Global Cyber Agencies Issue New SBOMs for AI Guidance

Staff Editor 2026-05-13
Global Cyber Agencies Issue New SBOMs for AI Guidance

Global Cyber Agencies Issue New SBOMs for AI Guidance

https://www.infosecurity-magazine.com/news/new-sboms-for-ai-guidance-2026/

Publish Date: 2026-05-13 07:00:00

Source Domain: www.infosecurity-magazine.com

Multiple government cyber agencies have a new resource defining the minimum elements for software bills of materials (SBOMs) for AI to strengthen the AI-supply chain.

The aim is to help public and private sector stakeholders improve transparency in their artificial intelligence (AI) systems and supply chains.

The paper, Software Bill of Materials (SBOM) for Artificial Intelligence – Minimum Elements, was published on 12 May and was written by the G7 Cybersecurity Working Group.

It builds on the shared vision of SBOMs for AI published by working group in June 2025.

The core of the approach to SBOMs for AI in the document is seven “clusters” of potential elements within those clusters that can be used by both producers and users of AI systems.

The Seven SBOM for AI Clusters

The seven SBOM for AI Clusters are as follows:

  • Metadata: The metadata cluster is used to represent information related to the SBOM for AI itself, and not the individual components or sub-elements
  • System Level Properties (SLP): The SLP cluster contains elements that refer to information on the AI system as a whole. This cluster also includes all software dependencies and frameworks used in the AI system as well as information about how AI system components interact and process user data
  • Models: The Models cluster includes basic information for identifying the models used by the AI system, describes for each model how its weights were produced, and outlines their properties and limitations
  • Dataset Properties (DP):  The DP cluster provides information on datasets used during the whole life cycle of the model, including basic information that documents the identity and provenance of data
  • Key Performance Indicators (KPI): The KPI cluster contains elements that refer to information on the AI system’s KPIs and its components (including AI models that are integrated in the system), focusing on their lifecycle phases
  • Infrastructure: The infrastructure cluster contains physical and…

Source

More Stories

Project Glasswing: Key cybersecurity agencies set to get access to Anthropic’s Mythos | Business News

Project Glasswing: Key cybersecurity agencies set to get access to Anthropic’s Mythos | Business News

Staff Editor 2026-06-06
Did Insight’s New AI Cybersecurity Service and Credit Tweaks Just Reframe Insight Enterprises’ (NSIT) Growth Story?

Did Insight’s New AI Cybersecurity Service and Credit Tweaks Just Reframe Insight Enterprises’ (NSIT) Growth Story?

Staff Editor 2026-06-06
U.S. CISA adds SolarWinds Serv-U flaw to its Known Exploited Vulnerabilities catalog

U.S. CISA adds SolarWinds Serv-U flaw to its Known Exploited Vulnerabilities catalog

Staff Editor 2026-06-06

Terms and Conditions - Privacy Policy