{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,8]],"date-time":"2026-04-08T16:33:25Z","timestamp":1775666005009,"version":"3.50.1"},"reference-count":69,"publisher":"Frontiers Media SA","license":[{"start":{"date-parts":[[2025,11,24]],"date-time":"2025-11-24T00:00:00Z","timestamp":1763942400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"DOI":"10.13039\/501100004770","name":"Universit\u00e0 degli Studi di Parma","doi-asserted-by":"publisher","id":[{"id":"10.13039\/501100004770","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["frontiersin.org"],"crossmark-restriction":true},"short-container-title":["Front. Comput. Sci."],"abstract":"<jats:p>Recent advances in Large Language Models (LLMs) have sparked significant interest in their application to code verification and the assessment of LLM-generated code safety. This review examines current research on the intersection of LLMs with software verification, focusing on two main aspects: the use of LLMs as verification tools and the verification of code produced by LLMs. We analyze the emerging approaches for integrating LLMs with traditional static analyzers and formal verification tools, including prompt engineering techniques and combinations with established verification frameworks. The review explores various verification methodologies, from standalone LLM applications to hybrid approaches incorporating traditional verification methods. We examine research addressing the safety assessment of LLM-generated code and investigate frameworks developed for vulnerability detection and repair. Through this analysis, we aim to provide insights into the current state of LLM applications in code verification, identify key challenges in the field, and outline important directions for future research in this rapidly evolving domain.<\/jats:p>","DOI":"10.3389\/fcomp.2025.1655469","type":"journal-article","created":{"date-parts":[[2025,11,24]],"date-time":"2025-11-24T06:28:55Z","timestamp":1763965735000},"update-policy":"https:\/\/doi.org\/10.3389\/crossmark-policy","source":"Crossref","is-referenced-by-count":1,"title":["A dual perspective review on large language models and code verification"],"prefix":"10.3389","volume":"7","author":[{"given":"Greta","family":"Dolcetti","sequence":"first","affiliation":[]},{"given":"Eleonora","family":"Iotti","sequence":"additional","affiliation":[]}],"member":"1965","published-online":{"date-parts":[[2025,11,24]]},"reference":[{"key":"B1","article-title":"An empirical evaluation of pre-trained large language models for repairing declarative formal specifications","author":"Alhanahnah","year":"2024","journal-title":"arXiv preprint arXiv:2404.11050"},{"key":"B2","article-title":"Can LLMs patch security issues?","author":"Alrashedy","year":"2023"},{"key":"B3","article-title":"Large language models and code security: a systematic literature review","author":"Basic","year":"2024","journal-title":"CoRR, abs\/2412.15004"},{"key":"B4","first-page":"780","article-title":"TFix: Learning to fix coding errors with a text-to-text transformer,\u201d","author":"Berabi","year":"2021"},{"key":"B5","doi-asserted-by":"publisher","DOI":"10.1145\/3652588.3663317","article-title":"\u201cInterleaving static analysis and LLM prompting,\u201d","author":"Chapman","year":"2024","journal-title":"Proceedings of the 13th ACM SIGPLAN International Workshop on the State Of the Art in Program Analysis, SOAP 2024"},{"key":"B6","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3702973","article-title":"When ChatGPT meets smart contract vulnerability detection: how far are we?","volume":"34","author":"Chen","year":"2025","journal-title":"ACM Trans. Softw. Eng. Methodol"},{"key":"B7","doi-asserted-by":"publisher","DOI":"10.1145\/3607199.3607242","article-title":"\u201cDiverseVul: a new vulnerable source code dataset for deep learning based vulnerability detection,\u201d","author":"Chen","year":"2023","journal-title":"Proceedings of the 26th International Symposium on Research in Attacks, Intrusions and Defenses, pages"},{"key":"B8","doi-asserted-by":"publisher","first-page":"126479","DOI":"10.1016\/j.eswa.2025.126479","article-title":"SmartGuard: an LLM-enhanced framework for smart contract vulnerability detection","volume":"269","author":"Ding","year":"2025","journal-title":"Expert