Polycentric Generative‑Assurance Theory: Toward Adaptive Governance in Generative AI-Augmented Software Assurance

Abstract

The integration of generative AI (GenAI) into software development is transforming how code is authored, reviewed, and assured. While GenAI boosts productivity and creativity, it disrupts longstanding assurance frameworks, introducing epistemic opacity, validation deficits, accountability ambiguities, and governance challenges. This paper introduces Polycentric Generative-Assurance Theory (PGAT), a sociotechnical framework explaining how trust in AI-generated code is sustained through five interdependent responsibilities: epistemic mapping, adversarial socio-technical analysis, meta-validation, computational ethics, and evolutionary governance. Our findings reveal that assurance is no longer linear or role-bound, but rather a distributed, adaptive, and emergent practice. PGAT reframes assurance as a responsible process of trust orchestration, where multiple responsibilities coalesce to ensure the reliability, maintainability, and ethical integrity of software development practices.