Software Bill of Materials (SBOM) are increasingly a requirement in many sectors, especially in critical infrastructure and public sector. This session will see how SBOM concepts can be use for the purpose of AI accountability.

A taxonomy for system trustworthiness and accountability will be presented. It is based largely on the European Union Artificial Intelligence Act (draft) requirements on technical documentation of a high-risk AI system and also inspired by related bills like US Algorithmic Accountability Bill (S.2892) and US Artificial Intelligence Research, Innovation, and Accountability Bill (S.3312).

A focus will be on how a software developer can capture required informational artifacts in a consistent way that allowed a (partially) automated auditing. A crosswalk with Software Package Data Exchange (SPDX) 3.0 AI Profile will also be discussed.

For a demonstration purpose in MLOps setting, a small open source Python package is created to show how standardized terms in the taxonomy can facilitate the documentation and record keeping from the source code level. The same terms can be use for querying/reporting. An example will be given in the an MLflow environment.