The Impact of AI-Assisted Development on Software Security: A Study of Gemini and Developer Experience
This addresses the problem of software security in the context of AI tool adoption for developers, but it is incremental as it confirms existing concerns without major new findings.
The study investigated how AI-assisted development tools like Gemini affect software security, finding that while Gemini did not significantly impact security, programming experience significantly improved code security and could not be replaced by the tool.
The ongoing shortage of skilled developers, particularly in security-critical software development, has led organizations to increasingly adopt AI-powered development tools to boost productivity and reduce reliance on limited human expertise. These tools, often based on large language models, aim to automate routine tasks and make secure software development more accessible and efficient. However, it remains unclear how developers' general programming and security-specific experience, and the type of AI tool used (free vs. paid) affect the security of the resulting software. Therefore, we conducted a quantitative programming study with software developers (n=159) exploring the impact of Google's AI tool Gemini on code security. Participants were assigned a security-related programming task using either no AI tools, the free version, or the paid version of Gemini. While we did not observe significant differences between using Gemini in terms of secure software development, programming experience significantly improved code security and cannot be fully substituted by Gemini.