Software development will be faster, cheaper and more secure — and open new approaches for businesses
 

By Ismail Amla, Senior Vice President of Kyndryl Consult at Kyndryl

The software development community has long held certain principles as self-evident: clean code is essential, technical debt is a liability and maintainability is crucial. Those are the basics.

Recent advancements in artificial intelligence (AI) systems for writing software code are now challenging how we approach such established norms. Amazon CEO Andy Jassy recently described how the company’s AI systems had reduced the amount of time required to upgrade legacy applications to newer versions of Java to six hours, down from six weeks. This activity is classic code maintenance and cleanup of technical debt.

Amazon’s breakthrough raises a radical question: What if AI could render technical debt "free" and eliminate the downsides of building applications that are not immediately maintainable or easily scalable? How would this change the way we build, maintain and secure applications? What new approaches or capabilities might free tech debt make possible?

 

 
The evolution of technical debt management

Traditionally, technical debt has been viewed as an unavoidable aspect of software development — a trade-off between rapid development and long-term maintainability. Amazon’s Jassy described it this way: “One of the most tedious (but critical tasks) for software development teams is updating foundational software. It’s not new feature work, and it doesn’t feel like you’re moving the experience forward. As a result, this work is either dreaded or put off for more exciting work — or both.”

The fear and loathing of tech debt has driven the industry to focus on generating “clean code,” emphasizing maintainability, readability and scalability of programming work. Writing clean code requires care and is generally more time-consuming. Just like any other skilled task, more experienced coders tend to write cleaner code. With the emergence of AI-powered coding assistants, the barriers to error-free code are dropping and code quality is broadly improving.

That said, AI systems are not yet good at figuring out whether code is maintainable or scalable — both of which are highly contextual and affected by many variables. These parameters tend to be more reflective of classic technical debt, which arises not from problems with the initial code or even from the original design, but instead from organic changes over time in how applications are used, how IT infrastructure performs and how systems are architected.

 

 
3 key software development principles
Clean code

is essential

Technical debt

is a liability

Maintainability

is crucial

 
AI could unlock value for enterprises

AI-powered tools might prove to be the most value-add for large organizations, most of which are running large amounts of legacy code. Amazon told its developers to use the Amazon Q generative AI assistant to perform classic technical debt upgrades. Jassy reported that Amazon Q reduced Java upgrade times to mere hours, from approximately 50 developer-days, estimating savings equivalent to 4,500 developer-years of work.

These figures are incredible. Any company that can realize similar savings could dramatically cut the costs of maintaining a legacy code stack. But this opens a more radical proposition — that AI could progress to a point where it not only manages technical debt but renders it effectively inconsequential. If we entertain the possibility that AI could instantly refactor any codebase, optimize any algorithm, or scale any application on demand, the ramifications for software development practices would be profound.

 

 
A ‘write only’ development trend takes hold

In a scenario where technical debt carries minimal long-term consequences, software development approaches could undergo significant transformation. Rapid prototyping and feature development might take precedence, with less emphasis on upfront architectural planning. This could accelerate product development cycles and time-to-market for new applications. It could also allow companies to build and maintain more software and get more leverage out of zeros-and-ones. 

This allows human developers to prioritize the expression of business logic and user experience design. Product teams might want to build a strong foundation of clean code for newer applications so that an AI can more easily maintain and upgrade the code over time. But unloved tasks of code maintenance could likely be handled by skeleton crews of human developers working closely with AI. This is a model where human-written code effectively becomes “write-only” — created once and subsequently managed and optimized entirely by AI.

 

If we entertain the possibility that AI could instantly refactor any codebase, optimize any algorithm, or scale any application on demand, the ramifications for software development practices would be profound.

Ismail Amla

Senior Vice President, Kyndryl Consult

Cybersecurity considerations: How fast would Log4J go away?

Consider the Log4J crisis. Log4J, a popular open-source Java-based logging library developed by the Apache Software Foundation, experienced one of the worst and most widely exploited cybersecurity vulnerabilities in recent memory. In the wake of the revelation of this serious security flaw, organizations struggled to identify what parts of their software stack and infrastructure contained Log4J exposure and then to upgrade them. This was a classic tech debt problem with added urgency. AI assistance or automation could swiftly identify and upgrade Log4J vulnerabilities, potentially speeding up the process by 20 to 40 times, as seen in Amazon's Java upgrade experience.

This might take some time to achieve. While code updates could be sped up, AI for testing and quality assurance work is less advanced and less trusted. Humans would likely need to be in the loop when critical systems are patched. Even so, the AI could radically accelerate the time required for each fix. Faster fixes would translate into fewer serious incidents and less disruption for software development organizations.

 

 

Reducing the risk of dangerous programming languages

Across industries, many enterprises continue to run mission-critical work on software built with coding languages that are now either obsolete or lightly used. COBOL and Fortran are two classic examples. Large financial applications and databases are exceptionally hard to upgrade and replace. Today, there is a talent crisis as many industries struggle to hire coding talent to maintain these legacy applications. If AI can handle tech debt, it will be easier to continue using these legacy codebases and maintain reliability. The skills shortage will be eased and the new talent will be able to focus their time on more interesting tasks like building new functionality for these older applications — or even shifting and lifting them into more modern languages.

One of the biggest priorities of the U.S. Cybersecurity and Infrastructure Security Agency (CISA) is to encourage companies to shift applications into so-called “memory safe” languages. This is primarily a push to move from various types of “C” code into Rust, a newer programming language with stronger memory protections. Memory issues are the most common root cause of software vulnerabilities. This is yet another tech debt problem that the nearly-magical refactoring superpowers of AI systems could neatly address. Refactoring code has generally been an expensive, complex undertaking — and was thus avoided or delayed as much as possible. Free tech debt can slash the cost of refactoring code and make it easier for companies to continually move toward the safest programming languages.

This is not only a matter of languages. CISA also lists legacy and misconfigured applications and protocols as the top cause of software insecurity. An AI assistant could speed up the work of swapping out older protocols for new ones in applications and could be used to refactor code and search for and upgrade configurations.

 

 
A new era of coding: faster, cheaper, easier, smaller, better

For the C-suite, this new paradigm of debt-free development unlocks tantalizing possibilities. Development teams can now build new applications and functionality, then push its production with fewer concerns about scalability and maintainability. This means new applications and capabilities will move to market faster. The entire metabolism of software development will kick into overdrive. Smaller teams will also be able to tackle tasks that previously required armies of engineers. 

The biggest promise of AI and automation has been to take over the three “D” jobs — dirty, dangerous and drudgery. Fixing technical debt fits the latter — it's time-consuming, unglamorous and too often postponed or under-resourced. Free tech debt would mean developers could focus more on the interesting parts of their job, companies could ship features and applications faster, and applications would be easier to secure over their entire lifecycle. Ultimately, free tech debt would mean more, better, software leading, potentially, to greater productivity and efficiency at every level.

Ismail Amla

Senior Vice President, Kyndryl Consult