Uploaded image for project: 'Red Hat Advanced Cluster Security'
  1. Red Hat Advanced Cluster Security
  2. ROX-32143

[TechPreview] AI BOM Ingest and Scan with RHACS

XMLWordPrintable

    • Icon: Feature Feature
    • Resolution: Unresolved
    • Icon: Major Major
    • None
    • None
    • None
    • False
    • Hide

      None

      Show
      None
    • False
    • ROX-31603End-to-End Integrity and Runtime Protection for AI Workloads
    • Not Selected
    • Yes

      Goal Summary:

      RHACS can ingest and scan AI Bill of Materials (AIBOMs) in SPDX 3.0 and CycloneDX 1.6 formats from external sources such as OCI registries, model registries, and CI/CD pipelines. This allows security and platform teams to identify vulnerabilities in AI/ML workloads, gain visibility into deployed models, and assess associated risk, extending RHACS’s SBOM-based security capabilities to AI workloads.

      The focus here would be to deliver a Technology Preview offering that is functional and allows AI-BOMs to be ingested and vulnerability reports created based on the ingested AI-BOMs. We look to take customer feedback and improve on the implementation for GA

      Goals and expected user outcomes:

      • Users can ingest AIBOMs into RHACS in SPDX 3.0 or CycloneDX 1.6 formats.
      • RHACS scans all components listed in the AIBOM for vulnerabilities using the existing Scanner V4/Clair workflow.
      • Vulnerability reports are generated in the same way as for SBOMs.
      • Metadata from the AIBOM, including component name, version, hash, supplier, and dependencies, is preserved for traceability and audit purposes. 

      Acceptance Criteria:

      • RHACS can ingest AIBOMs in SPDX 3.0 and CycloneDX 1.6 formats from external sources (OCI registries, model registries, CI/CD pipelines).
      • All ingested components are scanned for vulnerabilities using Scanner V4/Clair.
      • Vulnerability scanning produces reports in the same format as SBOM vulnerability reports.
      • AIBOM metadata is preserved during ingestion and available via UI and API.
      • Ingestion and scanning performance remain within current SBOM SLAs.

      Success Criteria or KPIs measured:

      • Amplitude statistics capturing how many AIBOMs were ingested and scanned for vulnerabilities.
      • Number of actionable vulnerability reports generated for AI workloads.

      Use Cases (Optional):

      • A model registry publishes a CycloneDX AIBOM for a deployed AI model; RHACS ingests and scans it, generating a vulnerability report.
      • CI pipelines produce SPDX 3.0 AIBOMs for AI/ML services; RHACS scans them and includes results in the standard vulnerability dashboard.
      • Security engineers query RHACS to view vulnerability reports for all AI workloads in a cluster.
      • Auditors retrieve vulnerability reports for AI workloads for compliance and risk assessment purposes.

      Out of Scope (Optional):

      High-level list of items that are out of scope. Initial completion during Refinement status.

      <your text here>

              atelang@redhat.com Anjali Telang
              atelang@redhat.com Anjali Telang
              Anjali Telang Anjali Telang
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated: