Constrained Decoding for Secure Code Generation

TL;DR

This paper introduces constrained decoding techniques and new evaluation metrics to improve the security and correctness of code generated by large language models, addressing a critical gap in secure code generation.

Contribution

It proposes constrained decoding methods for secure code generation and introduces CodeGuard+ benchmark with new metrics to evaluate security and correctness.

Findings

Constrained decoding outperforms prefix tuning in security without sacrificing correctness.

Different decoding methods significantly impact the security of Code LLMs.

Constrained decoding surpasses GPT-4 in security performance.

Abstract

Code Large Language Models (Code LLMs) have been increasingly used by developers to boost productivity, but they often generate vulnerable code. Thus, there is an urgent need to ensure that code generated by Code LLMs is correct and secure. Previous research has primarily focused on generating secure code, overlooking the fact that secure code also needs to be correct. This oversight can lead to a false sense of security. Currently, the community lacks a method to measure actual progress in this area, and we need solutions that address both security and correctness of code generation. This paper introduces a new benchmark, CodeGuard+, along with two new metrics, to measure Code LLMs' ability to generate both secure and correct code. Using our new evaluation methods, we show that the state-of-the-art defense technique, prefix tuning, may not be as strong as previously believed, since it generates secure code but sacrifices functional correctness. We also demonstrate that different decoding methods significantly affect the security of Code LLMs. Furthermore, we explore a new defense direction: constrained decoding for secure code generation. We propose new constrained decoding techniques to generate secure code. Our results reveal that constrained decoding is more effective than prefix tuning to improve the security of Code LLMs, without requiring a specialized training dataset. Moreover, our evaluations over eight state-of-the-art Code LLMs show that constrained decoding has strong performance to improve the security of Code LLMs, and our technique outperforms GPT-4.