Companies using artificial intelligence to generate code experience arrest and safety problems. The Sonar team, a supplier of quality and safety products of the code, heard first -hand stories of panels coherent in even important financial institutions where the developers responsible for the code blame the AI.
Among many other imperfections, AI tools are not perfect for generating code. Bilkent university researchers noted that the latest versions of Chatgpt, GitHub Copilot and Amazon Codewhisperer generated correct code of 65.2%, 46.3% and 31.1% of the time, respectively.
Part of the problem is that AI is Notoriously bad in mathematics Because he has trouble understanding logic. In addition, programmers are not known to be excellent for writing prompts because “AI does not do things in a coherent way or does not work as code”, according to Wharton Ai Professor Ethan Mollick.
See: Openai unveils the “strawberry” model, optimized for coding and complex mathematics
Could “insufficient criticism” be a factor?
At the end of 2023, more than half of the organizations said they encountered security problems with a bad code generated by AI “sometimes” or “frequently”, according to a investigation by Snyk. But the problem could worsen, because 90% of corporate software engineers will use AI code assistants by 2028, according to Gartner.
Tariq Shaukat, CEO of Sonar and former president of Bumble and Google Cloud, “already hears more and more”. He told TechrePublic in an interview: “Companies deploy code generation tools AI more frequently, and the code generated is put in production, causing breakdowns and / or security problems.
“In general, this is due to insufficient opinions, either because the company has not implemented the quality of the robust code and the code review practices, either because developers examine less the code written by IA than what ‘They would examine their own code.
“When he asked him questions about Buggy IA, a common chorus is” it’s not my code “, which means that they feel less responsible because they have not written it.”
See: 31% of organizations using an AI genetive ask him to write code (2023)
He stressed that it is not lack of care on the part of the developer, but rather a lack of interest in the “copy publishing code” in addition to the quality control processes that are not prepared at the speed of adoption of AI.
The “leave” effect
In addition, a 2023 Study From the University of Stanford who examined how users interact with the assistants of the AI code found that those who use them “wrote much less secure code” but were “more likely to believe that they wrote code secure”. This suggests that by simply using AI tools, programmers will automatically adopt an attitude more a faire to examine their work.
It is human nature of being tempted by an easier shortcut, especially when it is under pressure by a manager or a launching calendar, but trusting any confidence in AI can have an impact on quality Code journals and understanding how the code interacts with an application.
The Crowdsstrike breakdown in July stressed how widespread the disturbances if a critical system fails. Although this incident was not specifically linked to the code generated by AI, the cause of the failure was a bug of the validation process, which made it possible to deploy “problematic content data”. This demonstrates the importance of a human element when checking the critical content.
Developers are not aware of the potential traps of using AI in their work either. According to a report By Stack Overflow, only 43% of developers trust the accuracy of AI tools, at only 1% higher than in 2023. The IA favorability rating among developers also went from 77% ‘Last year at 72% this year.
However, despite the risk, the engineering services have not been dissuaded from AI coding tools, largely due to the advantages of efficiency. An outsystems survey revealed that 75% of software leaders have reduced their development time to half Thank you to the AI automation. This makes the developers happier too, told Shaukat to TechrePublic, because they spend less time on routine tasks.
What is “Code Churn”?
Time savings from productivity gains could be offset by the effort necessary to solve the problems caused by the code generated by AI.
Researchers at Gitlear Inspected 153 million lines of code originally written between January 2020 and December 2023 – when the use of AI coding assistants rose – which had been modified in one way or another. They noted an increase in the quantity of code which was to be corrected or returned less than two weeks after its rediction, what is called the “unsubscribe of the code”, which indicates instability.
The researchers’ project that cases of code unsubscribe will double in 2024 on the pre-Ai 2021 reference basis and that more than 7% of all code changes will be recovered within two weeks.
In addition, in the study period, the percentage of copying code also increased in particular. This goes against the popular “dry” or “do not repeat yourself”, the mantra among the programmers, because the repeated code can cause maintenance, bugs and increased inconsistency in a code base.
But, on the question of whether the productivity savings associated with AI code assistants are canceled by cleaning operations, Shaukat said it was too early to say.
See: The best safety tools for developers
“Our experience is that typical developers accept the suggestions of code generators about 30% of the time. This is significant, ”he said. “When the system is designed correctly, with the right tools and the right processes in place, any cleaning work is manageable.”
However, developers must still be held responsible for the code they submit, in particular when AI tools are used. If they are not, it is at this time that the code resulting in downtime will pass through the meshes of the net.
Shaukat told Techrepublic: “CEOs, CIOs and other business leaders must examine their processes in light of the increased AI use in the generation of code and prioritize the necessary insurance steps.
“Where they cannot, they will see frequent breakdowns, more bugs, loss of productivity of developers and increased security risks. AI tools are supposed to be both reliable and verified. »»