GenAI Roadmap, Part 2: Common Challenges in Building Generative AI Applications

Ali Arsanjani
8 min readApr 14, 2024

Content Generation and Searching with LLMs

In the realm of content generation and searching using large language models (LLMs), several sophisticated capabilities are paramount to achieve relevance and accuracy. One of the fundamental challenges in this domain is ensuring that LLMs go beyond mere keyword matching to grasp the meaning and intent behind user queries. This necessitates advanced natural language processing techniques that can interpret context and subtlety in human language. For instance, when a user asks a customer service AI, “Can I return a gift without a receipt?” the LLM must understand not just the keywords but also the context of gift returns and company policy, which might differ from standard return queries.

Enhancing LLMs with external knowledge sources, such as knowledge graphs or databases, significantly improves their ability to provide accurate and contextually relevant responses. This integration allows the model to access up-to-date information or industry-specific data that is not inherently part of its trained knowledge base. For example, a generative AI working in financial services might need to pull the latest stock market data from external databases to provide current and relevant advice to a user inquiring about investment strategies.

Understanding the user’s preferences, history, and current context also plays a critical role in tailoring content generation. This process, known as user modeling, helps the LLM adjust its responses based on what it has learned about an individual’s preferences and prior interactions. For example, if a user frequently asks about vegetarian recipes, the LLM should prioritize such preferences in future culinary recommendations. This kind of personalized engagement not only enhances user satisfaction but also makes interactions with the AI more efficient and effective.

These sophisticated functionalities require that LLMs be not just technically capable but also finely tuned to the nuances of human interaction and the specific requirements of the application domain. The development of such systems involves continuous updates and improvements, driven by user feedback and the evolving landscape of AI research. This iterative process ensures that the LLM remains effective in its role and provides users with a valuable and reliable tool in their daily activities or decision-making processes.

ISVs Building End-to-End LLM Applications

When Independent Software Vendors (ISVs) embark on building end-to-end applications utilizing large language models (LLMs), several crucial considerations emerge, particularly around data ownership and licensing. It’s imperative to ascertain whether the ISV retains ownership of the data fed into the model or if the rights remain with the data provider. This distinction is essential as it dictates the permissible uses, modifications, and potential resale of the data. For instance, if an ISV uses proprietary data from a healthcare provider, they must navigate both the ownership terms provided by the data supplier and compliance with health data regulations. Additionally, when building tailored applications for clients, the protection of the client’s proprietary data is paramount. ISVs must establish strict agreements to safeguard this data, ensuring that it is not repurposed for other clients or exposed to competitors. For example, a financial services firm would require guarantees that its sensitive data will not be accessible to other entities, especially competitors.

The choice between open-source and commercial LLM models affects an ISV’s ability to commercialize their products. While open-source LLMs offer cost benefits and accessibility, they often come with ambiguous licensing terms that could hinder commercial opportunities. For example, an ISV might use an open-source model to develop a chatbot but later find restrictions in the license that prevent selling the product or using it in certain markets.

Customization and flexibility are also critical in developing LLM applications. Industries and use cases vary significantly, demanding tailored responses from the LLM. An ISV might need to adjust the model to fit specific industry jargon, stylistic elements, or ethical guidelines. For instance, a legal firm would require a model that not only understands legal terminology but also aligns with confidentiality standards. However, high levels of customization can complicate the maintenance and updating of the application. ISVs must strike a balance between bespoke modifications and general model manageability to facilitate future adjustments.

Lastly, scalability is a non-negotiable aspect as application usage expands. The architecture must support increased load without degrading performance. Effective resource management and architecture planning are necessary to handle growth, as seen when a startup’s user base grows exponentially, necessitating scalable solutions to maintain service quality.

Integration with Existing Systems

Integration challenges include designing APIs that facilitate smooth interactions with other systems. These APIs must have clear documentation, robust error handling, and thoughtful versioning to avoid disruptions. For example, an e-commerce platform integrating an LLM to handle customer inquiries needs an API that can seamlessly connect with its existing order management system.

Furthermore, the compatibility of new LLM technologies with legacy systems poses significant hurdles. ISVs may need to develop adapters or middleware to bridge technology gaps, ensuring that new LLM applications can communicate with older, established systems. A typical scenario might involve a manufacturing firm using dated software for inventory management needing integration with a new LLM-based predictive maintenance tool.

Introducing LLMs also potentially disrupts existing workflows. ISVs must carefully consider how the new technology will fit into broader operational contexts and prepare for necessary adjustments, including training staff and adjusting workflows. For instance, deploying an LLM-based document analysis tool in a law firm would require training lawyers and paralegals on how to interact with the new system and integrate its outputs into their current case-handling processes.

Security Considerations

Security in LLM applications is paramount, for example in protecting against injection attacks where malicious users may attempt to introduce harmful code or prompts. Rigorous input validation and sanitization protocols are necessary to mitigate these risks. Techniques like filtering out known attack patterns, escaping special characters, and limiting input lengths are employed to secure the application. Regular updates to these techniques are essential to counter new threats. For example, a public-facing AI chat service needs to employ stringent input checks to prevent harmful content from reaching the model and generating inappropriate responses.

