AI SBOM Completeness Score
{% if completeness_score.completeness_profile %}
Completeness Profile:
{{ completeness_score.completeness_profile.name }}
{{ completeness_score.completeness_profile.description }}
{% if completeness_score.completeness_profile.next_level %}
Next level: {{ completeness_score.completeness_profile.next_level.name }}
({{ completeness_score.completeness_profile.next_level.missing_fields_count }} fields to add)
{% endif %}
{% endif %}
{{ completeness_score.total_score|round(1) }}/100
{% set score_percent = (completeness_score.total_score / 100) * 100 %}
{% set score_class = 'progress-poor' %}
{% set score_label = 'Poor' %}
{% if score_percent >= 90 %}
{% set score_class = 'progress-excellent' %}
{% set score_label = 'Excellent' %}
{% elif score_percent >= 70 %}
{% set score_class = 'progress-good' %}
{% set score_label = 'Good' %}
{% elif score_percent >= 50 %}
{% set score_class = 'progress-fair' %}
{% set score_label = 'Fair' %}
{% endif %}
{{ score_percent|int }}% {{ score_label }}
{% if completeness_score.validation_penalty %}
About the Validation Penalty
Your score includes a penalty because the AIBOM has schema validation issues. These are structural problems that don't comply with the CycloneDX specification requirements.
How to fix this: Look at the "Fix Validation Issues" section in the recommendations below. Fixing these issues will remove the penalty and improve your overall score.
{% endif %}
| Section |
Score |
Weight |
Progress |
{% set weights = {'required_fields': 20, 'metadata': 20, 'component_basic': 20, 'component_model_card': 30, 'external_references': 10} %}
{% set tooltips = {
'required_fields': 'Basic SBOM fields required by the CycloneDX specification: bomFormat, specVersion, serialNumber, and version.',
'metadata': 'Information about the AI SBOM itself: timestamp, tools used to generate it, authors, and component metadata.',
'component_basic': 'Basic information about the AI model: type, name, bom-ref, PURL, description, and licenses.',
'component_model_card': 'Detailed information about the model: parameters, quantitative analysis, and ethical considerations.',
'external_references': 'Links to external resources like model cards, repositories, and datasets.'
} %}
{% set display_names = {
'required_fields': 'Required Fields',
'metadata': 'Metadata',
'component_basic': 'Component Basic',
'component_model_card': 'Model Card',
'external_references': 'External References'
} %}
{% for section, score in completeness_score.section_scores.items() %}
|
{{ display_names[section] }}
(?)
{{ tooltips[section] }}
|
{{ score|round(1) }}/{{ completeness_score.max_scores[section] }} |
{{ weights[section] }}% |
{% set percent = (score / completeness_score.max_scores[section]) * 100 %}
{% set class = 'progress-poor' %}
{% if percent >= 90 %}
{% set class = 'progress-excellent' %}
{% elif percent >= 70 %}
{% set class = 'progress-good' %}
{% elif percent >= 50 %}
{% set class = 'progress-fair' %}
{% endif %}
{{ percent|int }}%
|
{% endfor %}
How the Overall Score is Calculated
Critical Missing Fields
The following fields are missing or incomplete and have the biggest impact on your score:
{% set missing_critical = [] %}
{% for field, status in completeness_score.field_checklist.items() %}
{% if "✘" in status %}
{% if completeness_score.field_tiers and field in completeness_score.field_tiers and completeness_score.field_tiers[field] == 'critical' %}
{% set _ = missing_critical.append(field) %}
-
{{ field }}
{% if field == "component.description" %}
- Add a detailed description of the model (at least 20 characters)
{% elif field == "component.purl" %}
- Add a valid PURL in the format pkg:huggingface/[owner]/[name]@[version]
{% elif field == "modelCard.modelParameters" %}
- Add model parameters section with architecture, size, and training details
{% elif field == "primaryPurpose" %}
- Add primary purpose information (what the model is designed for)
{% else %}
- This field is required for comprehensive documentation
{% endif %}
{% endif %}
{% endif %}
{% endfor %}
{% if missing_critical|length == 0 %}
- No critical fields are missing. Great job!
