TAIBOM is an emerging standard to describe and manage AI systems and AI system risk. TAIBOM addresses the full AI supply chain, from training data through the results that AI systems produce.

Why TAIBOM?

To manage AI systems and their risk we need to know what version we are using, where it came from and how it's put together.

If we can't label, version and attest (be sure its what it says it is) the system we have no foundation for making higher level statements.. It's like building a house on sand. We need robust, cryptographically backed system descriptions before we can start.

TAIBOM addresses the technical challenge of providing formal descriptions of AI systems and dependencies. It additionally provides a method of describing and validating subjective claims about the qualities of these systems

Technical building blocks

TAIBOM is underpinned by the W3C verifiable credential interoperable standard, and provides:

A formal method of describing and attesting to the constituent parts of an AI system
A method of describing larger systems, and system dependencies within and across AI system
A method of annotating components and systems with security attributes positive and negative risk implication
A method of reasoning about the inherent risk in an AI system by transitively propagating risk

Who can use use TAIBOM

TAIBOM is distributed by nature, to reflect the complex supply chain of AI systems

Data owners: owners of the data on which AI systems are trained can version and annotate their data with things like copyright licenses
AI software developers: can version the software, and annotate this software with licenses or vulnerabilities.
AI system trainers: can version the trained models and annotate these systems with think like: performance metrics, bias metrics, licences or vulnerabilities
Data publishers: can aggregate data for training, using or extending the meta data descriptors
AI system providers: can publish AI systems with strong version control and extended meta data descriptors and quality assurance measures

But the main users are the AI system end users. With TAIBOM the AI system user possess the technical tools to do detailed investigation and quires on the system descriptions and security qualities

Benefits

🔒

Security

The trustworthiness (or trustability) of the AI system improves through strong interoperable foundations.

🔍

Supply Chain Transparency

End users can see in detail where the system comes from, allowing them to make informed decisions on usage based on relative trust.

📜

IP and Licensing

Transparency and respectability of licensing and IP terms across the value chain increases, protecting both end users, data owners, and system developers.