Context awareness is crucial to discern the intent behind seemingly benign inputs that could be malicious in specific circumstances. For instance, an input that appears as a standard customer request could be crafted to exploit system vulnerabilities. Therefore, LLM applications need robust mechanisms to analyze the context of inputs.

Model robustness is another critical area, particularly in defending against adversarial attacks — inputs intentionally designed to confuse the model and elicit incorrect or harmful outputs. Adversarial training, where the model is exposed to these types of inputs during development, enhances its resilience. Additionally, input filtering helps exclude suspicious or anomalous inputs that might indicate an attack, such as unexpected language use or syntactic structures.

Data Privacy and Compliance

Data privacy and compliance are critical considerations for any application involving LLMs, particularly those operating in regulated industries like healthcare and finance. Depending on the geographic location and the type of the data being processed, applications must adhere to legal frameworks designed to protect personal data, such as the General Data Protection Regulation (GDPR) in Europe or the Health Insurance Portability and Accountability Act (HIPAA) in the United States.

One effective way to ensure compliance is through the anonymization of sensitive data. This process involves removing or altering personally identifiable information so that the data does not reveal the individual’s identity without the use of additional information, which should be kept separately and secure. For example, an LLM deployed in a European hospital must anonymize patient data before processing it for analysis or sharing it for research purposes to comply with GDPR.

Encryption is another crucial technique for protecting data privacy. By encrypting data both in transit and at rest, applications can safeguard sensitive information from unauthorized access. For instance, a financial advice application using an LLM would need to encrypt user financial information and transaction details to prevent potential data breaches and ensure user confidence.

Transparency with users about how their data is collected, used, and stored is also vital. This involves clear communication through privacy policies and user agreements. Users should be fully informed about the data lifecycle, from collection through to processing and eventual deletion. An LLM application, for example, that tailors content based on user behavior should explicitly inform users how their data is tracked, stored, and utilized, providing them with options to control their data preferences.

Maintaining data privacy and compliance in LLM application development fulfills legal/compliance obligations and also builds trust with users, and ensures that user data is handled with legality, respectfully and responsibly. This is crucial for the long-term success and acceptance of AI technologies in sensitive and highly-regulated environments.

Key Considerations for End Customers When Implementing Generative AI Applications

Data Availability and Quality

One of the most crucial aspects for the success of generative AI applications, particularly when dealing with customer-facing tools like chatbots, is ensuring access to ample and high-quality data. For an AI model to perform effectively, it must be trained on relevant and error-free data that accurately reflects the scenarios it will encounter in its operational environment. For example, if you’re developing a chatbot for customer service, it’s essential to have a substantial database of past customer interactions. This data not only needs to be voluminous to cover a broad range of queries but also of high quality — free from errors and representative of typical customer questions. This ensures that the chatbot can understand and respond to user queries accurately and effectively.

Problem-Solution Fit

Another critical consideration is assessing whether a generative AI application is the appropriate solution for the specific problem at hand. It’s essential to align the capabilities of AI technologies with the needs of the task. A division of labor to humans-in-the-loop, predictive AI, generative AI with deep reasoning abilities and autonomous LLM agents are all part of the ecosystem of LLM-based application development that figure into the problem-solution fit equation. How much of the problem is data engineering, how much predictive AI, what segments are best dealt with using Gen AI and which sections through human expertise and intervention.

For example, generative AI is highly effective in summarizing extensive factual data, making it ideal for applications designed to digest and condense large volumes of information quickly. However, if a task requires nuanced understanding or creative problem-solving, such as composing original music or developing unique marketing strategies, other technological approaches or human expertise might be more suitable. Understanding the strengths and limitations of Data and AI strategies and technologies in various contexts is key to leveraging its capabilities effectively.

Ethical Considerations

The deployment of generative AI also raises significant ethical concerns that must be addressed, particularly regarding the biases that can be present in AI models. For instance, an AI used for generating news articles could unwittingly propagate biases inherent in the data on which it was trained. These biases could skew public perception and amplify existing societal biases if not carefully managed.

Therefore, it is crucial for developers to recognize these potential ethical issues and implement robust measures to mitigate bias, such as diversifying training data and applying ethical guidelines in the model’s development and deployment phases.

Technical Expertise

The final aspect we will consider will be the upskilling or development of deeper technical expertise. The development, deployment, and maintenance of generative AI applications require substantial technical expertise. Building and tuning complex LLMs typically demand a skilled team comprising data engineers, analysts, U/X designers, data scientists and machine learning engineers familiar with all aspects of the generative AI Lifecycle .

These professionals and deepening of their expertise are crucial for navigating the technical, business and human experience challenges associated with large-scale AI models.

Organizations need to understand and assess where they are in this maturity and sophistication spectrum (see part 2) and determine a trajectory to arrive at their desired state of deeper sophistication that will allow them to achieve their desired business outcomes.



Ali Arsanjani

Director Google, AI/ML & GenAI| EX: WW Tech Leader, Chief Principal AI/ML Solution Architect, AWS | IBM Distinguished Engineer and CTO Analytics & ML