Nine out of 10 reported cyber security incidents are the result of an error in software code. Hackers particularly prize so-called zero-day attacks, where a previously unknown flaw allows them to infiltrate a computer system. Stuxnet, the computer virus that targeted computers in Iran’s uranium enrichment programme, is a famous example of a zero-day attack.
With billions of lines of code written every year, however, catching and correcting every error is difficult. Researchers in both the US and China believe artificial intelligence could offer a solution.
Human efforts, so far, have failed to keep pace. If anything, the number of defects is increasing. Data collected in last year’s Coverity Scan report, which analyses open-source software, for example, suggests that the number of faults is mounting.