Utilizing SBOM for Transparent AI Risk Communication

Authors

  • Lennard Helmer Fraunhofer IAIS
  • Lisa Fink Fraunhofer IAIS
  • Maximilian Poretschkin Fraunhofer IAIS Lamarr Institute for Machine Learning and Artificial Intelligence University of Bonn

DOI:

https://doi.org/10.1609/aaaiss.v7i1.36885

Abstract

Value chains for AI systems are becoming increasingly complex and can consists of multiple actors that contribute services, tools, data, models and code. An efficient risk management along this value chain requires all actors to communicate potential risk sources and recommendations for mitigation. The Software Bill of Materials (SBOM) is a method from cybersecurity, that enables organizations to communicate information like licences, security vulnerabilities and dependencies of software components. SBOM raises increasing interest in the AI community to share information about AI components, like data and models. In this paper we discuss the suitability of SBOM for AI risk management along a value chain and show the potential but also gaps in current approaches.
AAAI Fall Symposium 2025 Proceedings Cover

Downloads

Published

2025-11-23

How to Cite

Helmer, L., Fink, L., & Poretschkin, M. (2025). Utilizing SBOM for Transparent AI Risk Communication. Proceedings of the AAAI Symposium Series, 7(1), 185-189. https://doi.org/10.1609/aaaiss.v7i1.36885

Issue

Vol. 7 No. 1: Proceedings of the 2025 AAAI Fall Symposium Series

Section

AI Trustworthiness and Risk Assessment for Challenged Contexts (ATRACC)