The 2025 report investigates AI adoption and the security of AI-generated code in critical embedded systems
MCLEAN, Va. – RunSafe Security, a pioneer of cyberhardening technology for embedded systems across critical infrastructure, today announced the release of its 2025 report, AI in Embedded Systems: AI is Here. Security Isn’t. The newly released report is a snapshot of how artificial intelligence (AI) usage is unfolding across embedded software development and provides insights into what the data means for engineering, product, and security leaders who are integrating AI into their workflows.
Surveying more than 200 professionals throughout the US, UK, and Germany who work on embedded systems in critical infrastructure, the report reveals that AI-generated code is already running in production across medical devices, industrial control systems, automotive platforms, and energy infrastructure. The report finds that AI has quickly moved from an experimental curiosity to an operational reality in embedded systems development. While adoption races forward, security concerns loom large.
“AI will transform embedded systems development with teams deploying AI-generated code at scale across critical infrastructure, and we see this trend accelerating,” said Joseph M. Saunders, Founder and CEO of RunSafe Security. “Our report reveals an industry at an inflection point, where transformation is happening faster than security practices have evolved. Organizations that navigate it successfully will be those that maintain the same rigor with AI-generated code that they’ve traditionally applied to human-written code while also recognizing that AI introduces new patterns, risks, and security requirements. At RunSafe Security, we provide greater visibility into software and risk so organizations can properly manage their security while deploying AI in embedded systems.”
RunSafe Security’s report highlights the following key findings:
- AI is already widely used in embedded software development workflows:
- 80.5% of respondents currently use AI tools in embedded development
- 83.5% have deployed AI-generated code to production systems
- 93.5% expect usage to increase over the next two years
- Risk from AI-generated code is widely recognized, but framed as manageable if organizations modernize:
- 53% of respondents cited security as their top concern with AI-generated code
- 73% rated cybersecurity risk as moderate or higher
- Runtime resilience is a central pillar of embedded security:
- Runtime protection for AI-generated embedded software is rated “highly important” by most respondents
- 91% of respondents plan to increase investment in embedded software security over the next two years
- 60% already use runtime protections to address memory safety vulnerabilities
To download the full 2025 AI in Embedded Systems Report: AI Is Here. Security Isn’t, please visit here.
About RunSafe Security
RunSafe Security protects embedded software across critical infrastructure, delivering automated vulnerability identification and software hardening from build-time to runtime to defend the software supply chain and critical systems without compromising performance or requiring code rewrites. The RunSafe Security Platform includes the authoritative build-time SBOM generator for embedded
systems and C/C++ projects, automated vulnerability identification and risk quantification, license compliance, and patented memory relocation techniques to mitigate memory-based vulnerabilities.
Headquartered in McLean, Virginia, with an office in Huntsville, Alabama, RunSafe Security’s customers span the aerospace and defense, energy, operational technology, industrial automation, transportation and automotive, medical device, and high-tech manufacturing verticals.
