On December 31, 2014, it was disclosed that the F-35 Joint Strike Fighter was unable to fire its guns due to a glitch in the software, delaying production of the aircraft until 2019. Current industry tools for ensuring software quality statically check the code for security and run-time vulnerabilities that are often the cause of failure in complex software systems. Unfortunately, these tools suffer from high false positive rates and do not always lead the developer to a quick solution for the identified vulnerabilities. The proposed solution from ASSRC, CodeAi, takes an innovative approach to software quality checking by automatically suggesting fixes for common software vulnerabilities. CodeAi uses Deep Learning, a state-of-the-art machine learning technique, to learn from the enormous amount of open source software, so called Big Code, to suggest fixes that resemble those written by humans. Over the past 18 months, a small team of software engineers has been researching and developing the foundational components of CodeAi. DARPA funding will enable completion of a proof of concept system for one vulnerability, which will be scaled to address the most pernicious software defects of the defense industry- potentially resolving the software glitch in the Joint Strike Fighter.
