ATHENE Research Area AVSV: Automatic Vulnerability Scanning and Verification

Code Transformers and Knowledge Graphs for Vulnerability Detection


In the realm of software development, the latest code generation systems emerged as a game-changing technique that aims to revolutionize how we write software. Developers worldwide leverage code generation systems, such as Copilot, to accelerate coding.

However, these systems sometimes encounter challenges with the quality of the generated code. They can occasionally experience difficulties in consistently delivering context-aware responses. They tend to generate longer responses than necessary.


In this project, our goal is to develop an efficient, flexible, and adaptable Code Generation system to empower users with the following:

  • Performance Enhancement: By incorporating the underlying structure of each sample using Abstract Syntax Tree(AST) representations.
  • Language Adaptation: Developers have the freedom to work with their preferred programming language without being limited by a set of languages.
  • Adaptability and Personalisation: The high extensibility, allows developers to implicitly set their style into the system and transfer it across projects, and programming languages.


The state-of-the-art approaches often rely on training models solely on one-dimensional i.e. text input. However, our solution proposes a paradigm shift by seamlessly integrating adapters to incorporate an additional modality – the abstract tree representation (AST) of the code – into the model.


  • Prof. Dr. Iryna Gurevych, Principal Investigator
  • Ji-Ung Lee, MSc, Doctoral Researcher
  • Hovhannes Tamoyan, MSc, Doctoral Researcher


This research work will be funded from 2022 – 2026 by the German Federal Ministry of Education and Research and the Hessen State Ministry for Higher Education, Research and the Arts within their joint support of the National Research Center for Applied Cybersecurity ATHENE.