Google DeepMind has introduced an AI agent that automatically found and fixed software vulnerabilities in open source projects, submitting 72 security patches over the past six months to codebases including some as large as 4.5 million lines of code.
The tool, called CodeMender, uses Gemini Deep Think models to create an autonomous agent capable of debugging and fixing complex security flaws, Raluca Ada Popa, senior staff research scientist at Google’s DeepMind, and Fionn Flynn, VP of Security and Privacy at Google DeepMind, wrote in a blog post.
“Software vulnerabilities are notoriously difficult and time-consuming for developers to find and fix, even with traditional, automated methods like fuzzing,” Popa and Flynn wrote in the post. “As we achieve more breakthroughs in AI-powered vulnerability discovery, it will become increasingly difficult for humans alone to keep up.”
How CodeMender works
CodeMender operates by leveraging the reasoning capabilities of Gemini Deep Think models to produce an autonomous agent that can debug and fix vulnerabilities. The agent is equipped with tools that allow it to reason about code before making changes and automatically validate those changes to ensure they are correct and don’t cause regressions, the researchers said.
The company said it developed new techniques and tools that let CodeMender reason about code and validate changes more effectively. These include advanced program analysis tools based on static analysis, dynamic analysis, differential testing, fuzzing, and SMT solvers that systematically scrutinize code patterns, control flow, and data flow to identify root causes of security flaws.
CodeMender also uses multi-agent systems with special-purpose agents that tackle specific aspects of underlying problems. For example, the tool uses a large language model-based critique tool that highlights differences between original and modified code to verify proposed changes don’t introduce regressions, the company said.
“While large language models are rapidly improving, mistakes in code security could be costly,” the researchers wrote, adding that CodeMender’s automatic validation process ensures code changes are correct across many dimensions by only surfacing for human review high-quality patches that fix root causes, are functionally correct, cause no regressions, and follow style guidelines.
Reactive and proactive security
The tool takes both reactive and proactive approaches to code security, Google DeepMind said. Reactively, it instantly patches new vulnerabilities. Proactively, it rewrites and secures existing code to eliminate entire classes of vulnerabilities.
In one proactive example, Google DeepMind deployed CodeMender to apply -fbounds-safety annotations to parts of libwebp, a widely used image compression library. When -fbounds-safety annotations are applied, the compiler adds bounds checks to prevent attackers from exploiting buffer overflow or underflow vulnerabilities to execute arbitrary code.
The company pointed to CVE-2023-4863, a heap buffer overflow vulnerability in libwebp that was used by a threat actor as part of a zero-click iOS exploit. With -fbounds-safety annotations, this vulnerability would have been rendered unexploitable, Google DeepMind said in the blog post.
Human review is still required
While Google DeepMind described early results with CodeMender as promising, the company said it is taking a cautious approach focused on reliability. Currently, all patches generated by CodeMender are reviewed by human researchers before being submitted upstream, the researchers added in the post.
Using CodeMender, Google DeepMind said it has already begun submitting patches to various critical open-source libraries, many of which have already been accepted and upstreamed. The company said it is gradually ramping up the process to ensure quality and systematically address feedback from the open-source community.
Google DeepMind said it will gradually reach out to interested maintainers of critical open source projects with CodeMender-generated patches. Besides, it hopes to release CodeMender as a tool that can be used by all software developers to keep their codebases secure, and plans to publish technical papers and reports detailing techniques and results in the coming months, the company said in the blog post.
No Responses