{% endif %}
Recommendations to Improve Your Score
{% if completeness_score.section_scores.component_model_card < completeness_score.max_scores.component_model_card %}
-
Enhance Model Card (+{{ ((completeness_score.max_scores.component_model_card - completeness_score.section_scores.component_model_card) * 0.3)|round(1) }} points):
{% if completeness_score.missing_fields.critical %}
{% for field in completeness_score.missing_fields.critical %}
{% if field == "modelCard.modelParameters" or field == "modelCard.considerations" %}
- Add {{ field }} information
{% endif %}
{% endfor %}
{% endif %}
{% endif %}
{% if completeness_score.section_scores.component_basic < completeness_score.max_scores.component_basic %}
-
Add Basic Component Information (+{{ ((completeness_score.max_scores.component_basic - completeness_score.section_scores.component_basic) * 0.2)|round(1) }} points):
{% if completeness_score.missing_fields.critical %}
{% for field in completeness_score.missing_fields.critical %}
{% if field == "name" or field == "description" or field == "purl" %}
- Add {{ field }} information
{% endif %}
{% endfor %}
{% endif %}
{% if completeness_score.missing_fields.important %}
{% for field in completeness_score.missing_fields.important %}
{% if field == "type" or field == "licenses" %}
- Add {{ field }} information
{% endif %}
{% endfor %}
{% endif %}
{% endif %}
{% if completeness_score.section_scores.metadata < completeness_score.max_scores.metadata %}
-
Add Metadata (+{{ ((completeness_score.max_scores.metadata - completeness_score.section_scores.metadata) * 0.2)|round(1) }} points):
{% if completeness_score.missing_fields.critical %}
{% for field in completeness_score.missing_fields.critical %}
{% if field == "primaryPurpose" or field == "suppliedBy" %}
- Add {{ field }} information
{% endif %}
{% endfor %}
{% endif %}
{% if completeness_score.missing_fields.supplementary %}
{% for field in completeness_score.missing_fields.supplementary %}
{% if field == "standardCompliance" or field == "domain" or field == "autonomyType" %}
- Add {{ field }} information
{% endif %}
{% endfor %}
{% endif %}
{% endif %}
{% if completeness_score.section_scores.external_references < completeness_score.max_scores.external_references %}
-
Add External References (+{{ ((completeness_score.max_scores.external_references - completeness_score.section_scores.external_references) * 0.1)|round(1) }} points):
{% if completeness_score.missing_fields.critical %}
{% for field in completeness_score.missing_fields.critical %}
{% if field == "downloadLocation" %}
- Add download location reference
{% endif %}
{% endfor %}
{% endif %}
- Add links to model card, repository, and dataset
{% endif %}
{% if completeness_score.validation and not completeness_score.validation.valid %}
-
Fix Validation Issues (remove validation penalty):
{% for recommendation in completeness_score.validation.recommendations %}
- {{ recommendation }}
{% endfor %}
{% endif %}
Scoring Rubric
The overall score is calculated using a weighted normalization approach:
Total Score = Sum of (Section Score × Section Weight)
Where:
- Section Score = Points earned in that section
- Section Weight = Section's maximum points ÷ Total possible points (100)
Example calculation: If your SBOM has these section scores:
- Required Fields: 20 points × 0.20 weight = 4.0 points
- Metadata: 15 points × 0.20 weight = 3.0 points
- Component Basic: 10 points × 0.20 weight = 2.0 points
- Model Card: 10 points × 0.30 weight = 3.0 points
- External References: 5 points × 0.10 weight = 0.5 points
The total score would be 12.5 points, even though the raw section scores sum to 60 points.
Note: The total score is not the sum of section scores. Each section contributes proportionally to its weight in the final score.
Fields are classified into three tiers based on importance:
- Critical fields: Highest weight (3-4 points each)
- Important fields: Medium weight (2-4 points each)
- Supplementary fields: Lower weight (1-2 points each)
Penalties are applied for missing critical fields:
- Missing >3 critical fields: 20% penalty (score × 0.8)
- Missing 1-3 critical fields: 10% penalty (score × 0.9)
- Missing >5 important fields: 5% penalty (score × 0.95)
{% if completeness_score.validation_penalty %}
Additional penalties are applied based on validation results:
- Schema errors: Up to 50% reduction (10% per error)
- Schema warnings: Up to 20% reduction (5% per warning)
{% endif %}
