Coding in the ’90s usually meant selecting an editor, checking code into CVS or SVN code repositories, and then compiling code into executables. Integrated development environments (IDEs) like Eclipse and Visual Studio improved productivity by including coding, development, documentation, building, testing, deploying, and other steps in the software development lifecycle (SDLC). Cloud computing and DevSecOps automation tools brought in the next wave of developer capabilities, making it easier for more organizations to develop, deploy, and maintain applications.
Generative AI is the catalyst for the next paradigm shift, promising to change how organizations create and maintain software as well as enabling new development tools and paradigms. The question for many developers and IT leaders is whether AI means the demise of coding as we know it. A related question is how it will affect the evolution of SDLC and DevSecOps over the next decade. With these two questions in mind, I went searching for ideas and predictions.
Is genAI a new tool or a new way of developing?
“I am a big believer in code, and I have seen many people bet against code in my 25-year career, and they have always lost,” says Joe Duffy, CEO of Pulumi. “AI will automate and augment coding, not replace it, thereby raising the level of abstraction that we humans operate at, considerably accelerating productivity and output.”
That’s one viewpoint. To consider others, I went back to the classics.
In Frederick Brooks’ classic book on software development, The Mythical Man-Month, he shares a study on software development productivity showing “the ratios between best and worst performances averaged about 10:1 on productivity measurements and an amazing 5:1 on program speed and space measurements.” In the 20th anniversary edition of the book published in 1995, he republishes the 1986 article, “No Silver Bullet: Essence and Accidents of Software Engineering,” which predicted that “a decade would not see any programming technique that would by itself bring an order-of-magnitude improvement in software productivity.
We don’t know yet whether copilots and other generative AI coding capabilities will exceed these benchmarks.
“The software delivery lifecycle is getting disrupted by generative AI,” says Ashish Kakran, principal of Thomvest Ventures. “Dev and devops teams will become more productive with a higher percentage of team members potentially achieving outputs similar to those of 10x engineers”.
That productivity gain and democratizing the software development skill set may be possible as genAI capabilities mature and developers realign their responsibilities. “Copilots in their current form are really about developer productivity and removing that busy work,” says Ed Thompson, CTO of Matillion. “Those who assume that copilots have already fundamentally changed the job are working on the incorrect assumption that a developer’s job is to write code—it’s to solve problems.”
10 ways generative AI will transform software development
How will generative AI transform software development over the next decade? Here are 10 predictions:
- Generating code from natural language prompts is the standard
- Code validation is a critical developer responsibility
- Manufacturing as the new development paradigm
- Less coding, but greater code supply-chain risks
- New paradigms accelerate integration
- Developers manage AI agents
- AI touches multiple phases of the SDLC
- GenAI and human development personas emerge
- AI improves ops capabilities in dev processes
- Organizations must protect themselves from AI risks
Generating code from natural language prompts is the standard
Kaxil Naik, director of Airflow engineering at Astronomer, says, “Coding will become more efficient with AI-generated boilerplate code and AI-assisted copilots translating natural language into functional code, simplifying the understanding of complex codebases and ensuring adherence to best practices.”
StackOverflow’s 2023 developer survey shows that 70% of developers are using or are planning to use AI tools in their development process. Of those already using AI in development, over 82% use it to write code. These numbers suggest a paradigm shift in how developers will develop code, reuse existing code, and build components.
Code validation is a critical developer responsibility
The ability to prompt for code adds risks if the code generated has security issues, defects, or introduces performance issues. The hope is that if coding is easier and faster, developers will have more time, responsibility, and better tools for validating the code before it gets embedded in applications. But will that happen?
“As developers adopt AI for productivity benefits, there’s a required responsibility to gut-check what it produces,” says Peter McKee, head of developer relations at Sonar. “Clean as you code ensures that by performing checks and continuous monitoring during the delivery process, developers can spend more time on new tasks rather than remediating bugs in human-created or AI-generated code.”
CIOs and CISOs will expect developers to perform more code validation, especially if AI-generated code introduces significant vulnerabilities. “If developers don’t implement automation to scan and monitor AI-generated code, it means exponentially more code to fix and more tech debt,” adds McKee.
Manufacturing as the new development paradigm
One question about using Gen-AI tools to develop code is how it will impact tools and standards at large organizations with many development teams supporting thousands of applications. What will development look like in larger organizations if developers write less code but integrate more genAI-developed code?
“The tooling mix across teams results in a lack of standards and complex onboarding, not to mention that it adds to the cognitive load of developers,” says Markus Eisele, developer tools strategy and evangelism at Red Hat. “A blend of best practices combined with easy access through centralized developer portals is here to change this. Topped with the enriched capabilities of an application platform, this has the potential to remove friction and help with applying best practices across team boundaries.”
The implication is that IDEs may morph into assembly platforms similar to computer-aided design (CAD) in manufacturing or building information modeling (BIM) in construction. The focus shifts from building custom components to assembling preexisting ones and leveraging built-in tools to validate the design.
Less coding, but greater code supply-chain risks
Another implication of code developed with genAI concerns how enterprise leaders develop policies and monitor the supply chain of what code is embedded in enterprise applications. Until now, organizations were most concerned about tracking open source and commercial software components, but genAI adds new dimensions.
