--- title: "The AI Bill of Materials: Standardized AIBOM Formats Emerging in 2026" description: "AIBOM is the SBOM equivalent for AI systems. The competing 2026 standards (CycloneDX-AI, SPDX-AI), what they capture, and which is winning." canonical: https://callsphere.ai/blog/ai-bill-of-materials-aibom-formats-2026 category: "Technology" tags: ["AIBOM", "SBOM", "AI Supply Chain", "AI Governance"] author: "CallSphere Team" published: 2026-04-25T00:00:00.000Z updated: 2026-05-04T02:07:39.304Z --- # The AI Bill of Materials: Standardized AIBOM Formats Emerging in 2026 > AIBOM is the SBOM equivalent for AI systems. The competing 2026 standards (CycloneDX-AI, SPDX-AI), what they capture, and which is winning. ## What an AIBOM Is A Software Bill of Materials (SBOM) lists the components in a piece of software so consumers can audit dependencies and respond to vulnerabilities. An AI Bill of Materials (AIBOM) does the same for AI systems: models, training data, prompts, tools, fine-tunes, and the relationships between them. By 2026, AIBOM is the standard request from regulators and enterprise procurement when AI is part of a product. Two competing formats lead: CycloneDX-AI (OWASP) and SPDX-AI (Linux Foundation). This piece compares them and walks through what an AIBOM should capture. ## What an AIBOM Captures ```mermaid flowchart TB AIBOM[AIBOM] --> M[Models] AIBOM --> D[Datasets] AIBOM --> P[Prompts / templates] AIBOM --> T[Tools / MCP servers] AIBOM --> Pipe[Training pipeline] AIBOM --> Eval[Evaluation results] AIBOM --> Lic[Licenses + provenance] AIBOM --> Sec[Security attestations] ``` The unique-to-AI elements: - Model lineage (was this model fine-tuned from another? on what data?) - Dataset provenance and licensing - Performance and safety evaluation pointers - Known limitations and failure modes The shared-with-software elements (libraries, dependencies, SBOM data) usually get folded in via a regular SBOM that the AIBOM references. ## CycloneDX-AI CycloneDX is the OWASP-stewarded SBOM format. CycloneDX-AI extends it with AI-specific component types: `machine-learning-model`, `dataset`, `prompt`, etc. The format is JSON or XML. - **Strengths**: extends a widely-deployed SBOM format; tooling shares CycloneDX ecosystem - **Weaknesses**: less explicit about training-pipeline relationships - **Adoption**: leading among OWASP-influenced security teams ## SPDX-AI SPDX is the Linux Foundation's SBOM format. The "AI Profile" extends SPDX 3.0 with AI-specific concepts. The format is JSON, RDF, or other supported encodings. - **Strengths**: deep license-management heritage, formal data model - **Weaknesses**: heavier abstraction; tooling smaller in 2026 - **Adoption**: leading among open-source projects and license-focused organizations ## Choosing Between Them ```mermaid flowchart TD Q1{Already on CycloneDX for SBOMs?} -->|Yes| CDXa[CycloneDX-AI] Q1 -->|No| Q2{Already on SPDX for SBOMs?} Q2 -->|Yes| SPDXa[SPDX-AI] Q2 -->|No| Q3{License management top concern?} Q3 -->|Yes| SPDXb[SPDX-AI] Q3 -->|No| CDXb[CycloneDX-AI] ``` For most teams, the right answer is "the one you already use for software SBOMs." Mixing formats is more painful than picking either. ## A Sample AIBOM Entry A simplified CycloneDX-AI fragment for a fine-tuned model: ```json { "type": "machine-learning-model", "name": "callsphere-medical-intent-classifier", "version": "2.3.1", "supplier": "CallSphere LLC", "modelCard": "https://callsphere.tech/models/intent-classifier/v2.3.1", "components": [ { "type": "machine-learning-model", "name": "Llama-3-8B-Instruct", "version": "v3", "relationship": "base-model", "license": "Llama 3 Community License" }, { "type": "dataset", "name": "internal-medical-intent-v2", "license": "proprietary", "modificationsFromTraining": "deduplicated, PHI-redacted" } ] } ``` ## Generating an AIBOM In 2026 several tools generate AIBOMs: - **MLflow** + **CycloneDX plugin**: emits AIBOM from MLflow runs - **DVC**: data and model versioning, exports to AIBOM - **Hugging Face Hub**: emits AIBOM-shaped metadata for hosted models - **Vendor tools**: Anthropic, OpenAI, and major MLOps platforms emit AIBOM-shaped artifacts For a custom pipeline, the right pattern is to emit AIBOM from your training and deployment pipelines automatically, not by hand. Hand-written AIBOMs go stale immediately. ## What Regulators Want Regulators reading an AIBOM in 2026 typically check: - Are all training data sources accounted for? - Are licenses compatible with the deployed product? - Are evaluation results linked and current? - Are known limitations disclosed? - Is the lineage clear (which models built which models)? A clean AIBOM substitutes for a lot of separate documentation in compliance reviews. ## What Procurement Wants Enterprise procurement teams in 2026 are increasingly requesting AIBOMs in RFPs. The questions they ask: - What models are in the system? - Where do they come from? Are they updateable? - What datasets touched the model? Is any of our data in them? - What is your update cadence and deprecation policy? - What are the known failure modes? ## Sources - CycloneDX AIBOM specification — [https://cyclonedx.org/capabilities/mlbom](https://cyclonedx.org/capabilities/mlbom) - SPDX AI Profile — [https://spdx.dev](https://spdx.dev) - "AIBOM use cases" CISA — [https://www.cisa.gov](https://www.cisa.gov) - OWASP AI Exchange — [https://owaspai.org](https://owaspai.org) - Linux Foundation SBOM resources — [https://www.linuxfoundation.org/projects/sbom](https://www.linuxfoundation.org/projects/sbom) --- Source: https://callsphere.ai/blog/ai-bill-of-materials-aibom-formats-2026