How an AI Bill of Materials could build trust in enterprise AI

Modern applications are often composed of numerous open source components woven together. This allows developers to focus on crafting new logic rather than reinventing the wheel. However, vulnerabilities are sometimes found long after a library was released despite the best efforts of security researchers.

The notion of a Software Bill of Materials (SBOM) has gained traction in the security industry for managing vulnerabilities that may lie buried across enterprise systems. An SBOM is essentially an ingredient list for inventorying all components, libraries, and dependencies used in an application.

Now, the AI community is beginning to expand this notion to build trust in AI systems as part of an AIBOM. Crystal Morin, senior cybersecurity strategist at Sysdig, explains:

An AIBOM is simply a bill of materials for an AI model or system, not just the software that is running. Traditionally, SBOMs focus on software artifacts, but we believe that an AIBOM ...