diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 0b3a2f5..6ffbffe 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -85,4 +85,4 @@ jobs:
       
       - name: Build Docker images
         run: |
-          docker-compose -f docker-compose.dev.yml build
+          docker compose -f docker-compose.dev.yml build
diff --git a/Dockerfile.controller b/Dockerfile.controller
index 9eb322c..60c8783 100644
--- a/Dockerfile.controller
+++ b/Dockerfile.controller
@@ -5,13 +5,22 @@ FROM python:3.12-slim AS builder
 RUN apt-get update && apt-get install -y \
     build-essential \
     cmake \
+    curl \
+    git \
     libssl-dev \
     pkg-config \
-    && curl -sS https://liboqs.org/install.sh | bash \
-    && ldconfig /usr/local/lib
+    && git clone --depth 1 --branch 0.15.0 https://github.com/open-quantum-safe/liboqs /tmp/liboqs \
+    && cmake -S /tmp/liboqs -B /tmp/liboqs/build \
+        -DBUILD_SHARED_LIBS=ON \
+        -DCMAKE_BUILD_TYPE=Release \
+    && cmake --build /tmp/liboqs/build --parallel $(nproc) \
+    && cmake --install /tmp/liboqs/build \
+    && ldconfig /usr/local/lib \
+    && rm -rf /tmp/liboqs \
+    && rm -rf /var/lib/apt/lists/*
 
 # Create non-root user for security
-RUN useradd -u 1000 -g 1000 appuser
+RUN groupadd -g 1000 appuser && useradd -u 1000 -g appuser appuser
 
 WORKDIR /app
 
diff --git a/Dockerfile.worker b/Dockerfile.worker
index 5f51857..edb8828 100644
--- a/Dockerfile.worker
+++ b/Dockerfile.worker
@@ -24,13 +24,12 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
     # Build tools
     gcc \
     git \
-    # ONNX runtime for model inference
-    onnxruntime>=1.16.0 \
     && rm -rf /var/lib/apt/lists/*
 
 # Install Python dependencies
 COPY requirements.txt .
 RUN pip install --no-cache-dir -r requirements.txt
+RUN pip install --no-cache-dir "onnxruntime>=1.16.0"
 
 # Copy application code
 COPY mohawk_gui/ ./mohawk_gui/
diff --git a/mohawk_gui/config.toml b/mohawk_gui/config.toml
new file mode 100644
index 0000000..ba1c52c
--- /dev/null
+++ b/mohawk_gui/config.toml
@@ -0,0 +1,54 @@
+# Mohawk Inference Engine GUI - Configuration Template
+# Version: 2.1.0
+# =============================================================================
+
+[mohawk]
+# Worker connection settings
+host = "localhost"
+port = 8003
+
+# SSL/TLS configuration (production)
+ssl_enabled = false
+ssl_cert = "certs/client.crt"
+ssl_key = "certs/client.key"
+
+[workers]
+# Worker management settings
+enabled = true
+auto_discover = false
+timeout_ms = 5000
+max_connections = 100
+
+[sessions]
+# Session management
+max_concurrent = 10
+default_batch_size = 32
+checkpoint_interval_s = 60
+
+[metrics]
+# Metrics collection
+sampling_rate = 0.1
+export_interval_s = 60
+buffer_window_size = 1000
+
+[logging]
+# Logging configuration
+level = "INFO"
+file = "logs/mohawk_gui.log"
+format = "json"
+
+[security]
+# Security settings
+jwt_expiry_hours = 24
+refresh_window_hours = 1
+audit_enabled = true
+
+[[resources]]
+name = "model.onnx"
+path = "models/model.onnx"
+devices = ["gpu_0", "gpu_1"]
+
+[[resources]]
+name = "tokenizer"
+path = "models/tokenizer.json"
+devices = ["cpu"]