Survey Surfaces Raft of AI Coding Issues Involving Embedded Systems - DevOps.com

Survey Surfaces Raft of AI Coding Issues Involving Embedded Systems - DevOps.com

Briefly

A survey of 785 development and security professionals working on embedded systems published this week finds 89% of organizations are already using artificial intelligence (AI) coding assistants, but 39% also noted that only certain developers are allowed to use them. Conducted by Censuswide on behalf of Black Duck Software, the survey also finds that 96% of respondents are integrating open source AI models into their products. Unfortunately, rapid adoption appears to be outpacing the development of necessary governance and security measures, with 21% of respondents lacking confidence in their ability to prevent AI from introducing security vulnerabilities.

Corey Hamilton, senior solutions manager for Black Duck Software, said the survey makes it clear that while adoption of AI coding tools is high, there is a substantial amount of risk, especially if the embedded system is used in an application that could impact human safety. The simple fact of the matter is that the level of potential risk is being elevated, he noted. Too many business leaders, in the name of increasing productivity, have donned AI security blinders, added Hamilton.

Overall, the survey finds that Python is now the most widely used programming language by builders of embedded systems (27%), followed by C++ (26%), Java (22%) and JavaScript (21%). Usage of software composition analysis (SCA) tools is becoming more widespread, with scans occurring with every build (39%), on every pull request (39%), and within the integrated developer environment (35%). A full 71% said their organizations can also now produce software bill of materials (SBOMs), driven primarily by customer and partner requirements (40%).