English
Related papers

Related papers: Constitutional Spec-Driven Development: Enforcing …

200 papers

Evaluating the correctness of code generated by AI is a challenging open problem. In this paper, we propose a fully automated method, named ACCA, to evaluate the correctness of AI-generated code for security purposes. The method uses…

Software Engineering · Computer Science 2024-06-11 Domenico Cotroneo , Alessio Foggia , Cristina Improta , Pietro Liguori , Roberto Natella

The absence of data protection measures in software applications leads to data breaches, threatening end-user privacy and causing instabilities in organisations that developed those software. Privacy Enhancing Technologies (PETs) emerge as…

Cryptography and Security · Computer Science 2024-10-02 Maisha Boteju , Thilina Ranbaduge , Dinusha Vatsalan , Nalin Arachchilage

This paper aims to extend the code generation capability of large language models (LLMs) to automatically manage comprehensive software requirements from given textual descriptions. Such requirements include both functional (i.e. achieving…

Software Engineering · Computer Science 2024-08-05 Hojae Han , Jaejin Kim , Jaeseok Yoo , Youngwon Lee , Seung-won Hwang

Conformal prediction (CP) and its extension, conformal risk control (CRC), are established frameworks for quantifying uncertainty in supervised machine learning through formal guarantees. However, recent breakthroughs in artificial…

Machine Learning · Computer Science 2026-05-29 Gabriel Loaiza-Ganem , Kevin Zhang , Wei Cui , Marc T. Law , Kin Kwan Leung

As AI rapidly advances, the security risks posed by AI are becoming increasingly severe, especially in critical scenarios, including those posing existential risks. If AI becomes uncontrollable, manipulated, or actively evades safety…

Artificial Intelligence · Computer Science 2025-08-29 Donglin Wang , Weiyun Liang , Chunyuan Chen , Jing Xu , Yulong Fu

Large language models (LLMs) are now widely used to draft and refactor code, but code that works is not necessarily secure. We evaluate secure code generation using the Instruct Prime, which eliminated compliance-required prompts and cue…

Cryptography and Security · Computer Science 2025-11-07 Arup Datta , Ahmed Aljohani , Hyunsook Do

As AI code assistants become increasingly integrated into software development workflows, understanding how their code compares to human-written programs is critical for ensuring reliability, maintainability, and security. In this paper, we…

Software Engineering · Computer Science 2025-09-01 Domenico Cotroneo , Cristina Improta , Pietro Liguori

Generating code from a natural language using Large Language Models (LLMs) such as ChatGPT, seems groundbreaking. Yet, with more extensive use, it's evident that this approach has its own limitations. The inherent ambiguity of natural…

Software Engineering · Computer Science 2023-10-09 Ahmed R. Sadik , Sebastian Brulin , Markus Olhofer

Many software systems originate as prototypes or minimum viable products (MVPs), developed with an emphasis on delivery speed and responsiveness to changing requirements rather than long-term code maintainability. While effective for rapid…

Software Engineering · Computer Science 2026-04-06 Ema Smolic , Mario Brcic , Luka Hobor , Mihael Kovac

Large language models have gained widespread prominence, yet their vulnerability to prompt injection and other adversarial attacks remains a critical concern. This paper argues for a security-by-design AI paradigm that proactively mitigates…

Cryptography and Security · Computer Science 2025-10-02 Dalal Alharthi , Ivan Roberto Kawaminami Garcia

Several techniques have been proposed to detect vulnerable Spectre gadgets in widely deployed commercial software. Unfortunately, detection techniques proposed so far rely on hand-written rules which fall short in covering subtle variations…

Cryptography and Security · Computer Science 2021-03-29 M. Caner Tol , Berk Gulmezoglu , Koray Yurtseven , Berk Sunar

We examine "vibe coding": an emerging programming paradigm where developers primarily write code by interacting with code-generating large language models rather than writing code directly. We present the first empirical study of vibe…

Human-Computer Interaction · Computer Science 2025-10-06 Advait Sarkar , Ian Drosos

Standard Verification Rule Format (SVRF) is essential for semiconductor applications like Design Rule Check (DRC), Layout Versus Schematic (LVS), and Optical Proximity Correction (OPC) and it faces challenges as advancing nodes create…

Software Engineering · Computer Science 2025-07-02 Abanoub E. Abdelmalak , Mohamed A. Elsayed , David Abercrombie , Ilhami Torunoglu

According to constructivist theory, students learn software security more effectively when examples are grounded in their own code. Generic examples often fail to connect with students' prior work, limiting engagement and understanding.…

Cryptography and Security · Computer Science 2026-04-16 Matthew Frazier , Kostadin Damevski

"Vibe coding" and "vibe analytics" have been framed as a democratization of technical capability. This paper argues that AI-assisted methodology more broadly, or what I call "vibe methodology," also democratizes the failure modes specific…

Econometrics · Economics 2026-05-11 Lydia Ashton

Security vulnerabilities present in a code that has been written in diverse programming languages are among the most critical yet complicated aspects of source code to detect. Static analysis tools based on rule-based patterns usually do…

Cryptography and Security · Computer Science 2025-08-19 Hael Abdulhakim Ali Humran , Ferdi Sonmez

To help prevent hardware security vulnerabilities from propagating to later design stages where fixes are costly, it is crucial to identify security concerns as early as possible, such as in RTL designs. In this work, we investigate the…

Recent progress in ML and LLMs has improved vulnerability detection, and recent datasets have reduced label noise and unrelated code changes. However, most existing approaches still operate at the function level, where models are asked to…

Cryptography and Security · Computer Science 2026-02-09 Yikun Li , Ting Zhang , Jieke Shi , Chengran Yang , Junda He , Xin Zhou , Jinfeng Jiang , Huihui Huang , Wen Bin Leow , Yide Yin , Eng Lieh Ouh , Lwin Khin Shar , David Lo

The complexity of browsers has steadily increased over the years, driven by the continuous introduction and update of Web platform components, such as novel Web APIs and security mechanisms. Their specifications are manually reviewed by…

Cryptography and Security · Computer Science 2022-09-02 Lorenzo Veronese , Benjamin Farinier , Pedro Bernardo , Mauro Tempesta , Marco Squarcina , Matteo Maffei

Frontier AI developers now train models against long written behavioral specifications, such as Anthropic's constitution (Anthropic, 2025a) and OpenAI's Model Spec (OpenAI, 2025a), integrated into post-training via methods like character…

Artificial Intelligence · Computer Science 2026-05-26 Arya Jakkli , Senthooran Rajamanoharan , Neel Nanda