The AI Bill of Materials: Standardized AIBOM Formats Emerging in 2026
By Sagar Shankaran, Founder of CallSphere
AIBOM is the SBOM equivalent for AI systems. The competing 2026 standards (CycloneDX-AI, SPDX-AI), what they capture, and which is winning.
Key takeaways
What an AIBOM Is
A Software Bill of Materials (SBOM) lists the components in a piece of software so consumers can audit dependencies and respond to vulnerabilities. An AI Bill of Materials (AIBOM) does the same for AI systems: models, training data, prompts, tools, fine-tunes, and the relationships between them.
By 2026, AIBOM is the standard request from regulators and enterprise procurement when AI is part of a product. Two competing formats lead: CycloneDX-AI (OWASP) and SPDX-AI (Linux Foundation). This piece compares them and walks through what an AIBOM should capture.
What an AIBOM Captures
flowchart TB
AIBOM[AIBOM] --> M[Models]
AIBOM --> D[Datasets]
AIBOM --> P[Prompts / templates]
AIBOM --> T[Tools / MCP servers]
AIBOM --> Pipe[Training pipeline]
AIBOM --> Eval[Evaluation results]
AIBOM --> Lic[Licenses + provenance]
AIBOM --> Sec[Security attestations]
The unique-to-AI elements:
- Model lineage (was this model fine-tuned from another? on what data?)
- Dataset provenance and licensing
- Performance and safety evaluation pointers
- Known limitations and failure modes
The shared-with-software elements (libraries, dependencies, SBOM data) usually get folded in via a regular SBOM that the AIBOM references.
Hear it before you finish reading
Talk to a live CallSphere AI voice agent in your browser — 60 seconds, no signup.
CycloneDX-AI
CycloneDX is the OWASP-stewarded SBOM format. CycloneDX-AI extends it with AI-specific component types: machine-learning-model, dataset, prompt, etc. The format is JSON or XML.
- Strengths: extends a widely-deployed SBOM format; tooling shares CycloneDX ecosystem
- Weaknesses: less explicit about training-pipeline relationships
- Adoption: leading among OWASP-influenced security teams
SPDX-AI
SPDX is the Linux Foundation's SBOM format. The "AI Profile" extends SPDX 3.0 with AI-specific concepts. The format is JSON, RDF, or other supported encodings.
- Strengths: deep license-management heritage, formal data model
- Weaknesses: heavier abstraction; tooling smaller in 2026
- Adoption: leading among open-source projects and license-focused organizations
Choosing Between Them
flowchart TD
Q1{Already on CycloneDX<br/>for SBOMs?} -->|Yes| CDXa[CycloneDX-AI]
Q1 -->|No| Q2{Already on SPDX<br/>for SBOMs?}
Q2 -->|Yes| SPDXa[SPDX-AI]
Q2 -->|No| Q3{License management<br/>top concern?}
Q3 -->|Yes| SPDXb[SPDX-AI]
Q3 -->|No| CDXb[CycloneDX-AI]
For most teams, the right answer is "the one you already use for software SBOMs." Mixing formats is more painful than picking either.
A Sample AIBOM Entry
A simplified CycloneDX-AI fragment for a fine-tuned model:
Still reading? Stop comparing — try CallSphere live.
CallSphere ships complete AI voice agents per industry — 14 tools for healthcare, 10 agents for real estate, 4 specialists for salons. See how it actually handles a call before you book a demo.
{
"type": "machine-learning-model",
"name": "callsphere-medical-intent-classifier",
"version": "2.3.1",
"supplier": "CallSphere LLC",
"modelCard": "https://callsphere.tech/models/intent-classifier/v2.3.1",
"components": [
{
"type": "machine-learning-model",
"name": "Llama-3-8B-Instruct",
"version": "v3",
"relationship": "base-model",
"license": "Llama 3 Community License"
},
{
"type": "dataset",
"name": "internal-medical-intent-v2",
"license": "proprietary",
"modificationsFromTraining": "deduplicated, PHI-redacted"
}
]
}
Generating an AIBOM
In 2026 several tools generate AIBOMs:
- MLflow + CycloneDX plugin: emits AIBOM from MLflow runs
- DVC: data and model versioning, exports to AIBOM
- Hugging Face Hub: emits AIBOM-shaped metadata for hosted models
- Vendor tools: Anthropic, OpenAI, and major MLOps platforms emit AIBOM-shaped artifacts
For a custom pipeline, the right pattern is to emit AIBOM from your training and deployment pipelines automatically, not by hand. Hand-written AIBOMs go stale immediately.
What Regulators Want
Regulators reading an AIBOM in 2026 typically check:
- Are all training data sources accounted for?
- Are licenses compatible with the deployed product?
- Are evaluation results linked and current?
- Are known limitations disclosed?
- Is the lineage clear (which models built which models)?
A clean AIBOM substitutes for a lot of separate documentation in compliance reviews.
What Procurement Wants
Enterprise procurement teams in 2026 are increasingly requesting AIBOMs in RFPs. The questions they ask:
- What models are in the system?
- Where do they come from? Are they updateable?
- What datasets touched the model? Is any of our data in them?
- What is your update cadence and deprecation policy?
- What are the known failure modes?
Sources
- CycloneDX AIBOM specification — https://cyclonedx.org/capabilities/mlbom
- SPDX AI Profile — https://spdx.dev
- "AIBOM use cases" CISA — https://www.cisa.gov
- OWASP AI Exchange — https://owaspai.org
- Linux Foundation SBOM resources — https://www.linuxfoundation.org/projects/sbom
Written by
Sagar Shankaran· Founder, CallSphere
Sagar Shankaran is the founder of CallSphere, where he builds production AI voice and chat agents deployed across healthcare, hospitality, real estate, and home services. He writes about agentic AI, LLM engineering, and shipping voice agents that handle real calls in production.
Try CallSphere AI Voice Agents
See how AI voice agents work for your industry. Live demo available -- no signup required.