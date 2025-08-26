TMCnet News
New Black Duck Research Shows AI and Supply Chain Transparency Redefining Embedded Software Landscape
Nearly 9 in 10 organizations use AI-powered coding assistants, yet over 1 in 5 lack confidence in preventing AI-driven security vulnerabilities
BURLINGTON, Mass., Aug. 26, 2025 /PRNewswire/ -- Black Duck® Software, Inc. ("Black Duck"), a leading global provider of application security solutions, today released "The State of Embedded Software Quality and Safety 2025" report. The report is based on a survey of 785 development and security professionals, conducted by Censuswide in June 2025, providing a global snapshot of the embedded software ecosystem across geographies, roles, and industries.
The embedded software landscape is undergoing a significant transformation, driven by the rapid adoption of artificial intelligence (AI) and the maturation of software supply chain management. According to the report's findings, these changes are redefining the way companies develop, deploy, and secure their software.
The report reveals that while AI adoption is universal, governance is lagging. In fact, 89.3% of organizations are already using AI-powered coding assistants, and 96.1% are integrating open source AI models into their products. However, this rapid adoption has outpaced the development of necessary governance and security measures, with 21.1% of companies lacking confidence in their ablity to prevent AI from introducing security vulnerabilities. Additionally, the emergence of "Shadow AI" - where developers use AI tools against company policy - poses a significant unmanaged risk, affecting 18% of companies.
Additional key findings include:
"The old software world is gone, giving way to a new set of truths being defined by AI," said Jason Schmitt, CEO at Black Duck. "To navigate the changes, technical leaders should carry out rigorous validation on AI assistants. Managers should establish formal AI governance policies and invest in training for emerging technologies. Security professionals should update their threat models to include AI-specific risks and leverage SBOMs as a strategic asset for risk management to achieve true scale application security."
As the embedded software industry continues to evolve, organizations that adapt to these new realities will be better positioned to innovate securely and maintain a competitive edge in the market.
To learn more, download a copy of the "The State of Embedded Software Quality and Safety 2025" report, read our detailed blog post, or register for the upcoming August 28th webinar.
