Definition
A structured inventory of all components, models, datasets, and dependencies in an AI system, including model lineage, training data provenance, third-party integrations, and known vulnerabilities. CISA and G7 have defined minimum elements.
Why it matters
Without visibility into what's inside an AI system, organizations cannot assess supply-chain risk, debug unexpected behavior, or respond to discovered vulnerabilities. An AI SBOM is foundational to accountability and incident response.