AIBoMGen: Generating an AI Bill of Materials for Secure, Transparent, and Compliant Model Training
Wiebe Vandendriessche, Jordi Thijsman, Laurens D'hooge, Bruno Volckaert, Merlijn Sebrechts
TL;DR
AIBoMGen introduces a verifiable provenance platform that generates cryptographically signed AI Bills of Materials (AIBOMs) during model training, acting as a neutral root of trust and recording training inputs, configurations, and environments via in-toto attestations and artifact hashes. The PoC demonstrates that verifiable documentation can be achieved with negligible performance overhead and without relying on TEEs, addressing regulatory needs (e.g., EU AI Act) and improving auditability. It surveys related work, identifies gaps in cryptographic guarantees and interoperability, and offers a modular, cloud-native architecture with programmable verification endpoints. The results advocate for integrating provable provenance into AI pipelines, while outlining future directions like hardware-backed attestations, broader framework support, and enhanced lineage tracking to bolster trust in AI ecosystems.
Abstract
The rapid adoption of complex AI systems has outpaced the development of tools to ensure their transparency, security, and regulatory compliance. In this paper, the AI Bill of Materials (AIBOM), an extension of the Software Bill of Materials (SBOM), is introduced as a standardized, verifiable record of trained AI models and their environments. Our proof-of-concept platform, AIBoMGen, automates the generation of signed AIBOMs by capturing datasets, model metadata, and environment details during training. The training platform acts as a neutral, third-party observer and root of trust. It enforces verifiable AIBOM creation for every job. The system uses cryptographic hashing, digital signatures, and in-toto attestations to ensure integrity and protect against threats such as artifact tampering by dishonest model creators. Our evaluation demonstrates that AIBoMGen reliably detects unauthorized modifications to all artifacts and can generate AIBOMs with negligible performance overhead. These results highlight the potential of AIBoMGen as a foundational step toward building secure and transparent AI ecosystems, enabling compliance with regulatory frameworks like the EUs AI Act.
