https://jjcit.org/paper/137 10.5455/jjcit.71-1620148110 Carlos Gonzalez User detection,Secure military software,Secure self-protected software,Covert actions,International law 1 4636 1313 4-May-2021 2-Jul.-2021 9-Jul.-2021 The objective of this article is to describe a process methodology to increase security inside secure military self- protected software. Self-protected software is vulnerable to threats, most dependant on the software user. Therefore, detection by self-protected software of the current user is very important. The methodology includes three phases: detection of user, analysis of current state and reaction actions. The detection phase is comprised of assessing geographic location, time at present location and determining user kind (friend or foe). Analysis phase consists of analysing if self-protected software should be at present location, predicting future locations and assessing the location level of threat. Reaction phase includes determining immediate and delay actions if any and perform actions accordingly. Legal concerns are explained, countermeasures and covert actions are proposed and described. An analytical model shows that self-protected software that includes user detection provides more protection than self-protected software without user detection.