@InProceedings{Batzolis2026:LLMLifecycle, author = "Batzolis, Eleftherios and Drosatos, George and Katsouros, Vassilis and Rantos, Konstantinos", editor = "Kieseberg, Peter and Skopik, Florian and Atli, Buse and Schrittwieser, Sebastian and Asplund, Mikael", title = "A Security-Oriented Lifecycle Model for Large Language Model Systems", booktitle = "Availability, Reliability and Security — ARES 2026 EU Projects Symposium Workshops", year = "2026", publisher = "Springer Nature Switzerland AG", address = "Cham", pages = "1--18", abstract = "Large language models are being integrated into critical infrastructure and enterprise workflows at unprecedented scale,yet the lifecycle frameworks governing their development and operations were designed for operational efficiency rather than security analysis. As a result, security-relevant activities such as data provenance verification, artifact signing, agentic permission control, and decommissioning are often left implicit or assumed to receive due care. Governance frameworks, in turn, organise requirements around risk levels or management processes without clearly linking them to the lifecycle stages where they apply. This paper addresses both deficiencies. We propose a lifecycle model for LLM systems that supports security analysis by structuring it around security-relevant boundaries rather than workflow optimisation. The model comprises 32~stages across four core pipeline layers (Data, Model, Distribution, Application), supported by a 12-stage LLMOps pillar and a 9-category governance pillar. Thirteen stages are introduced here as separate units because they expose distinct security concerns that existing frameworks do not clearly distinguish. A governance mapping synthesising the NIST AI~RMF, the EU~AI Act, and ISO/IEC~42001 reveals a structural property of the current regulatory landscape: governance evidence concentrates at deployment-facing stages, where systems are visible to regulators, while the most consequential decisions, data selection, alignment strategy, and capability boundaries, are made at development-facing stages, where regulatory visibility is lowest." }