in research and practice based on an extensive review of the existing literature. It shows a generally low awareness of security aspects among ML-practitioners and organizations and an often unstandardized approach to documentation, leading to overall low quality of ML-documentation. Existing standards are not regularly adopted in practice and IT-security aspects are often not included in documentation. Due to these factors, there is a clear need for improved security documentation in ML, as one step towards addressing the existing gaps in ML-security. To achieve this, we propose expanding existing documentation standards for ML-documentation to include a security section with specific security relevant information. Implementing this, a novel expanded method of documenting security requirements in ML-documentation is presented, based on the existing Model Cards and Datasheets for Datasets standards, but with the recommendation to adopt these findings in all ML-documentation.

Keywords

Cite

@article{arxiv.2507.12003,
  title  = {Expanding ML-Documentation Standards For Better Security},
  author = {Cara Ellen Appel},
  journal= {arXiv preprint arXiv:2507.12003},
  year   = {2025}
}

Comments

Accepted for publication at the 33rd IEEE International Requirements Engineering Workshop (REW 2025)

R2 v1 2026-07-01T04:03:46.346Z