Saved in:
Bibliographic Details
Main Authors: Arif, Huzaifa, Murugesan, Keerthiram, Ko, Ching-Yun, Chen, Pin-Yu, Das, Payel, Gittens, Alex
Format: Preprint
Published: 2025
Subjects:
Online Access:https://arxiv.org/abs/2511.08484
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866910170360053760
author Arif, Huzaifa
Murugesan, Keerthiram
Ko, Ching-Yun
Chen, Pin-Yu
Das, Payel
Gittens, Alex
author_facet Arif, Huzaifa
Murugesan, Keerthiram
Ko, Ching-Yun
Chen, Pin-Yu
Das, Payel
Gittens, Alex
contents We propose patching for large language models (LLMs) like software versions, a lightweight and modular approach for addressing safety vulnerabilities. While vendors release improved LLM versions, major releases are costly, infrequent, and difficult to tailor to customer needs, leaving released models with known safety gaps. Unlike full-model fine-tuning or major version updates, our method enables rapid remediation by prepending a compact, learnable prefix to an existing model. This "patch" introduces only 0.003% additional parameters, yet reliably steers model behavior toward that of a safer reference model. Across three critical domains (toxicity mitigation, bias reduction, and harmfulness refusal) policy patches achieve safety improvements comparable to next-generation safety-aligned models while preserving fluency. Our results demonstrate that LLMs can be "patched" much like software, offering vendors and practitioners a practical mechanism for distributing scalable, efficient, and composable safety updates between major model releases.
format Preprint
id arxiv_https___arxiv_org_abs_2511_08484
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle Patching LLM Like Software: A Lightweight Method for Improving Safety Policy in Large Language Models
Arif, Huzaifa
Murugesan, Keerthiram
Ko, Ching-Yun
Chen, Pin-Yu
Das, Payel
Gittens, Alex
Artificial Intelligence
We propose patching for large language models (LLMs) like software versions, a lightweight and modular approach for addressing safety vulnerabilities. While vendors release improved LLM versions, major releases are costly, infrequent, and difficult to tailor to customer needs, leaving released models with known safety gaps. Unlike full-model fine-tuning or major version updates, our method enables rapid remediation by prepending a compact, learnable prefix to an existing model. This "patch" introduces only 0.003% additional parameters, yet reliably steers model behavior toward that of a safer reference model. Across three critical domains (toxicity mitigation, bias reduction, and harmfulness refusal) policy patches achieve safety improvements comparable to next-generation safety-aligned models while preserving fluency. Our results demonstrate that LLMs can be "patched" much like software, offering vendors and practitioners a practical mechanism for distributing scalable, efficient, and composable safety updates between major model releases.
title Patching LLM Like Software: A Lightweight Method for Improving Safety Policy in Large Language Models
topic Artificial Intelligence
url https://arxiv.org/abs/2511.08484