Salvato in:
Dettagli Bibliografici
Autori principali: Liu, Jiawei, Diwan, Nirav, Wang, Zhe, Zhai, Haoyu, Zhou, Xiaona, Nguyen, Kiet A., Yu, Tianjiao, Wahed, Muntasir, Deng, Yinlin, Benkraouda, Hadjer, Wei, Yuxiang, Zhang, Lingming, Lourentzou, Ismini, Wang, Gang
Natura: Preprint
Pubblicazione: 2025
Soggetti:
Accesso online:https://arxiv.org/abs/2507.19060
Tags: Aggiungi Tag
Nessun Tag, puoi essere il primo ad aggiungerne!!
_version_ 1866918202230964224
author Liu, Jiawei
Diwan, Nirav
Wang, Zhe
Zhai, Haoyu
Zhou, Xiaona
Nguyen, Kiet A.
Yu, Tianjiao
Wahed, Muntasir
Deng, Yinlin
Benkraouda, Hadjer
Wei, Yuxiang
Zhang, Lingming
Lourentzou, Ismini
Wang, Gang
author_facet Liu, Jiawei
Diwan, Nirav
Wang, Zhe
Zhai, Haoyu
Zhou, Xiaona
Nguyen, Kiet A.
Yu, Tianjiao
Wahed, Muntasir
Deng, Yinlin
Benkraouda, Hadjer
Wei, Yuxiang
Zhang, Lingming
Lourentzou, Ismini
Wang, Gang
contents We introduce PurpCode, the first post-training recipe for training safe code reasoning models towards generating secure code and defending against malicious cyberactivities. PurpCode trains a reasoning model in two stages: (i) Rule Learning, which explicitly teaches the model to reference cybersafety rules to generate vulnerability-free code and to avoid facilitating malicious cyberactivities; and (ii) Reinforcement Learning, which optimizes model safety and preserves model utility through diverse, multi-objective reward mechanisms. To empower the training pipelines with comprehensive cybersafety data, we conduct internal red-teaming to synthesize comprehensive and high-coverage prompts based on real-world tasks for inducing unsafe cyberactivities in the model. Based on PurpCode, we develop a reasoning-based coding model, namely PurpCode-32B, which demonstrates state-of-the-art cybersafety, outperforming various frontier models. Meanwhile, our alignment method decreases the model overrefusal rates in both general and cybersafety-specific scenarios, while preserving model utility in both code generation and common security knowledge.
format Preprint
id arxiv_https___arxiv_org_abs_2507_19060
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle PurpCode: Reasoning for Safer Code Generation
Liu, Jiawei
Diwan, Nirav
Wang, Zhe
Zhai, Haoyu
Zhou, Xiaona
Nguyen, Kiet A.
Yu, Tianjiao
Wahed, Muntasir
Deng, Yinlin
Benkraouda, Hadjer
Wei, Yuxiang
Zhang, Lingming
Lourentzou, Ismini
Wang, Gang
Cryptography and Security
Computation and Language
Machine Learning
Software Engineering
We introduce PurpCode, the first post-training recipe for training safe code reasoning models towards generating secure code and defending against malicious cyberactivities. PurpCode trains a reasoning model in two stages: (i) Rule Learning, which explicitly teaches the model to reference cybersafety rules to generate vulnerability-free code and to avoid facilitating malicious cyberactivities; and (ii) Reinforcement Learning, which optimizes model safety and preserves model utility through diverse, multi-objective reward mechanisms. To empower the training pipelines with comprehensive cybersafety data, we conduct internal red-teaming to synthesize comprehensive and high-coverage prompts based on real-world tasks for inducing unsafe cyberactivities in the model. Based on PurpCode, we develop a reasoning-based coding model, namely PurpCode-32B, which demonstrates state-of-the-art cybersafety, outperforming various frontier models. Meanwhile, our alignment method decreases the model overrefusal rates in both general and cybersafety-specific scenarios, while preserving model utility in both code generation and common security knowledge.
title PurpCode: Reasoning for Safer Code Generation
topic Cryptography and Security
Computation and Language
Machine Learning
Software Engineering
url https://arxiv.org/abs/2507.19060