联邦信息技术安全局：2024年AI编码助手安全指南（英文版）（16页）.pdf

《联邦信息技术安全局：2024年AI编码助手安全指南（英文版）（16页）.pdf》由会员分享，可在线阅读，更多相关《联邦信息技术安全局：2024年AI编码助手安全指南（英文版）（16页）.pdf（16页珍藏版）》请在三个皮匠报告上搜索。

1、AI Coding Assistants 1 Introduction 2 Federal Office for Information Security Published by Bundesamt fr Sicherheit in der Informationstechnik 53133 Bonn,Germany Phone:+49(0)228 99 95820 E-Mail:bsibsi.bund.de Source:Federal Office for Information Security(BSI)P.O.Box 20 03 63 53133 Bonn,Germany Phone

2、:+49(0)228 99 95820 E-Mail:ki-kontaktbsi.bund.de Agence nationale de la scurit des systmes dinformation Secrtariat gnral de la dfense et de la scurit nationale 51,boulevard de La Tour-Maubourg 75700 Paris 07 SP,France Phone:+33(0)1 71 76 85 85 E-Mail:communicationssi.gouv.fr Last updated:September 2

3、024 1 Introduction Federal Office for Information Security 3 Executive Summary This report provides recommendations for a secure use of AI coding assistants compiled by the French Cybersecurity Agency(Agence nationale de la scurit des systmes dinformation,ANSSI)and the German Federal Office for Info

4、rmation Security(Bundesamt fr Sicherheit in der Informationstechnik,BSI).Within the document,perspectives are given on the opportunities that arise through the use of AI coding assistants as well as risks associated with the technology.Concrete mitigation measures are outlined.Opportunities AI codin

5、g assistants can be utilized in several different stages of the software development process.While the generation of source code is the key functionality,these LLM-based AI systems can also help developers to familiarize themselves with new projects by providing code explanations.Furthermore,AI codi

6、ng assistants can support the code development process by automatically generating test cases and ease the burden of code formatting and documentation steps.The functionality to translate between programming languages can simplify the maintenace efforts by translating legacy code into modern program