Booz Allen Hamilton warned that Chinese artificial intelligence (AI) coding models used by U.S. developers could create hidden software-supply-chain risks for government, contractor, and critical-infrastructure systems, after its testing found some models generated more vulnerable code when prompted as if the user worked for the U.S. government.
The company said in its June report “What’s in America’s Code?” that it tested four Chinese coding models and one U.S. model across more than 2,800 trials, generating about 460,000 lines of code.
Booz Allen is a government contractor that provides AI and cybersecurity services.
The company said three of the four Chinese models produced more vulnerable code when the prompt used a U.S. government persona. It also said all four Chinese-built models refused some mock U.S. government coding tasks involving topics Beijing treats as politically sensitive….
Chinese AI Coding Models Pose Hidden Risk to US Software Supply Chain, Report Says
