---
license: apache-2.0
license_link: https://huggingface.co/Qwen/Qwen2.5-1.5B-Instruct/blob/main/LICENSE
language:
- en
pipeline_tag: text-generation
base_model: Qwen/Qwen2.5-1.5B-Instruct
tags:
- chat
- mlx
- gguf
- llama.cpp
- ollama
- security
- threat-modeling
- structured-output
- json
library_name: mlx
---

# PWNISMS-Threat-Model-Structured

Fused [MLX](https://github.com/ml-explore/mlx) and GGUF releases of **Qwen2.5-1.5B-Instruct** fine-tuned to emit **valid JSON** matching a **PWNISMS** structured threat model (seven domains: Product, Workload, Network, IAM, Secrets, Monitoring, SupplyChain), with optional STRIDE cross-tags and concrete mitigations.

## Base Model And License

- **Base:** [`Qwen/Qwen2.5-1.5B-Instruct`](https://huggingface.co/Qwen/Qwen2.5-1.5B-Instruct) (Apache-2.0).
- This release is a **derivative work** of the base model. The base license applies; retain notices and state modifications as required by Apache-2.0. See [`LICENSE`](LICENSE).

## Training Summary

- **Method:** LoRA fine-tuning on MLX (`mlx_lm`), then fused into a single checkpoint.
- **Base:** `Qwen/Qwen2.5-1.5B-Instruct`
- **LoRA:** rank 8, scale 20, 16 layers, max sequence length 10240, 1200 iterations.
- **GGUF conversion:** llama.cpp `convert_hf_to_gguf.py`, plus Q4_K_M quantization with `llama-quantize`.

## Output Contract

The model is trained to answer with **JSON only** for a chat shaped as:

- **System:** PWNISMS architect instructions requiring all seven domains, concrete mitigations, and scenario-grounded components.
- **User:** Markdown system description.

The expected object is defined by the included [`threat_model_schema.json`](threat_model_schema.json).

**Minimum bar:** at least **5** threats, exactly **7** `pwnisms_coverage` entries, and each threat id must appear under its domain’s `threat_ids`.

## Limitations And Evaluation

Internal pulse check (n=20 held-out style samples, local script): **16/20** parse as JSON, **12/20** pass full Pydantic validation, and **12/20** cover all seven domains with the schema. Real deployments should validate outputs with Pydantic or JSON Schema and never treat this model as a substitute for expert review.

Long scenarios can need **up to ~12k output tokens**; lower caps may truncate JSON.

## Load And Generate (MLX)

```python
from mlx_lm import load, generate

model, tokenizer = load("abhaybhargav/PWNISMS-Threat-Model-Structured")

system = """You are a senior security architect. Produce a PWNISMS threat model for the described system.
Address all seven PWNISMS domains: Product, Workload, Network, IAM, Secrets, Monitoring, SupplyChain.
Mitigations must reference concrete technologies, configurations, or processes.
Return only valid JSON matching the required schema."""

user = open("scenario.md").read()
messages = [{"role": "system", "content": system}, {"role": "user", "content": user}]
prompt = tokenizer.apply_chat_template(messages, add_generation_prompt=True, tokenize=False)
text = generate(model, tokenizer, prompt=prompt, max_tokens=12000, verbose=False)
print(text)
```

## Load And Generate (GGUF / llama.cpp)

Recommended default:

- `PWNISMS-Threat-Model-Structured-Q4_K_M.gguf` (~940MB): broad local compatibility, much smaller than F16.

Reference precision:

- `PWNISMS-Threat-Model-Structured-F16.gguf` (~2.9GB): F16 GGUF export.

Example with llama.cpp:

```bash
llama-cli \
  -m PWNISMS-Threat-Model-Structured-Q4_K_M.gguf \
  --ctx-size 12000 \
  --temp 0.2 \
  -p '<|im_start|>system
You are a senior security architect. Produce a PWNISMS threat model for the described system.
Address all seven PWNISMS domains: Product, Workload, Network, IAM, Secrets, Monitoring, SupplyChain.
Mitigations must reference concrete technologies, configurations, or processes.
Return only valid JSON matching the required schema.<|im_end|>
<|im_start|>user
<paste the system scenario markdown here><|im_end|>
<|im_start|>assistant
'
```

## Ollama

Create a `Modelfile` next to the downloaded GGUF:

```text
FROM ./PWNISMS-Threat-Model-Structured-Q4_K_M.gguf
PARAMETER temperature 0.2
PARAMETER num_ctx 12000
TEMPLATE """{{ .Prompt }}"""
```

Then run:

```bash
ollama create pwnisms-threat-model-structured -f Modelfile
ollama run pwnisms-threat-model-structured
```

## Files

| File | Purpose |
|------|---------|
| `model.safetensors` | Fused MLX/HF-format weights |
| `PWNISMS-Threat-Model-Structured-Q4_K_M.gguf` | Quantized GGUF for llama.cpp/Ollama/local tools |
| `PWNISMS-Threat-Model-Structured-F16.gguf` | F16 GGUF reference export |
| `config.json`, `tokenizer.json`, `tokenizer_config.json`, `chat_template.jinja` | Model + tokenizer |
| `threat_model_schema.json` | JSON Schema for outputs |
| `examples/sample_scenario.md` | Tiny example input shape |

## Intended Use

This model is intended to assist application and security architects in drafting structured PWNISMS threat models from system descriptions. It is not a formal risk decision engine and should be reviewed by humans before use in production assurance, audit, or compliance workflows.