“Devops practitioners will play a major role in maintaining and managing the AI supply chain: the security, authenticity, and origins of AI-based models will come under more scrutiny in an enterprise’s day-to-day operations,” says Ilkka Turunen, Field CTO of Sonatype. “Implementing a strategy that evaluates AI risk and properly manages an AI model’s bill of materials will help ensure proper AI hygiene and management across the devops infrastructure of any organization.”
Expect SAST, DAST, and other security and code management tools to increase code-scanning automation capabilities and help validate whether genAI code meets policies before developers integrate code into enterprise repositories.
New paradigms accelerate integration
Developers can expect new capabilities in integrations, which have already seen orders of magnitude of improved capabilities over the last decade through APIs, IFTTT SaaS integration platforms, integration platforms as a service (iPaaS), and other ecosystem technologies. That said, developers still perform much work to map data fields, code transformation logic, ensure reliability, and adjust for performance considerations.
Emmanuel Cassimatis, AI and Innovation team at SAP, says, “When it comes to integration, the development lifecycle has historically been quite fragmented across its different steps, from design, build, test, integrate, deploy, deliver, and review. AI can allow unification by tapping a picture from data from different applications, resulting in greater collaboration between developers.”
It’s only a matter of time before developers use genAI to build codeless, self-healing integrations with natural language requirements and auto-generated visual flows.
Developers as managers of AI agents
Phillip Carter, principal product manager at Honeycomb, believes that genAI will transform the tasks developers and quality assurance engineers will do in the future. “In the potentially far future, natural language is likely to guide more code generation and tests that verify generated code. If we see another massive shift in AI capabilities like the transformer, we can expect AI agents to do most of this work, with developers programming goals and constraints for these agents to follow.”
Carter continues with a bold prediction, saying, “With a new transformation that puts AI at the helm, it’s possible that programmed agents could be enabled to analyze runtime behavior for QA, observability, and security tasks to check known unknowns, something developers are often bogged down by.”
I find this prediction interesting, as it implies developers and engineers will move up the stack to define architecture, non-functional, and operational requirements—guiding genAI on developing and testing rather than writing code and automating tests.
Carter doesn’t believe in a developer-less future and continues, “Humans would remain in the loop at all times, concerned more with goals, constraints, and analyzing unique circumstances.”
AI touches multiple phases of the SDLC
While copilots and many genAI tools today focus on coding, expect new capabilities to transform other phases and responsibilities in the SDLC. Humberto Moreira, principal solutions engineer at Gigster, says, “As best practices evolve for incorporating genAI into the SDLC, different models might work best for particular phases of the cycle, for example, one model optimized for requirements, one for code development, and one for QA.”
The genAI paradigm shift is already impacting QA as tools enable more robust test cases and faster feedback on code changes,
“With the rise of AI, I think a less discussed aspect is how all the facilities around coding will witness a sea change,” says Gilad Shriki, co-founder of Descope. “It’s a matter of time before SDKs, testing, and documentation are AI-generated or assisted, which means developers will need to code and document their work in specific AI-consumable formats.”
Shriki’s last prediction suggests that developers may have to adjust their language, similar to how people must learn to speak the language that virtual assistants are programmed to comprehend. I hope this prediction doesn’t become a reality because it could mean that genAI only delivers conveniences and not necessarily productivity or quality improvements.
GenAI and human development personas emerge
GenAI’s role in software development could splinter off from the roles and responsibilities currently held by human developers. Tools like code generators, compilers, and other dev tools would serve both human and machine personas.
“What’s interesting is that I think there might end up being a new view of code: one view is that traditional human view of code, the one that developers are trained and accustomed to reading and writing, but then there’s a second, somewhat hidden view, which is the AI-security-optimized, defensive view,” says Dustin Kirkland, VP of engineering at Chainguard. “This view is less readable by humans but perfectly readable by compilers and interpreters, and in this way, it becomes just another intermediate format for code.”
The question is whether alternative views will improve machine learning’s ability to identify defects, security issues, and other problems more accurately and efficiently.
AI improves ops capabilities during the dev process
Cody De Arkland, director of developer experience at LaunchDarkly, suggests use cases when genAI can help improve application reliability and operations. “We can see the early signs of how dev tooling will learn from interactions, and the key will be intuitive assistance.”
De Arkland suggests these examples:
- Develop web application components that match the learned design standards
- Create the feature flag as it detects a developer building a new feature
- Stage new software deployment (CI/CD), but also roll it back when it learns of problems
- Enable real-time feedback loops to QA from customized runs instead of post-deployment
These ideas raise the question of what next-gen devops and SRE capabilities will be enabled or augmented by genAI.
Organizations must protect themselves from AI risks
One last prediction concerns the risks of exposing genAI to the organization’s intellectual property, including code and data. As genAI enables new capabilities across the full SDLC, there will be new questions about whether the benefits outweigh the risks.
“As we work toward the vision of an end-to-end AI-enabled software development process, technology professionals across the board want to ensure that any code generated is of the highest quality and does not hurt the overall reliability or maintainability of the application,” says Brandon Jung, VP of ecosystem and business development at Tabnine. “With a keen eye on the data going into the model—both yours and the training set—take the time and effort to evaluate, select, and deploy AI in ways that protect your policies and your most valuable assets–your code and your data.”
The question is whether genAI algorithms and the tools that enable them will build safeguards to protect the enterprise’s assets and how much these protections will also rely on genAI capabilities.
While we’re still early in the genAI era of software development, it’s becoming clear that code generation and copilots are just the beginning of new AI-enabled ways to develop, test, deploy, and maintain software.