AutoACSL: Synthesizing ACSL Specifications by Integrating LLMs with CPG-Based Static Analysis

Researchers introduce AutoACSL, a framework combining large language models with Code Property Graph analysis to automatically generate formal specifications for C programs. The system achieves 96% verification success rates, significantly outperforming code-only baselines and advancing automated formal verification capabilities.

AutoACSL addresses a fundamental bottleneck in formal verification—the labor-intensive process of manually writing formal specifications for C programs. By coupling LLMs with static analysis techniques, the framework extracts semantic features that inform more precise specification generation. This hybrid approach captures critical program properties like arithmetic operations, loop structures, and error conditions that pure language models typically miss, resulting in specifications that can be verified by existing tools like Frama-C.

The research reflects a broader trend in software engineering where AI augments rather than replaces traditional static analysis techniques. Previous LLM-based approaches struggled with semantic accuracy, producing incomplete or unverifiable contracts. AutoACSL's feedback loop—iteratively refining specifications based on verification results—mirrors techniques from program synthesis and addresses the "hallucination" problem by grounding outputs in concrete code analysis.

For the software development industry, this work has practical implications. Formal verification remains critical for safety-critical systems in automotive, aviation, and medical domains, yet the expertise barrier and time cost have limited adoption. Automating specification synthesis could democratize formal methods, allowing developers without verification expertise to prove program correctness. The 96% full proof ratio with Gemini-3 and consistent improvements across multiple LLMs (GPT-o4 Mini, Grok-4.1) suggest the approach generalizes across different models.

The next phase likely involves scaling to larger, more complex codebases and integrating with industrial verification workflows. Success here could reshape how organizations approach software assurance, particularly in regulated industries where formal guarantees increasingly matter. The framework's performance metrics establish new benchmarks that other automated specification synthesis approaches will be measured against.

• →AutoACSL combines LLM prompting with Code Property Graph analysis to automate ACSL specification generation for C programs
• →The framework achieves 96% full proof ratio when paired with Gemini-3, outperforming code-only baselines by 24.7-51.7% across four LLMs
• →Semantic features extracted through static analysis ground LLM outputs in concrete code properties, improving specification accuracy and verifiability
• →Iterative refinement driven by formal verification feedback addresses common LLM limitations in generating semantically precise contracts
• →Automating formal specification generation could lower barriers to adopting formal verification in safety-critical software development