CodeBot'25 Workshop

Enhancing Trustworthiness in LLM Generated Code: A Reinforcement Learning and Domain-Knowledge Constrained Approach

, , , , , and

Imagine analyzing a piece of code that uses the function ConnectToServer() with an encrypted string as its argument. A large language model (LLM), trained on extensive programming data, might flag the use of encryption as suspicious and generate an explanation suggesting that the function likely connects to a malicious server. While this explanation might seem plausible, it can often be unfaithful—it overgeneralizes based on statistical patterns from its training data without truly understanding the context or validating its claims. A REACT (Reasoning and Acting) framework, which combines reasoning with action steps, is likely a better approach because it allows the LLM to propose actions, such as decrypting the string or examining server connections, while reasoning about the results. However, REACT still lacks a feedback mechanism to evaluate the effectiveness of those actions or iteratively refine the sequence based on empirical observations. Without such feedback, it risks falling short in dynamic scenarios, where the validation of predictions and adaptation to new evidence are critical.


  • 109102 bytes

TechReport

UMBC

Paper presented at UMBC CodeBot '25 Workshop, February 2025.

Downloads: 149 downloads

UMBC ebiquity