Syst. Appl"},{"key":"B9","author":"Ding","year":"2024"},{"key":"B10","article-title":"Helping llms improve code generation using feedback from testing and static analysis","author":"Dolcetti","year":"2024","journal-title":"CoRR, abs\/2412.14841"},{"key":"B11","doi-asserted-by":"publisher","DOI":"10.1145\/3660791","article-title":"\u201cCan large language models transform natural language intent into formal method postconditions?,\u201d","author":"Endres","year":"2024","journal-title":"Proceedings of the ACM on Software Engineering"},{"key":"B12","doi-asserted-by":"publisher","first-page":"1248","DOI":"10.1109\/TSE.2025.3548168","article-title":"SecureFalcon: Are we there yet in automated software vulnerability detection with LLMs?","volume":"51","author":"Ferrag","year":"2025","journal-title":"IEEE Trans. Softw. Eng"},{"key":"B13","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3632746","article-title":"Vision transformer inspired automated vulnerability repair","volume":"33","author":"Fu","year":"","journal-title":"ACM Trans. Softw. Eng. Methodol"},{"key":"B14","doi-asserted-by":"publisher","first-page":"4550","DOI":"10.1109\/TSE.2023.3305244","article-title":"Vulexplainer: a transformer-based hierarchical distillation for explaining vulnerability types","volume":"49","author":"Fu","year":"2023","journal-title":"IEEE Trans. Softw. Eng"},{"key":"B15","doi-asserted-by":"publisher","DOI":"10.1145\/3524842.3528452","article-title":"\u201cLineVul: a transformer-based line-level vulnerability prediction,\u201d","author":"Fu","year":"2022","journal-title":"Proceedings of the 19th International Conference on Mining Software Repositories"},{"key":"B16","doi-asserted-by":"publisher","first-page":"4","DOI":"10.1007\/s10664-023-10346-3","article-title":"AIBugHunter: a practical tool for predicting, classifying and repairing software vulnerabilities","volume":"29","author":"Fu","year":"","journal-title":"Empir. Softw. Eng"},{"key":"B17","doi-asserted-by":"publisher","DOI":"10.1145\/3540250.3549098","article-title":"\u201cVulRepair: a t5-based automated software vulnerability repair,\u201d","author":"Fu","year":"2022","journal-title":"Proceedings of the 30th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering"},{"key":"B18","article-title":"Pre-trained model-based actionable warning identification: a feasibility study","author":"Ge","year":"2024","journal-title":"arXiv preprint arXiv:2403.02716"},{"key":"B19","author":"Gong","year":"2024"},{"key":"B20","first-page":"1","article-title":"\u201cVulBERTa: simplified source code pre-training for vulnerability detection,\u201d","volume-title":"2022 International Joint Conference on Neural Networks (IJCNN)","author":"Hanif","year":"2022"},{"key":"B21","doi-asserted-by":"publisher","DOI":"10.1145\/3576915.3623175","article-title":"\u201cLarge language models for code: security hardening and adversarial testing,\u201d","author":"He","year":"2023","journal-title":"Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security"},{"key":"B22","article-title":"\u201cMetaGPT: Meta programming for a multi-agent collaborative framework,\u201d","author":"Hong","year":"2024"},{"key":"B23","doi-asserted-by":"crossref","first-page":"1162","DOI":"10.1109\/ASE56229.2023.00181","article-title":"\u201cAn empirical study on fine-tuning large language models of code for automated program repair,\u201d","volume-title":"2023 38th IEEE\/ACM International Conference on Automated Software Engineering (ASE)","author":"Huang","year":"2023"},{"key":"B24","doi-asserted-by":"publisher","first-page":"36","DOI":"10.1145\/3696450","article-title":"Evolving paradigms in automated program repair: taxonomy, challenges, and opportunities","volume":"57","author":"Huang","year":"2025","journal-title":"ACM Comput. Surv"},{"key":"B25","article-title":"Livecodebench: holistic and contamination free evaluation of large language models for code","author":"Jain","year":"2024","journal-title":"arXiv preprint arXiv:2403.07974"},{"key":"B26","article-title":"A survey on large language models for code generation","author":"Jiang","year":"2025","journal-title":"arXiv preprint arXiv:2406.00515"},{"key":"B27","first-page":"1","article-title":"\u201cGUIDE: LLM-driven GUI generation decomposition for automated prototyping,\u201d","volume-title":"2025 IEEE\/ACM 47th International Conference