What is supply chain risk for models and datasets?

Risks that occur when ML systems rely on external sources—data providers, pre-trained models, and third-party components. A tampered data or compromised model can degrade accuracy, compromise privacy, or introduce vulnerabilities.

What are common threats in ML supply chains?

Data tampering or poisoning, model poisoning and backdoors, unauthorized access to data or models, and the use of untrusted or compromised third-party components.

How can I reduce supply chain risk when using external data or models?

Use trusted sources, verify integrity with checksums and digital signatures, track provenance with SBOMs, isolate and test in controlled environments, enable reproducible training, apply strong access controls, and monitor for data or model drift.

How can you detect and respond to supply chain attacks?

Monitor data quality and model performance for anomalies, perform independent validation, audit logs, and follow an incident response plan (e.g., rotate credentials, patch or retrain with clean data) as issues arise.