Large Language Model Supply Chain: A Research Agenda

TL;DR

This paper presents a comprehensive research agenda for the large language model supply chain, addressing challenges and opportunities in infrastructure, models, and applications to guide future research.

Contribution

It systematically defines the LLM supply chain, analyzes its components, and identifies key challenges and research directions from software engineering and security perspectives.

Findings

Identifies critical challenges in LLM supply chain components.

Provides a structured research agenda for future work.

Highlights security and privacy concerns in LLM development.

Abstract

The rapid advancement of large language models (LLMs) has revolutionized artificial intelligence, introducing unprecedented capabilities in natural language processing and multimodal content generation. However, the increasing complexity and scale of these models have given rise to a multifaceted supply chain that presents unique challenges across infrastructure, foundation models, and downstream applications. This paper provides the first comprehensive research agenda of the LLM supply chain, offering a structured approach to identify critical challenges and opportunities through the dual lenses of software engineering (SE) and security & privacy (S\&P). We begin by establishing a clear definition of the LLM supply chain, encompassing its components and dependencies. We then analyze each layer of the supply chain, presenting a vision for robust and secure LLM development, reviewing the current state of practices and technologies, and identifying key challenges and research opportunities. This work aims to bridge the existing research gap in systematically understanding the multifaceted issues within the LLM supply chain, offering valuable insights to guide future efforts in this rapidly evolving domain.