Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Alignment with ML-BOM and M-BOM support in CycloneDX #56

Open
stevespringett opened this issue Oct 26, 2023 · 2 comments
Open

Alignment with ML-BOM and M-BOM support in CycloneDX #56

stevespringett opened this issue Oct 26, 2023 · 2 comments

Comments

@stevespringett
Copy link

Great to see Google interested in model transparency. Thank you for that.

I think there's two (possibly three) opportunities to align with OWASP CycloneDX.

Model card transparency

CycloneDX has extended its component model to incorporate model cards natively in the specification. Its model card support is derived from the Tensorflow Model Card Toolkit with sprinkles of VerifyML and a some additional fields not found in either. Model transparency is supported in CycloneDX today and there's a small but growing number of tools that support it.

See also:

Manufacturing transparency

CycloneDX has also incorporate support for Manufacturing Bill of Materials (MBOM) which can describe the precise steps (or formula) taken to create, test, train, evaluate, or deploy something. MBOM is an industry term which we've borrowed and brought into the software supply chain conversation. CycloneDX MBOM support can describe anything from how hardware was manufactured, software was created or deployed, how models were trained and evaluated, or how cloud services were orchestrated. CycloneDX MBOM support would provide a way to describe how a model is SLSA compliant.

See also:

Attestations (future v1.6+)

Many models are not publicly accessible (e.g. ChatGPT) and therefore it may be difficult to obtain model cards or manufacturing information. CycloneDX is evolving from a BOM standard into a transparency expression language. One such capability that v1.6 will support later this year is attestations. Think SSDF, PCI, or other industry, regulatory, or legally binding type of attestation, not in-toto - very different but complimentary types of attestations. Anyway, it would be possible to attest to SLSA or attest to having ethics and privacy incorporated into trained models using CycloneDX.

In general, I think there's a lot of opportunity for advancement and industry alignment if Google is interested in working with OWASP and Ecma.
@mihaimaruseac
Copy link
Collaborator

Thank you very much for opening the issue! Hope to chat about this during the ML-BOM seminar!

@mihaimaruseac
Copy link
Collaborator

Once we establish a standard for model serialization to digests, let's revisit this.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mihaimaruseac @stevespringett