Oracle Seeks Patent to Clean Up After Code Generators

Oracle may be looking for a way to spot mistakes before they cause security problems. 

The company is seeking to patent a system for “code vulnerability detection and validation” that aims to weed out and fix vulnerable bits of code in software.  

Oracle’s system keeps a record of known vulnerable code sections, then modifies them by integrating patches. The system then cross-references the list of known vulnerabilities with software components, and pinpoints when bits of vulnerable code show up across different versions.

Oracle noted that the tech could help track down vulnerabilities when working on a large software project and pulling from a code library. “Vulnerabilities may be discovered in the software component months or even years after users … have integrated the software component into their software projects,” Oracle said in a US Patent and Trademark Office filing. 

The system could also be helpful as generative AI quickly changes the software development landscape. More than ever, enterprises and developers are relying on code generation tools to assist in rapidly developing code and software. Deloitte predicts that the productivity gain by US developers adopting code generation tools could be worth up to $12 billion annually. 

Major tech companies  introduced their own code generation tools in the past year, including Microsoft, Amazon, IBM and Google. Some tech giants are using them internally, too, with Google CEO Sundar Pichai saying last year that 25% of the code for the company’s new projects is AI-generated. 

But while AI is fast, it’s not infallible. Generative models have the tendency to hallucinate and supply incorrect answers, as well as exhibit data security issues when prompted in certain ways. Over-reliance on these tools can lead to mistakes that have domino effects in broader security, and with the rise in adoption of them, a system like Oracle’s that automatically detects and fixes code slip-ups could provide valuable protection.