Generative AI in Software Engineering: Strategies Beyond Prompt Engineering
In the 43rd edition of this newsletter, entitled “Fail with Generative AI: The Most Probable Instead of the Best Fit,” it was concluded that due to the associated challenges in terms of “Technical Complexity, Costs, and Significant Efforts/Time,” many organizations struggle to design and implement “Customized Generative AI” systems that are built upon the “Best-Fit Foundation Models” and can turn the “Enterprise Data Assets” into “Actionable Knowledge” through the “Fine-Tuning” and “Retraival Agmanted Generation - RAG” strategies. These enterprises usually follow the shortest and easiest path to leverage the power of generative AI by subscribing to the already existing “General-Purpose Large Language Models” services. The most dangerous effect of this shortest and most straightforward approach is giving a “False Impression of Ultimate Accuracy” about the generated inaccurate knowledge from these AI systems. The general-purpose generative AI services usually compose a response containing the “Most Probable Tactics and Strategies,” this is a typical plan to “Fail with Generative AI,” which is a costly failure. These “Most Probable Tactics and Strategies” can’t be considered as successful replacements or substitutes for “Best-fit Probable Tactics and Strategies,” which can only be found by human intelligence or by human intelligence that is augmented or assisted by “Customized Generative AI” systems.
In this edition of the newsletter, the focus will be on applying the concepts mentioned above to a specific industry: “Software Engineering.” In particular, we will explore how “Customized Generative AI” systems can revolutionize the way “Software Engineering Life Cycles” are performed and how specific approaches for software development can be better instead of following the most straightforward path available through public existing “General-Purpose Large Language Models” services and the typical associated “Prompt Engineering Strategies.”
The motivations behind going a step further behind the use of the available public existing and typical prompt engineering are many, including software engineering “Data Privacy,” securing “Intellectual Property,” optimized performance based on “Company-Specific Systems, Skillsets, and Engineering Patterns,” and, more importantly, guarding against “Software Vulnerabilities” in the generated software assets inherited from the used training datasets.
For example, integrating the public general-purpose Generative AI services into the company-used IDEs can pose a significant security risk if proper precautions are not taken. There will be a question mark about maintaining the privacy and the intellectual property of the company’s produced software. This may include the potential for data leaks and unauthorized access to sensitive information. Another example is related to engineering patterns, company-specific systems, and skillsets. The typical prompt engineering techniques for public general-purpose Generative AI services may fail to consider the specific needs of each company. Each company has a footprint for its codes, bugs, and vulnerabilities that depend on the mix of the used development life-cycle, programming languages, architectures, and industry verticals for which they develop the systems. A FinTech company that develops serverless and microservices cloud systems offered as SaaS has a totally different nature from an ERP company that produces a client-server architected system that is presented as a traditional desktop application. Therefore, a one-size-fits-all approach may fail to tailor to the specific constraints of each company, potentially leaving them so vulnerable.
Hence, and to conclude, due to the associated challenges in terms of “Technical Complexity, Costs, and Significant Efforts/Time,” many “Software Development Organizations” may struggle to design and implement “Customized Generative AI for Software Engineering” systems that are built upon the “Best-Fit Foundation Models” and can turn the “Software Development Assets” into “Actionable Knowledge” through the “Fine-Tuning” and “Retraival Agmanted Generation - RAG” strategies. These software development organizations usually follow the shortest and easiest path to leverage the power of generative AI by subscribing to the already existing “General-Purpose Large Language Models” services and the typical associated “Prompt Engineering Strategies.” The most dangerous effect of this shortest and most straightforward approach is giving a “False Impression of Ultimate Accuracy” about the generated requirements, codes, test cases, and operational scripts from these AI systems. The general-purpose generative AI services usually compose a response containing the “Most Probable Requirements, Codes, Test Cases, and Operational Scripts,” which may contain vulnerabilities inherited from the used training datasets. This is a typical plan to “Fail with Generative AI,” which is a costly failure, especially for “Critical Software Systems.” These “Most Probable Requirements, Codes, Test Cases, and Operational Scripts” can’t be considered successful replacements or substitutes for “Best-fit Requirements, Codes, Test Cases, and Operational Scripts,” which can only be found by human intelligence or by human intelligence that is augmented or assisted by “Customized Generative AI for Software Engineering” systems.