Periodic Reporting for period 1 - AI4SWEng (AI Engineering Suite to support Agile Efficient Software Engineering)
Período documentado: 2024-12-01 hasta 2025-11-30
AI4SWEng addresses a critical gap in current GenAI-supported software engineering, often characterised by unstructured "vibe coding", which yields serious traceability, trustworthiness, and regulatory compliance challenges. Situated within the strategic context of the EU AI Act, digital sovereignty, and industrial competitiveness, the project establishes the foundational context for a large language model (LLM)-enabled platform. This platform supports developers in constructing responsible AI solutions, including AI-enabled intelligent cyber-physical systems and smart sense-react systems (Edge-AI).
The project aims to deliver an integrated, auditable, and ontology-driven framework through six Specific Objectives (SO):
• SO1: Strengthens architecture-aware development, monitoring, and proactive fault management.
• SO2: Enables generative AI-driven requirements for engineering, architecture specification, and automated testing with continuous traceability.
• SO3: Delivers scalable, reusable, and adaptive software through AI-assisted code generation and cross-compilation.
• SO4: Embeds auditable and provenance-aware GenAI to ensure functional compliance across key performance indicators.
• SO5: Ensures security-privacy-by-design, socio-ethical acceptability, and alignment with the AI Act for user trust.
• SO6: Establishes training and open-source ecosystem mechanisms to accelerate adoption and long-term impact.
The project aims to deliver an integrated, auditable, and ontology-driven framework through six Specific Objectives (SO):
• SO1: Strengthens architecture-aware development, monitoring, and proactive fault management.
• SO2: Enables generative AI-driven requirements for engineering, architecture specification, and automated testing with continuous traceability.
• SO3: Delivers scalable, reusable, and adaptive software through AI-assisted code generation and cross-compilation.
• SO4: Embeds auditable and provenance-aware GenAI to ensure functional compliance across key performance indicators.
• SO5: Ensures security-privacy-by-design, socio-ethical acceptability, and alignment with the AI Act for user trust.
• SO6: Establishes training and open-source ecosystem mechanisms to accelerate adoption and long-term impact.
In RP1, the Consortium focused on contextual understanding by advancing from state-of-the-art analysis (WP2) to KIO-level operationalisation (WP3). Partners applied a comprehensive assessment of existing GenAI solutions, identifying key gaps in mainstream tools regarding traceability, compliance, privacy, and interoperability. The requirements for engineering process were strengthened with the UI-REF reference framework, where requirements were prioritised according to this methodology, and this prioritisation was explicitly assessed by 6 software engineers to ensure practical relevance. To support this, a dynamic working environment utilising GitHub Projects and a Kanban-style strategy was established for requirement engineering, versioning, and open-source integration. The team specified the platform architecture (KIO1) as a microservices layer where core modules operate as autonomous AI agents, designed to orchestrate the Agentic workflow components into unified DevOps/CodeOps modules aligned with UC-driven knowledge graphs. A core achievement in this period was the operationalisation of an ontology-driven requirements engineering methodology. The consortium successfully designed and matured UC-specific ontologies (notably for UC2 and UC4), which serve as the semantic foundation for transforming natural language needs into machine-interpretable knowledge graphs. Significant progress was made in technical building blocks, including AI-driven requirements formalisation and evaluation (KIO3, KIO4), which enable the transformation of natural language needs into machine-interpretable ontologies linked to architectural blueprints. Furthermore, AI-based code analysis and generation (KIO2, KIO7) were substantiated to provide closed-loop mechanisms where execution traces are fed back for iterative improvement. Initial developments in synthetic data generation (KIO5) and automated data preparation (KIO6) were operationalised, supported by a scalable data warehouse concept to ensure provenance-aware data handling. Concurrently, the team specified the AI-Powered Test Automation Tool (KIO11) and initiated the Energy-Efficient Model-Driven TinyML module (KIO10) to support intelligent cyber-physical systems, all underpinned by a compliance-by-design framework embedding security and privacy KPIs aligned with the EU AI Act.
