Specifying AI-SDLC Processes: A Protocol Language for Human-Agent Boundaries

Researchers propose a domain-specific language for specifying AI-SDLC (Software Development Lifecycle) processes that formalizes human-agent collaboration boundaries, approval gates, and governance constraints. The language distinguishes policy from enforcement mechanism and demonstrates that structural controls can bound system failure rates, while providing a theoretical framework for AI agent integration in software development teams.

The integration of AI agents into software development teams represents a fundamental shift in how code is created and validated, yet governance frameworks have lagged behind deployment reality. This research addresses a critical gap: existing approaches scatter responsibility boundaries across agent prompts, workflow tools, and fragmented access controls, creating drift and inconsistency. The proposed domain-specific language (DSL) formalizes these boundaries through explicit syntax and operational semantics, distinguishing declared policy intent from structural enforcement mechanisms.

The technical contribution carries practical weight. By modeling failure rates as weighted products of agent and validator performance, the work shows that structural enforcement—using validation tokens and capability boundaries—provides measurable risk containment compared to behavioral compliance alone. The formalization of the 2+N team pattern (two human-control roles plus N specialized agents) adapts classical Separation of Duties principles to AI contexts, addressing enterprise governance requirements.

For development teams and organizations deploying AI coding assistants, this research validates that ad-hoc governance fails at scale. The framework's treatment of orchestration loops and reflexive protocol validation as design properties rather than special cases suggests implementations can be both more robust and less complex. The working implementation demonstrates feasibility, though the authors defer empirical validation.

Looking forward, adoption depends on tooling integration and ecosystem standardization. If this DSL approach influences frameworks like MetaGPT or BPMN extensions, governance-compliant AI-assisted development could become industry standard. The research positions AI development not as autonomous agent deployment but as bounded collaboration requiring formal specification.

• →A formal language for AI-SDLC processes distinguishes policy intent from structural enforcement, reducing governance drift in AI-assisted development.
• →Structural enforcement bounds failure rates at the product of agent and validator performance, while behavioral compliance permits uncontrolled risk growth.
• →The 2+N team pattern formalizes Separation of Duties for AI contexts, providing theoretical grounding for enterprise governance models.
• →Validation tokens and capability boundaries emerge as key enforcement primitives for controlling AI agent behavior in software development.
• →Implementation feasibility is demonstrated but empirical evaluation remains future work, limiting near-term practical adoption.