Developers: | Microsoft |
Date of the premiere of the system: | April, 2020 |
Technology: | Development tools of applications |
2020: Microsoft laid out source codes of the tool which finds 97% of critical errors in software
In the middle of April, 2020 Microsoft announced system development which as declare in the company, precisely reveals critical, high-priority errors of security in 97% of cases and finds errors in other software in 99% of cases. The software giant laid out source codes of this tool on GitHub together with examples of models and other resources.
A system was trained at a data set from 13 million work items and errors of 47,000 developers in Microsoft. It is supposed that it could be used for support of experts-people, by Coralogix estimates, developers make 70 mistakes on 1000 code lines, and bug fix borrows in 30 times more of time, than writing of code line.
Microsoft claims that during development of model experts in security approved teach-pattern data, and for selection of sufficient amount of data for the analysis statistical selection was used. Then these data were coded in the representations called by vectors of signs, and researchers of Microsoft started a system design using two-stage process. At first the model learned to classify errors of security and other errors, and then learned to apply gravity tags — "critical", "important" or! with the low level of influence" — to security errors.
The model of Microsoft uses two methods for prediction of errors. The first is "inversion of frequency with which some word occurs in documents of a collection". The second method — model of logistic regression which estimates the probability of existence of a certain class or an event.
Microsoft says that this model is unrolled in production and it is constantly retrained using the data approved by experts in security who trace the errors arising at software development.[1]