"What we’re worried about is we would end up in a ‘fire, ready, aim’ situation where everyone was doing it, but we were all doing slightly different things," said Allan Friedman, a co-author of a new policy paper from the Institute for Security and Technology.
Institute for Security and Technology’s roadmap advocates AIBOMs but urges groundwork first
A policy paper published Tuesday by the Institute for Security and Technology (IST) argues for applying software bills of materials — commonly called SBOMs — to artificial intelligence, framing an "AI bill of materials" (AIBOM) as a way to reduce cyber risk and improve transparency. CyberScoop was first to report on the paper. The authors emphasize that AIBOMs will not be plug-and-play: they require foundational work before broad implementation, the paper says, because inconsistent practices would undercut the goal of coherent policy, interoperable data, and useful supply-chain transparency.
Origins: Hill aides, Pentagon staffers and the paper’s intended audience
The idea for the paper, Friedman told CyberScoop, sprang from conversations with Hill aides and Pentagon staffers, and those groups are explicitly named as part of the paper’s target audience. The authors describe the document as a roadmap for lawmakers, federal agencies and others, offering a practical starting point rather than a finalized mandate.
Supply-side specifics: what an AIBOM should capture
On the technical, supply-side front, the paper is specific about the data an AIBOM should include. "An AIBOM should capture relevant details about the models and datasets used for training, fine-tuning, evaluation, validation, testing, retrieval, grounding, augmentation, or other model development or operational purposes," the authors write. That list intentionally spans multiple stages of development and operation, signaling a broad conception of what constitutes an "ingredient" in AI systems rather than limiting the scope to final model binaries.
Demand-side levers: industry mandates, lightweight standards, and government contracting
The paper argues that supply alone will not create usable AIBOMs: there must be demand generated by a "forcing function" so organizations actually track components. The authors point to options ranging from private-sector mandates to government action. One example cited is the "lightweight" standards used in the payment card industry on data security, which the paper describes as not overly prescriptive about how components should be tracked. The authors also explicitly note that demand could be created through regulations or contracting conditions. Friedman and his IST colleague Nick Leiserson frame this as a two-sided problem: without buyers or regulators asking for AIBOM data, producers may not provide it; without suppliers willing to produce consistent data, buyers and regulators will find it hard to require it.
What this means for Hill aides, Pentagon staffers, and AIBOM service providers
- Hill aides: The paper was written with them in mind as potential architects of legislative or oversight tools that could create the "demand" side through rules or contracting conditions. They will be asked to weigh options that range from industry-aligned "lightweight" requirements to more prescriptive mandates.
- Pentagon staffers: As part of the paper’s immediate audience, defense procurement and security officials are positioned to consider whether contracting requirements could be used to standardize what suppliers must report about models and datasets.
- AIBOM service providers and vendors: The authors note some companies are already offering AIBOM services and other organizations are actively shaping AIBOM policy. Those providers will confront the interoperability and standardization issues the paper warns about if different buyers adopt different formats or scope for AIBOMs.
Acknowledgments, limits and the next step
The paper is explicit that it does not claim novelty or a complete solution. It acknowledges prior work by organizations such as the Open Worldwide Application Security Project (OWASP) and the Linux Foundation, and states plainly: "We’re not saying this is a brand new topic, nor are we saying that AIBOM will solve all AI security issues." Friedman adds a conversational caveat: "I’ve been fighting this fight for SBOM for a decade. You know, SBOM will not pick up your dry cleaning." The authors present the document as an opening salvo — a framework to guide lawmakers, agencies and vendors toward compatible approaches rather than a finished standard.
The substantive choice ahead is whether policymakers and purchasers will create the demand-side incentives the paper calls for while the community agrees on the supply-side details the paper outlines. If those two tracks move in sync, the paper suggests, AIBOMs could become a practical tool for transparency; if they do not, the result could be fractured approaches that fall short of the paper’s stated aims.
Read the original CyberScoop report: https://cyberscoop.com/ai-bill-of-materials-policy-roadmap/
