BackCo-versioning registry

This page is still being polished. If you have thoughts, please share them via the feedback form.

Data on this page is preliminary and may change. Please do not share or cite these figures publicly.

Co-versioning registry

Lu (2024)|LLM classified

Mitigation Taxonomy

2Organisation

2.4Engineering & Development

2.4.3Development Workflows

Version control, prototyping, secure development practices, and engineering processes.

Also in Engineering & Development

2.4.1 Research & Foundations2.4.2 Design Standards2.4.4 Training & Awareness

Definitionp. 22

Co-versioning of the components or AI artifacts of AI systems provides end-to-end provenance guarantees across the entire lifecycle of AI systems. The co-versioning registry can track the co-evolution of components or AI artifacts [65, 70]. There are different levels of co-versioning: co-versioning of AI components and non-AI components, co-versioning of the artifacts within the AI components (i.e., co-versioning of data, model, code, and configurations, and co-versioning of local models and global models in federated learning). Co-versioning enables effective maintenance and evolution of AI components because the deployed model or code can be traced to the exact set of artifacts, parameters, and metadata that were used to develop the model and code

Additional Informationp. 22

Compared with traditional software, AI systems involve different levels of dependencies and may evolve more frequently due to their data-dependent behaviors. From the viewpoint of the AI system, it is important to know the version of the AI component integrated into the system. From the viewpoint of the AI component, it is important to know what datasets and parameters were used to train the AI model and what data was used to evaluate the AI model

LLM Classification Details

Reasoning

Version control system tracks dependencies between data, model, code, and parameters during development and maintenance.

Code: 2.4.3Version: v0.5Classified: Jan 22, 2026

Part of

Supply chain patterns

Other mitigations from Lu (2024) (68)

Governance Patterns

The governance for RAI systems can be defined as the structures and processes that are employed to ensure that the development and use of AI systems meet AI ethics principles. According to the structure of Shneiderman [104], governance can be built at three levels: industry level, organization level, and team level.

2.1 Oversight & Accountability

Lifecycle:Other (outside lifecycle)Actor:Governance ActorAIRM:Govern

Governance Patterns > Industry-level governance patterns

3.1 Legal & Regulatory

Lifecycle:Other (outside lifecycle)Actor:Governance ActorAIRM:Govern

Governance Patterns > Organization-level governance patterns

2.1 Oversight & Accountability

Lifecycle:Other (outside lifecycle)Actor:Governance ActorAIRM:Govern

Governance Patterns > Team-level governance patterns

2.1.2 Roles & Accountability

Lifecycle:Other (outside lifecycle)Actor:Other (multiple actors)AIRM:Govern

Process Patterns

The process patterns are reusable methods and best practices that can be used by the development team during the development process.

2.4.2 Design Standards

Lifecycle:Other (multiple stages)Actor:DeveloperAIRM:Other

Process Patterns > Requirement Engineering

2.4 Engineering & Development

Lifecycle:Plan and DesignActor:DeveloperAIRM:Map

View all 68 mitigations from this source →

Source Document

Responsible AI Pattern Catalogue: A Collection of Best Practices for AI Governance and Engineering

Lu, Qinghua; Zhu, Liming; Xu, Xiwei; Whittle, Jon; Zowghi, Didar; Jacquet, Aurelie (2024)

Responsible Artificial Intelligence (RAI) is widely considered as one of the greatest scientific challenges of our time and is key to increase the adoption of Artificial Intelligence (AI). Recently, a number of AI ethics principles frameworks have been published. However, without further guidance on best practices, practitioners are left with nothing much beyond truisms. In addition, significant efforts have been placed at algorithm level rather than system level, mainly focusing on a subset of mathematics-amenable ethical principles, such as fairness. Nevertheless, ethical issues can arise at any step of the development lifecycle, cutting across many AI and non-AI components of systems beyond AI algorithms and models. To operationalize RAI from a system perspective, in this article, we present an RAI Pattern Catalogue based on the results of a multivocal literature review. Rather than staying at the principle or algorithm level, we focus on patterns that AI system stakeholders can undertake in practice to ensure that the developed AI systems are responsible throughout the entire governance and engineering lifecycle. The RAI Pattern Catalogue classifies the patterns into three groups: multi-level governance patterns, trustworthy process patterns, and RAI-by-design product patterns. These patterns provide systematic and actionable guidance for stakeholders to implement RAI. ¬© 2024 Copyright held by the owner/author(s).

View source DOI: 10.1145/3626234

Classification

AI Lifecycle Stage

Other (multiple stages)

Applies across multiple lifecycle stages

Collect and Process DataBuild and Use ModelVerify and ValidateDeployOperate and Monitor

Responsible Actor

Developer

Entity that creates, trains, or modifies the AI system

NIST AI RMF Function

Govern

Policies, processes, and accountability structures for AI risk management

Manage

Risk Domains

Primary

7.4 Lack of transparency or interpretability

Other

7.3 Lack of capability or robustness