Open source software has become an important part of enterprise information systems due to its low cost, openness and transparency, and ease of customization. However, the open source software supply chain faces complex security risks, including management challenges brought about by multi-developer collaboration and difficulties in controlling third-party dependencies, which may lead to data leakage, system paralysis, and business interruption, and bring huge losses to enterprises. This paper proposes an artificial intelligence-driven open source software supply chain security risk identification and protection technology system. The study adopts AHP-entropy combination assignment model to assign weights to supply chain security evaluation indexes, and constructs a security risk identification model based on PSO-SVM, and finally designs a supply chain security protection system based on trusted computing. The results show that the weight of open source code component management is 0.478, which is the most important first-level evaluation index, followed by open source code quality management with a weight of 0.422; among the second-level indexes, open source code submission frequency, self-developed code size and percentage and component vulnerability severity have the highest weights. The PSO algorithm obtains the optimal parameters after 136 iterations, and the constructed risk assessment model has a test set of The assessment accuracy rate reaches 90%, only one sample is misclassified, and the squared correlation coefficient of the regression analysis is 0.96432. The conclusion of the study shows that the combined empowerment method reduces the influence of subjective or objective bias of single empowerment, the PSO-SVM model can accurately identify supply chain security risks, and the end-to-end protection system based on trustworthy computing can realize the trustworthy monitoring of the whole process of business communication, which provides enterprises with a comprehensive and accurate open source software supply chain security management solution.
