From Model to Trust - Building Upon Tamper-proof ML Metadata Records

Learn how to establish trust and integrity in machine learning systems through tamper-proof metadata records in this conference talk from OpenSSF. Discover the critical importance of model provenance and integrity verification for building trustworthy AI systems, and explore how the OpenSSF Model Signing project provides a PKI-agnostic method for creating verifiable claims on ML artifact bundles. Understand how this approach extends beyond model signing to encompass datasets and associated files, recording all integrity information in a unified manifest. Explore the foundation this creates for AI supply-chain solutions that enhance both security and reduce development costs, enabling capabilities like querying dataset origins for specific models or identifying models trained on compromised datasets before production deployment. Examine how merging model signing, model cards, SLSA, and AI-BOM information with analysis tools like GUAC creates powerful metadata analysis capabilities for the AI development lifecycle.