Global Push for AI Bill of Materials (AI BOM) Standards and Visibility Accelerates Ahead of 2026 Regulatory Deadlines

First reported

19.05.2026 00:44

Last updated

20.05.2026 01:17

1 unique sources, 2 articles

Summary

Hide ▲

Regulatory and industry momentum for AI BOMs has accelerated with concrete tooling, standards extensions, and enforcement timelines. Standards bodies OWASP and the Linux Foundation have released AI-specific extensions to their SBOM frameworks, while organizations like the OpenSSF formalized model-signing specifications. Commercial platforms such as Manifest Cyber, Cycode, and JFrog now integrate AI BOM generation, and regulatory pressure is intensifying with the EU AI Act’s August 2026 deadline and new US mandates for defense contractors and financial sector examinations. Cyber insurers are also signaling AI governance as a coverage prerequisite. This follows prior emphasis on AI BOMs as a critical tool for managing AI supply chain risks, with regulatory bodies in the EU and US requiring documentation for high-risk systems and the G7 outlining minimum AI BOM elements. The open-source ecosystem’s rapid growth and documented threats like backdoored models have underscored the urgency for visibility tools, while standards bodies such as CISA, NIST, OWASP, and the Linux Foundation converge on core AI BOM elements including model artifacts, data lineage, and deployment context.

Timeline

19.05.2026 00:44 2 articles · 1d ago

G7, EU, and Industry Groups Advance AI BOM Standards and Mandates as AI Supply Chain Risks Escalate
Regulatory frameworks in the EU and US are increasingly requiring AI BOMs for high-risk AI systems, with the EU AI Act set to mandate better documentation for high-risk deployments starting August 2026. The G7 released guidance specifying minimum AI BOM elements, while ISACA recommends AI BOMs as standard procurement due diligence. Standards bodies and vendors are now delivering concrete implementations to realize AI BOMs. OWASP released the open-source OWASP AI BOM Generator to automatically generate AI BOMs from Hugging Face models in CycloneDX format as part of its CycloneDX SBOM standard extension. The SPDX standard added dedicated AI and dataset profiles in version 3.0, providing field mappings for model training and data provenance. The OpenSSF AI/ML Working Group formalized a model-signing specification in 2025 with contributions from Google, HiddenLayer, and NVIDIA, and CISA's AI SBOM Tiger Team published foundational guidance in 2025. Commercial platforms including Manifest Cyber, Cycode, and JFrog now integrate AI BOM capabilities into their supply chain security products, while academic work like AIBoMGen introduced cryptographically signed AI BOM generation during model training. Regulatory pressure is intensifying, with the EU AI Act’s August 2026 deadline requiring conformity assessments and EU database registration aligned with AI BOM content, the FY26 NDAA mandating AI component accounting for DoD contractors, and the SEC identifying AI governance as an examination priority for 2026. Cyber insurers such as CyberCube are conditioning coverage on AI governance documentation, recommending evaluation of AI agent governance controls. Parallel to these developments, the open-source AI ecosystem continues to expand rapidly. Hugging Face’s repository grew to 13 million users and 2 million models in 2025, while malicious model detections surged 6.5-fold year-over-year. Research demonstrated that backdoored models can evade standard security checks, highlighting the urgent need for AI supply chain visibility tools such as AI BOMs.
Show sources

Is 2026 the Year AI Bills of Materials Get Real? — www.darkreading.com — 19.05.2026 00:44

What Will Make AI BOMs Real? — www.darkreading.com — 20.05.2026 01:17
Open in new tab

Information Snippets

AI BOMs extend SBOM frameworks to document AI-specific components including models, datasets, training history, licensing, and operational metadata required for assessing AI system behavior and risk profiles.
First reported: 19.05.2026 00:44

1 source, 2 articles
Show sources
- Is 2026 the Year AI Bills of Materials Get Real? — www.darkreading.com — 19.05.2026 00:44
- What Will Make AI BOMs Real? — www.darkreading.com — 20.05.2026 01:17
Regulatory bodies in Europe and the US are beginning to require AI BOMs for high-risk AI systems, either explicitly or integrated into broader SBOM requirements, with the EU AI Act set to take effect in August 2026.
First reported: 19.05.2026 00:44

1 source, 2 articles
Show sources
- Is 2026 the Year AI Bills of Materials Get Real? — www.darkreading.com — 19.05.2026 00:44
- What Will Make AI BOMs Real? — www.darkreading.com — 20.05.2026 01:17
The G7 released guidance in 2026 outlining minimum elements to include in AI BOMs, while industry groups like ISACA recommend AI BOMs as standard due diligence for technology procurement.
First reported: 19.05.2026 00:44

1 source, 1 article
Show sources
- Is 2026 the Year AI Bills of Materials Get Real? — www.darkreading.com — 19.05.2026 00:44
The open-source AI model repository Hugging Face reported 13 million users, 2 million models, and 500,000 datasets in 2025, coinciding with a 6.5-fold increase in malicious models identified on the platform compared to the prior year.
First reported: 19.05.2026 00:44

1 source, 1 article
Show sources
- Is 2026 the Year AI Bills of Materials Get Real? — www.darkreading.com — 19.05.2026 00:44
Research published in February 2026 documented backdoored AI models that passed Hugging Face’s security checks, highlighting the growing attack surface in AI supply chains.
First reported: 19.05.2026 00:44

1 source, 1 article
Show sources
- Is 2026 the Year AI Bills of Materials Get Real? — www.darkreading.com — 19.05.2026 00:44
Standards bodies including CISA, NIST, OWASP, and the Linux Foundation have begun converging on core elements for AI BOMs, including model artifacts, data lineage, software dependencies, configuration, deployment context, and human oversight records.
First reported: 19.05.2026 00:44

1 source, 2 articles
Show sources
- Is 2026 the Year AI Bills of Materials Get Real? — www.darkreading.com — 19.05.2026 00:44
- What Will Make AI BOMs Real? — www.darkreading.com — 20.05.2026 01:17
The Linux Foundation’s SPDX AI BOM standard emphasizes practical adoption by focusing on a small set of readily recordable fields, avoiding overly ambitious granularity goals due to organizational limitations in maintaining detailed records.
First reported: 19.05.2026 00:44

1 source, 1 article
Show sources
- Is 2026 the Year AI Bills of Materials Get Real? — www.darkreading.com — 19.05.2026 00:44
OWASP released the OWASP AI BOM Generator, an open-source tool to automatically generate AI BOMs from Hugging Face models in CycloneDX format as part of its CycloneDX SBOM standard extension
First reported: 20.05.2026 01:17

1 source, 1 article
Show sources
- What Will Make AI BOMs Real? — www.darkreading.com — 20.05.2026 01:17
The SPDX standard added dedicated AI and dataset profiles in version 3.0, providing field mappings for model training and data provenance
First reported: 20.05.2026 01:17

1 source, 1 article
Show sources
- What Will Make AI BOMs Real? — www.darkreading.com — 20.05.2026 01:17
The OpenSSF AI/ML Working Group formalized a model-signing specification in 2025 with contributions from Google, HiddenLayer, and NVIDIA
First reported: 20.05.2026 01:17

1 source, 1 article
Show sources
- What Will Make AI BOMs Real? — www.darkreading.com — 20.05.2026 01:17
CISA's AI SBOM Tiger Team published foundational guidance on AI BOMs in 2025
First reported: 20.05.2026 01:17

1 source, 1 article
Show sources
- What Will Make AI BOMs Real? — www.darkreading.com — 20.05.2026 01:17
Commercial vendors including Manifest Cyber, Cycode, and JFrog have integrated AI BOM capabilities into their platforms since mid-2025
First reported: 20.05.2026 01:17

1 source, 1 article
Show sources
- What Will Make AI BOMs Real? — www.darkreading.com — 20.05.2026 01:17
The EU AI Act's August 2026 deadline requires conformity assessments, technical documentation, and EU database registration for high-risk AI systems, aligning directly with AI BOM content
First reported: 20.05.2026 01:17

1 source, 1 article
Show sources
- What Will Make AI BOMs Real? — www.darkreading.com — 20.05.2026 01:17
The FY26 National Defense Authorization Act mandates AI component accounting in SBOMs for DoD contractors
First reported: 20.05.2026 01:17

1 source, 1 article
Show sources
- What Will Make AI BOMs Real? — www.darkreading.com — 20.05.2026 01:17
The SEC identified AI governance as an examination priority for 2026, prompting questions about AI policies and governance
First reported: 20.05.2026 01:17

1 source, 1 article
Show sources
- What Will Make AI BOMs Real? — www.darkreading.com — 20.05.2026 01:17
Cyber insurers are beginning to condition coverage on AI governance documentation, with CyberCube recommending evaluation of AI agent governance controls in April 2026
First reported: 20.05.2026 01:17

1 source, 1 article
Show sources
- What Will Make AI BOMs Real? — www.darkreading.com — 20.05.2026 01:17

Similar Happenings

North Korean APTs Leverage AI to Enhance IT Worker Scams

North Korea's state-linked APTs—particularly Jasper Sleet and Coral Sleet—continue to expand their IT worker scams using AI to fabricate identities, automate social engineering, and deploy malware, while simultaneously diversifying revenue streams to fund weapons programs. OFAC sanctions now confirm the scheme's scale and structure, revealing a multi-tiered network of recruiters, facilitators, IT workers, and collaborators that has infiltrated U.S. and international companies to steal sensitive data and extort victims. The use of AI tools like Faceswap for identity fabrication and Astrill VPN for geographic obfuscation underscores the sophistication of these operations, which are deeply embedded in North Korea's sanctions-evasion and revenue-generation machinery. Initial reporting by Microsoft documented how Jasper Sleet and Coral Sleet leverage AI to research job postings, generate fake resumes, create culturally tailored digital personas, and develop web infrastructure for malicious purposes. These groups use AI coding tools to refine malware and jailbreak LLMs to generate malicious code, complicating detection while enabling long-term persistence as insider threats. The scheme's expansion into malware deployment and extortion activities further increases its impact, with a significant portion of earnings funneled back to North Korea to support its missile programs.

Open in new tab

AI-Specific Attack Vectors Exploit Gaps in Traditional Security Frameworks

In 2024 and 2025, several high-profile incidents demonstrated that traditional security frameworks fail to address AI-specific threats. The Ultralytics AI library was compromised in December 2024, malicious Nx packages leaked credentials in August 2025, and ChatGPT vulnerabilities allowed unauthorized data extraction. These incidents highlight that existing frameworks like NIST CSF, ISO 27001, and CIS Controls do not cover AI-specific attack vectors such as prompt injection, model poisoning, and AI supply chain attacks. The lack of AI-specific guidance in these frameworks leaves organizations vulnerable despite meeting compliance requirements. Security teams need to implement new technical capabilities and build specialized knowledge to defend against these evolving threats.