The rapid advancement of Large Language Models (LLMs) has revolutionized artificial intelligence, introducing unprecedented capabilities in natural language processing and multimodal content generation. However, the increasing complexity and scale of these models have given rise to a multifaceted supply chain that presents unique challenges across infrastructure, foundation models, and downstream applications. This paper provides a comprehensive research agenda of the LLM supply chain, offering a structured approach to identify critical challenges and opportunities through the dual lenses of Software Engineering (SE) and Security & Privacy (S&P). We begin by establishing a clear definition of the LLM supply chain, encompassing its components and dependencies. We then analyze each layer of the supply chain, presenting a vision for robust and secure LLM development, reviewing the current state of practices and technologies, and identifying key challenges and research opportunities. This work aims to bridge the existing research gap in systematically understanding the multifaceted issues within the LLM supply chain, offering valuable insights to guide future efforts in this rapidly evolving domain.

翻译：大语言模型（LLMs）的快速发展已经彻底改变了人工智能领域，在自然语言处理和多模态内容生成方面引入了前所未有的能力。然而，这些模型日益增长的复杂性和规模催生了一个多层面的供应链，该供应链在基础设施、基础模型和下游应用方面带来了独特的挑战。本文提出了一个关于LLM供应链的综合性研究议程，通过软件工程（SE）以及安全与隐私（S&P）的双重视角，提供了一种结构化的方法来识别关键挑战与机遇。我们首先明确了LLM供应链的定义，涵盖其组成部分和依赖关系。随后，我们分析了供应链的每一层，提出了构建稳健且安全的LLM开发的愿景，回顾了当前实践与技术的现状，并识别了关键挑战与研究机遇。本工作旨在弥合现有研究在系统性理解LLM供应链内多层面问题上的差距，为引导这一快速演进领域的未来工作提供有价值的见解。