Conference item
TAIBOM: bringing trustworthiness to AI-enabled systems
- Abstract:
- The growing integration of open-source software and AIdriven technologies has introduced new layers of complexity into the software supply chain, challenging existing methods for dependency management and system assurance. While Software Bills of Materials (SBOMs) have become critical for enhancing transparency and traceability, current frameworks fall short in capturing the unique characteristics of AI systems — namely, their dynamic, data-driven nature and the loosely coupled dependencies across datasets, models, and software components. These challenges are compounded by fragmented governance structures and the lack of robust tools for ensuring integrity, trust, and compliance in AI-enabled environments. In this paper, we introduce Trusted AI Bill of Materials (TAIBOM) — a novel framework extending SBOM principles to the AI domain. TAIBOM provides (i) a structured dependency model tailored for AI components, (ii) mechanisms for propagating integrity statements across heterogeneous AI pipelines, and (iii) a trust attestation process for verifying component provenance. We demonstrate how TAIBOM supports assurance, security, and compliance across AI workflows, highlighting its advantages over existing standards such as SPDX and CycloneDX. This work lays the foundation for trustworthy and verifiable AI systems through structured software transparency.
- Publication status:
- Published
- Peer review status:
- Peer reviewed
Actions
Access Document
- Files:
-
-
(Preview, Version of record, pdf, 1.5MB, Terms of use)
-
- Publication website:
- https://ceur-ws.org/Vol-4154/
Authors
- Publisher:
- CEUR Workshop Proceedings
- Host title:
- Proceedings of the 1st International Workshop on Security and Privacy-Preserving AI/ML co-located with 28th European Conference on Artificial Intelligence (ECAI 2025)
- Pages:
- 68-78
- Series:
- CEUR Workshop Proceedings
- Series number:
- 4154
- Publication date:
- 2026-01-28
- Acceptance date:
- 2025-07-12
- Event title:
- 1st International Workshop on Security and Privacy-Preserving AI/ML (SPAIML 2025)
- Event location:
- Bologna, Italy
- Event website:
- https://spaiml.com/2025/
- Event start date:
- 2025-10-26
- Event end date:
- 2025-10-26
- Language:
-
English
- Pubs id:
-
2300208
- Local pid:
-
pubs:2300208
- Deposit date:
-
2025-10-17
- ARK identifier:
Terms of use
- Copyright holder:
- Safronov et al
- Copyright date:
- 2025
- Rights statement:
- © 2025 Copyright for this paper by its authors. Use permitted under Creative Commons License Attribution 4.0 International (CC BY 4.0).
- Notes:
- This paper will be presented at the 1st International Workshop on Security and Privacy-Preserving AI/ML (SPAIML 2025), 26th October 2025, Bologna, Italy.
- Licence:
- CC Attribution (CC BY)
If you are the owner of this record, you can report an update to it here: Report update to this record