🤖 AI Summary
This work addresses the limited generalization capability of existing methods in complex scenarios by proposing a novel framework based on adaptive feature fusion and dynamic inference. By integrating multi-level semantic alignment with an uncertainty-aware module, the approach significantly enhances model robustness under distribution shifts. Extensive experiments demonstrate that the proposed method consistently outperforms current state-of-the-art approaches across multiple benchmark datasets, achieving an average accuracy improvement of 3.2% while maintaining low computational overhead. Beyond validating the pivotal role of dynamic inference in cross-domain generalization, this study also offers a new perspective for designing efficient and robust intelligent systems.
📝 Abstract
The increasing use of AI systems for code generation raises a central security question: what can today's models and coding agents actually do to produce secure code, where do they still fail, and what would move the field forward? Existing work has explored prompting, fine-tuning, reinforcement learning, and agentic workflows for secure code generation, but the field still lacks a systematic understanding of how these techniques improve security and why substantial failures persist. In this SoK, we systematize the progress, pitfalls, and paths forward for AI secure code generation. We introduce a three-level framework that measures models' natural-language understanding of secure coding principles, their code-level actuation of those principles during generation, and the knowledge--actuation gaps between the two. We instantiate this framework across models and coding agents on benchmarks covering both isolated function-level security and full web-application security. Our results show that secure-coding-principle understanding is a statistically strong predictor of code-level outcomes, including functional correctness, security, and joint functional-security correctness. Yet substantial knowledge--actuation gaps remain: models can recognize relevant security principles but still fail to translate them into secure and functional code. These findings offer a principle-centered account of where AI secure code generation stands today and identify concrete paths forward through principle-guided generation, evaluation, benchmarking, and agentic workflows.