The Impact of AI-Assisted Development on Software Security

A study of 159 software developers found that Google's Gemini AI tool did not significantly improve code security compared to using no AI assistance. The research, conducted by Nadine Jost, showed that developers' programming experience was the primary factor in producing secure code, suggesting AI tools cannot fully substitute for human expertise in security-critical software development.

Computer Science Software Engineering Submitted on 16 Mar 2026 v1 https://arxiv.org/abs/2603.15298v1 , last revised 17 Mar 2026 this version, v2 Title:The Impact of AI-Assisted Development on Software Security: A Study of Gemini and Developer Experience View PDF /pdf/2603.15298 HTML experimental https://arxiv.org/html/2603.15298v2 Abstract:The ongoing shortage of skilled developers, particularly in security-critical software development, has led organizations to increasingly adopt AI-powered development tools to boost productivity and reduce reliance on limited human expertise. These tools, often based on large language models, aim to automate routine tasks and make secure software development more accessible and efficient. However, it remains unclear how developers' general programming and security-specific experience, and the type of AI tool used free vs. paid affect the security of the resulting software. Therefore, we conducted a quantitative programming study with software developers n=159 exploring the impact of Google's AI tool Gemini on code security. Participants were assigned a security-related programming task using either no AI tools, the free version, or the paid version of Gemini. While we did not observe significant differences between using Gemini in terms of secure software development, programming experience significantly improved code security and cannot be fully substituted by Gemini. Submission history From: Nadine Jost view email /show-email/3a20af7b/2603.15298 Mon, 16 Mar 2026 13:59:06 UTC 441 KB v1 /abs/2603.15298v1 v2 Tue, 17 Mar 2026 10:48:08 UTC 441 KB References & Citations Loading... Bibliographic and Citation Tools Bibliographic Explorer What is the Explorer? https://info.arxiv.org/labs/showcase.html arxiv-bibliographic-explorer Connected Papers What is Connected Papers? https://www.connectedpapers.com/about Litmaps What is Litmaps? https://www.litmaps.co/ scite Smart Citations What are Smart Citations? https://www.scite.ai/ Code, Data and Media Associated with this Article alphaXiv What is alphaXiv? https://alphaxiv.org/ CatalyzeX Code Finder for Papers What is CatalyzeX? https://www.catalyzex.com DagsHub What is DagsHub? https://dagshub.com/ Gotit.pub What is GotitPub? http://gotit.pub/faq Hugging Face What is Huggingface? https://huggingface.co/huggingface ScienceCast What is ScienceCast? https://sciencecast.org/welcome Demos Recommenders and Search Tools Influence Flower What are Influence Flowers? https://influencemap.cmlab.dev/ CORE Recommender What is CORE? https://core.ac.uk/services/recommender arXivLabs: experimental projects with community collaborators arXivLabs is a framework that allows collaborators to develop and share new arXiv features directly on our website. Both individuals and organizations that work with arXivLabs have embraced and accepted our values of openness, community, excellence, and user data privacy. arXiv is committed to these values and only works with partners that adhere to them. Have an idea for a project that will add value for arXiv's community? Learn more about arXivLabs https://info.arxiv.org/labs/index.html .