Rapid increase in GenAI use leads experts to advocate for increased AI supply chain transparency at BHUSA conference.
G7 Cybersecurity Working Group Pushes for AI Security with AI Bills of Materials
The G7 Cybersecurity Working Group, a collective of diplomats from the seven richest countries, is working on developing a joint vision focused on AI security. This vision includes the creation of AI Bills of Materials (AIBOMs) by their second meeting in 2025.
The concept of AIBOMs, which are modeled after Software Bills of Materials (SBOMs), has reached the desks of high-level world leaders. The SBOMs are structured inventories of components used in a software application. AIBOMs, on the other hand, are designed to document the components, data sources, and training methodologies behind AI systems.
The Linux Foundation has published a report explaining how to implement AIBOMs using its latest SBOM format, SPDX 3.0. Common SBOM formats also include CycloneDX.
Allan Friedman, a pioneer and advocate of SBOMs, played a significant role in this agreement. Before leaving his role as senior advisor and strategist at the US Cybersecurity and Infrastructure Agency (CISA) in July, Friedman introduced an AI SBOM working group at CISA. This group, along with Helen Oakley, one of its founders, has built a community-driven resource on GitHub to help organizations apply SBOM practices to AI systems.
The OWASP Foundation is also investigating how to best standardize AIBOMs. They have created their own AI BOM working group and are looking to release the 'AI BOM Operationalizing Guide and Best Practices Guide Objective,' a comprehensive guide detailing the operationalization of AIBOM and its best practices for secure and trusted generative AI systems, in October 2025.
Sajeeb Lohani, a cybersecurity professional, suggests that AI software dependencies should be included in SBOMs rather than in standalone AIBOMs.
According to an Enterprise Strategy Group (ESG) study, approximately 22% of organizations are currently using an SBOM, and 4% are planning to do so in the future. However, 79% of respondents still find it challenging to generate an SBOM due to the variety of tools used.
The Software Supply Chain Security Summit highlighted the increase in SBOM adoption by security teams, enhancing software transparency. This adoption is expected to further increase with the development and implementation of AIBOMs.
The Open AI Standards (OAS) organization has planned to release a comprehensive guideline in October 2025 that operationalizes AI Bills of Materials (AI BOMs) and best practices, describing the operationalization of safe and trustworthy generative AI systems.
As the world continues to rely heavily on AI systems, the development and implementation of AIBOMs are crucial for ensuring the security and transparency of these systems. The G7 Cybersecurity Working Group's initiative is a significant step towards achieving this goal.
Read also:
- Tesla is reportedly staying away from the solid-state battery trend, as suggested by indications from CATL and Panasonic.
- Airbus Readies for its Inaugural Hydrogen Fuel-Cell Engine Test Flight of Mega Watt Class
- Air conditioning and air source heat pumps compared by experts: they're not identical, the experts stress
- Tech Conflict Continues: Episode AI - Rebuttal to the Tech Backlash
