Meta's Automated Compliance Hardening (ACH) tool uses LLMs to enable scalable mutation testing for compliance
Compliance at Meta relied on manual processes that were error-prone and hard to scale, while mutation testing — described as the most powerful form of software testing — faced five major barriers (scalability, unrealistic mutants, equivalent mutants, computational cost, and overstretching) that prevented its deployment at scale in large industrial codebases.
ACH was deployed for privacy testing across Facebook, Instagram, WhatsApp, and Meta's wearables platforms.
Privacy engineers accepted 73% of generated tests. The equivalence detector achieved precision of 0.95 and recall of 0.96 with simple preprocessing, transforming historically time-consuming compliance processes into systems that save engineer and developer time.
Show all 8 reported metrics
Frequently asked questions
What did this team achieve with this AI workflow?
ACH was deployed for privacy testing across Facebook, Instagram, WhatsApp, and Meta's wearables platforms.
What tools did this team use?
ACH, LLMs, Kotlin.
What results were reported?
Generated tests accepted by engineers: 73%; Generated tests judged as privacy relevant: 36%; Equivalence detection precision (base): 0.79; Equivalence detection recall (base): 0.47 (source-reported, not independently verified).
How is this quality assurance AI workflow structured?
Engineer describes mutant → LLM generates targeted mutants → Equivalence Detector filters mutants → ACH generates unit tests → Engineers review generated tests → Tests catch compliance faults.