AI Supply Chain Security: MBOM-PQC Provenance, PQC Attestation, and a Maturity Model for Quantum-Resistant Assurance

Artificial intelligence systems increasingly depend on complex, multi-stage supply chains that incorporate pre-trained models, third-party datasets, open-source libraries, and automated training pipelines. This dependency creates a rapidly expanding attack surface in which model poisoning, dependency compromise, and provenance manipulation can undermine system integrity long before deployment. Existing AI governance frameworks—including the NIST AI Risk Management Framework and NIST’s Secure Software Development Framework—acknowledge supply chain risks but do not define a verifiable model provenance structure or cryptographically durable integrity guarantees. Simultaneously, the transition to post-quantum cryptography (PQC) introduces new requirements for long-lived AI artifacts: classical digital signatures used to verify model lineage, dataset integrity, and pipeline attestation will become vulnerable to quantum-enabled forgery within the expected operational lifetime of many AI systems. This paper synthesizes evidence from policy, standards, and benchmark sources to characterize the emerging AI supply chain threat landscape and identify cryptographic dependencies that the PQC transition disrupts. We propose a formal Model Bill of Materials with PQC-safe extensions (MBOM-PQC), a unified model signing and attestation pipeline based on ML-DSA and hybrid signature modes, and a five-level Supply Chain Assurance Maturity Model (SCAMM) enabling re- peatable organizational assessment. The framework provides a cryptographically resilient foundation for AI provenance, ensuring that model integrity, lineage, and trustworthiness remain verifiable throughout the PQC transition and beyond. The principal contributions are: (1) the MBOM-PQC schema for structured AI provenance; (2) a PQC-safe signing and attestation pipeline; and (3) the SCAMM five-level maturity model for organizational assessment.