Large Language Model Security Requirements for Supply Chain

2024-09

The WDTA AI-STR-03 standard presents a framework for managing security risks in the Large Language Model (LLM) supply chain. It addresses the unique challenges posed by the integration of AI technologies, particularly LLMs, into modern technological ecosystems. The standard covers the entire lifecycle of LLMs, from development and training to deployment and maintenance, providing detailed guidelines for each stage.

At its core, the standard emphasizes a multi-layered approach to security, encompassing network, system, platform and application, model, and data layers. It leverages key concepts such as the Machine Learning Bill of Materials (ML-BOM), Zero Trust Architecture, and continuous monitoring and auditing. These concepts are designed to ensure the integrity, availability, confidentiality, controllability, and reliability of LLM systems throughout their supply chain.