November 23, 2025
Conference Paper
Title

Utilizing SBOM for Transparent AI Risk Communication

Abstract
Value chains for AI systems are becoming increasingly complex and can consists of multiple actors that contribute services, tools, data, models and code. An efficient risk management along this value chain requires all actors to communicate potential risk sources and recommendations for mitigation. The Software Bill of Materials (SBOM) is a method from cybersecurity, that enables organizations to communicate information like licences, security vulnerabilities and dependencies of software components. SBOM raises increasing interest in the AI community to share information about AI components, like data and models. In this paper we discuss the suitability of SBOM for AI risk management along a value chain and show the potential but also gaps in current approaches.
Author(s)
Helmer, Lennard  orcid-logo
Fraunhofer-Institut für Intelligente Analyse- und Informationssysteme IAIS  
Fink, Lisa
Fraunhofer-Institut für Intelligente Analyse- und Informationssysteme IAIS  
Poretschkin, Maximilian  
Fraunhofer-Institut für Intelligente Analyse- und Informationssysteme IAIS  
Mainwork
Project(s)
Funder
Conference
Open Access
DOI
Additional link
Language
English
Keyword(s)