The State of Embedded Software Quality and Safety 2025 from Black Duck reveals a disconnect between the organizational use of AI and AI security. The embedded software landscape is transforming, largely driven by AI, with 89.3% of organizations already utilizing AI coding assistants and 96.1% integrating products with open source AI models. However, 21.1% of organizations still lack confidence in their capabilities to prevent AI from opening the door to vulnerabilities.

Furthermore, the prevalence of shadow AI presents another risk to companies, impacting 18%. 

Key findings from the report include: 

• Software Bills of Materials (SBOMs) are becoming a commercial necessity, with 70.8% of organizations producing them primarily due to customer and partner demands (39.4%).
• Embedded developers are finding their roles adjusted, with 80.4% of organizations adopting memory-safe languages. 
• 86% of CTOs and directors view their projects as successful, but only 56% of hands-on developers agree.