<ul><li>Powerful machine learning models are increasingly available online, offering opportunities for users without extensive technical skills or resources.</li><li>The open ecosystem for ML models poses supply-chain risks, such as potential exploitation by attackers introducing malicious elements or using vulnerable frameworks.</li><li>Sigstore is proposed as a solution to enhance transparency in open ML models by enabling model publishers to sign their models and verify properties of the datasets they utilize.</li></ul>

Machine Learning Models Have a Supply Chain Problem

Discover more