Skip to content
Longterm Wiki
Back

NIST COSAiS: Control Overlays for Securing AI Systems

government
NIST·csrc.nist.gov/projects/cosais

Credibility Rating

5/5
Gold(5)

Gold standard. Rigorous peer review, high editorial standards, and strong institutional reputation.

Rating inherited from publication venue: NIST

This NIST government project is directly relevant to AI safety governance and deployment security, providing official U.S. standards-body guidance for securing AI systems in operational environments.

Metadata

Importance: 55/100guidance documentreference

Summary

The NIST COSAiS project develops security control overlays based on NIST SP 800-53 to address unique security challenges of AI systems, including predictive AI and generative AI. It builds on existing NIST frameworks (SP 800-218A, AI 600-1, AI 100-2) to provide practical, standardized security guidance for organizations deploying AI. The project actively solicits stakeholder feedback through workshops and collaboration channels.

Key Points

  • Develops security control overlays extending NIST SP 800-53 specifically for AI system security contexts
  • Integrates multiple existing NIST AI frameworks including SP 800-218A (secure AI development) and AI 100-2 (adversarial ML)
  • Initially focuses on a predictive AI overlay, with broader coverage of AI system types planned
  • Employs participatory development via workshops, Slack channels, and email feedback solicitation
  • Provides practical compliance-oriented guidance bridging general cybersecurity controls and AI-specific risks

Cited by 1 page

PageTypeQuality
NIST AI Risk Management Framework (AI RMF)Policy60.0

Cached Content Preview

HTTP 200Fetched Apr 9, 20265 KB
SP 800-53 Control Overlays for Securing AI Systems | CSRC 
 
 
 
 
 
 
 
 

 

 
 
 
 
 
 
 

 
 
 
 
 
 

 
 
 


 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

 
 

 


 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 You are viewing this page in an unauthorized frame window. 
 This is a potential security issue, you are being redirected to https://csrc.nist.gov .


 

 
 
 
 
 
 
 
 
 
 Official websites use .gov 
A
 .gov website belongs to an official government
 organization in the United States.
 


 
 
 
 
 
 
 Secure .gov websites use HTTPS 
A
 lock (
 
 
 Lock 
 Locked padlock icon 
 
 
 ) or https:// means you’ve safely connected to
 the .gov website. Share sensitive information only on official,
 secure websites.
 


 
 
 
 
 
 

 

 
 
 
 
 
 
 Information Technology Laboratory 
 
 
 Computer Security Resource Center 
 
 
 
 
 
 
 
 
 
 
 
 
 

 
 
 




 
 Projects 
 


 SP 800-53 Control Overlays for Securing AI Systems COSAiS 




 
 Share to Facebook 
 Share to X 
 Share to LinkedIn 
 Share ia Email 
 

 
 
 
 Project Links


 
 
 
 Overview
 
 
 
 
 FAQs
 
 
 
 
 Events
 
 
 
 
 Publications
 
 
 
 
 
 
 


 
 Overview



 


 
 
 
 Recent Updates 
 

 
 
 January 8, 2026: To facilitate discussion at the Cyber AI Profile Workshop #2 on January 14, 2026, an annotated outline (discussion draft) of Control Overlays for Securing AI Systems: Using and Fine-Tuning Predictive AI is available for review. Feedback is welcomed at the workshop, through ongoing engagement in the COSAiS Slack Channel, and by email to [email protected] . Initial feedback on this annotated outline should be submitted by February 13, 2026 to ensure consideration for inclusion in the initial public draft. 

 August 14, 2025: The NIST SP 800-53 Control Overlays for Securing AI Systems Concept Paper is available for comment, and we welcome stakeholders to join the NIST Overlays Securing AI Systems Slack Collaboration to engage in facilitated discussions with the NIST principal investigators and other subgroup members, share ideas, provide real-time feedback, and contribute to overlay development.

 Feedback about the concept paper and questions about the development of the overlays can be sent to [email protected] . 

 
 
 
 

 
 
 The Control Overlays for Securing AI Systems (COSAiS) project will develop a series of overlays for securing AI systems using the NIST Special Publication (SP) 800-53 controls . The control overlays will also leverage NIST SP 800-218A , Draft NIST AI 800-1 , and NIST AI 100-2e2025 . 

 

 
 

 The control overlays are an implementation-focused series of guidelines that address use cases involving different types of AI systems and specific AI system components (e.g., training and test data, model weights and configuration settings). The overlays are focused on

... (truncated, 5 KB total)
Resource ID: d63d3ee303806c47 | Stable ID: sid_dXHn6s3Gkl