AI Supply Chain Security: MBOM-PQC Provenance, PQC Attestation, and a Maturity Model for Quantum-Resistant Assurance

Artificial intelligence (AI) systems increasingly depend on multi-stage supply chains that incorporate pre-trained models, third-party datasets, open-source libraries, and automated pipelines, creating an expanding attack surface in which model poisoning, dependency compromise, and provenance manipulation can undermine integrity before deployment. Existing AI governance frameworks—including the NIST AI Risk Management Framework and Secure Software Development Framework—acknowledge supply chain risks but do not define verifiable model provenance or cryptographically durable integrity guarantees. The transition to post-quantum cryptography (PQC) compounds this gap: classical digital signatures used to verify model lineage, dataset integrity, and pipeline attestation will become vulnerable to quantum-enabled forgery within the operational lifetime of many AI systems. This paper synthesizes evidence from policy, standards, and incident sources to characterize the AI supply chain threat landscape and the cryptographic dependencies that the PQC transition disrupts. It proposes three integrated design-science artifacts: a Model Bill of Materials with PQC-safe extensions (MBOM-PQC) defining a verifiable provenance schema; a unified signing and attestation pipeline integrating ML-DSA and hybrid signature modes; and a five-level Supply Chain Assurance Maturity Model (SCAMM) for repeatable organizational evaluation. These contributions provide a structured foundation for AI supply chain integrity in cloud-connected, mission-critical smart systems, ensuring verifiable lineage, authenticity, and trustworthiness through the PQC transition. Empirical validation is deferred to future work.