Writing code can be a time-consuming and labor-intensive process, so it is not surprising that research is underway to automate the process using artificial intelligence (A.I.). But, while machine-based code can make things easier, it also opens the possibility of perpetuating bugs and other flaws that were never fixed in the original source code.
As research in automated code writing using A.I. advances, there is a need to also better understand the characteristics of such code. Otherwise, as Brendan Dolan-Gavitt, an assistant professor in the Computer Science and Engineering Department at NYU Tandon School of Engineering told Wired magazine in April that, such efforts could “end up producing buggy and even insecure code,” because, “they’re trained on human-written code, which is very often buggy and insecure.”
One way to deal with this downside is to first determine how A.I. generated code may differ from conventional human-sourced code. Dolan-Gavitt has created a website called This Code Does Not Exist, in which visitors are asked to judge whether a piece of code was written by a human or by a machine. He also has experience in creating AI-generated code that produces bugs for testing security software, which gives him a rather unique perspective on how A.I. algorithms can lead to errors and biases that would likely show up in software.
A July 6 article in ACM News acknowledges both the rewards and the risks of this approach to writing code. Furkan Bektes, founder and CEO of SourceAI, which has developed a tool to write code based on short natural language input, states in the article that his company is committed to preventing AI from being used for hacking and malware. But, as the article points out, there could be other companies that perhaps do not have such qualms. “There is potential for abuse,” Dolan-Gavitt acknowledges, “It’s conceivable that malware authors could generate numerous variants of the same malware to avoid detection.”