The AI4SWEng project delivers transformative advancements exceeding the current state of the art by moving from stateless prompt-based tools to a lifecycle-orchestrated AI framework.
Key advancements include:
• TinyML Paradigm Shift: Combines model-driven engineering with task-specific LLMs to generate ultra-efficient, certifiably correct code for resource-constrained devices, optimising energy consumption and real-time latency.
• Ontology-Based Traceability: Goes beyond natural language prompting by establishing an ontology-based methodology (strengthened by UI-REF) that structures requirements into machine-interpretable knowledge graphs.
• Compliance-by-Construction: Unlike post-hoc validation, the project implements compliance through verifiable architectural blueprints encoding regulatory templates (EU AI Act, GDPR) as machine-checkable contracts.
• Agentic Data & Validation: Integrates agentic synthetic data generation and provenance-aware data pipelines directly into the generative workflow, ensuring bias-free and ethically safe data.
• Closed-Loop Self-Improvement: Introduces performance-driven adaptation where execution traces and monitoring metrics are continuously fed back into AI-driven debugging and refinement pipelines.
• Embedded Testing & Security: Embeds coverage-aware test automation and multi-level security-by-design directly into the code generation process, enabling the detection of zero-day attacks and performance issues before human review.
• Modularity-by-Design: Establishes a microservices-based architecture where Key Innovation Output (KIO) sub-components function as autonomous agents. This approach ensures flexible, scalable integration and allows for independent auditing and replacement of individual modules within the DevOps/CodeOps pipeline.
• Human-in-the-Loop Orchestration: Integrates interactive feedback cycles throughout the entire software development lifecycle. This ensures that human developers maintain oversight and control over AI-generated outputs, such as code generation and testing, directly supporting accountability and socio-ethical compliance.
• Customer-Centric Engineering: Adopts a methodology where requirements and priorities are explicitly driven and validated by use-case owners and software engineers. This bridges the gap between high-level end-user needs and technical specifications, ensuring the AI4SWEng suite delivers practical and relevant industrial impact.
Key advancements include:
• TinyML Paradigm Shift: Combines model-driven engineering with task-specific LLMs to generate ultra-efficient, certifiably correct code for resource-constrained devices, optimising energy consumption and real-time latency.
• Ontology-Based Traceability: Goes beyond natural language prompting by establishing an ontology-based methodology (strengthened by UI-REF) that structures requirements into machine-interpretable knowledge graphs.
• Compliance-by-Construction: Unlike post-hoc validation, the project implements compliance through verifiable architectural blueprints encoding regulatory templates (EU AI Act, GDPR) as machine-checkable contracts.
• Agentic Data & Validation: Integrates agentic synthetic data generation and provenance-aware data pipelines directly into the generative workflow, ensuring bias-free and ethically safe data.
• Closed-Loop Self-Improvement: Introduces performance-driven adaptation where execution traces and monitoring metrics are continuously fed back into AI-driven debugging and refinement pipelines.
• Embedded Testing & Security: Embeds coverage-aware test automation and multi-level security-by-design directly into the code generation process, enabling the detection of zero-day attacks and performance issues before human review.
• Modularity-by-Design: Establishes a microservices-based architecture where Key Innovation Output (KIO) sub-components function as autonomous agents. This approach ensures flexible, scalable integration and allows for independent auditing and replacement of individual modules within the DevOps/CodeOps pipeline.
• Human-in-the-Loop Orchestration: Integrates interactive feedback cycles throughout the entire software development lifecycle. This ensures that human developers maintain oversight and control over AI-generated outputs, such as code generation and testing, directly supporting accountability and socio-ethical compliance.
• Customer-Centric Engineering: Adopts a methodology where requirements and priorities are explicitly driven and validated by use-case owners and software engineers. This bridges the gap between high-level end-user needs and technical specifications, ensuring the AI4SWEng suite delivers practical and relevant industrial impact.