on Software Engineering: Companion Proceedings (ICSE-Companion)","author":"Kolthoff","year":"2025"},{"key":"B28","first-page":"9459","author":"Lewis","year":"2020","journal-title":"Advances in Neural Information Processing Systems"},{"key":"B29","doi-asserted-by":"publisher","DOI":"10.1145\/3650212.3680371","article-title":"\u201cCoSec: on-the-fly security hardening of code LLMs via supervised co-decoding,\u201d","author":"Li","year":"2024","journal-title":"Proceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis"},{"key":"B30","doi-asserted-by":"publisher","DOI":"10.1145\/3611643.3613078","article-title":"\u201cAssisting static analysis with large language models: a chatgpt experiment,\u201d","author":"Li","year":"2023","journal-title":"Proceedings of the 31st ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering"},{"key":"B31","doi-asserted-by":"publisher","DOI":"10.1145\/3649828","article-title":"\u201cEnhancing static analysis for practical bug detection: an LLM-integrated approach,\u201d","author":"Li","year":"2024","journal-title":"Proceedings of the ACM on Programming Languages"},{"key":"B32","article-title":"LLM-assisted static analysis for detecting security vulnerabilities","author":"Li","year":"2024","journal-title":"arXiv preprint arXiv:2405.17238"},{"key":"B33","article-title":"\u201cIRIS: LLM-assisted static analysis for detecting security vulnerabilities,\u201d","author":"Li","year":"2025","journal-title":"The Thirteenth International Conference on Learning Representations"},{"key":"B34","first-page":"811","article-title":"\u201cExploring ChatGPT's capabilities on vulnerability management,\u201d","author":"Liu","year":"2024","journal-title":"33rd USENIX Security Symposium (USENIX Security 24)"},{"key":"B35","article-title":"Vuldetectbench: Evaluating the deep capability of vulnerability detection with large language models","author":"Liu","year":"","journal-title":"arXiv preprint arXiv:2406.07595"},{"key":"B36","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3641540","article-title":"On the reliability and explainability of language models for program generation","volume":"33","author":"Liu","year":"","journal-title":"ACM Trans. Softw. Eng. Methodol"},{"key":"B37","doi-asserted-by":"publisher","first-page":"1548","DOI":"10.1109\/TSE.2024.3392499","article-title":"No need to lift a finger anymore? Assessing the quality of code generation by chatgpt","volume":"50","author":"Liu","year":"","journal-title":"IEEE Trans. Softw. Eng"},{"key":"B38","doi-asserted-by":"publisher","DOI":"10.1145\/3597503.3639142","article-title":"\u201cPre-training by predicting program dependencies for vulnerability analysis tasks,\u201d","author":"Liu","year":"","journal-title":"Proceedings of the IEEE\/ACM 46th International Conference on Software Engineering"},{"key":"B39","doi-asserted-by":"publisher","first-page":"112031","DOI":"10.1016\/j.jss.2024.112031","article-title":"GRACE: Empowering LLM-based software vulnerability detection with graph structure and in-context learning","volume":"212","author":"Lu","year":"2024","journal-title":"J. Syst. Softw"},{"key":"B40","first-page":"387","article-title":"\u201cPrompt engineering in large language models,\u201d","volume-title":"International Conference on Data Intelligence and Cognitive Informatics","author":"Marvin","year":"2023"},{"key":"B41","doi-asserted-by":"publisher","DOI":"10.1145\/3643763","article-title":"\u201cTowards AI-assisted synthesis of verified dafny methods,\u201d","author":"Misu","year":"2024","journal-title":"Proceedings of the ACM on Software Engineering"},{"key":"B42","article-title":"SkipAnalyzer: an embodied agent for code analysis with large language models","author":"Mohajer","year":"2023","journal-title":"CoRR"},{"key":"B43","doi-asserted-by":"publisher","DOI":"10.1145\/3658644.3690298","article-title":"\u201cPromSec: prompt optimization for secure generation of functional source code with large language models (LLMs),\u201d","author":"Nazzal","year":"2024","journal-title":"Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security"},{"key":"B44","doi-asserted-by":"publisher","first-page":"1386720","DOI":"10.3389\/fdata.2024.1386720","article-title":"A systematic literature review on the impact of AI models on the security of code generation","volume":"7","author":"Negri-Ribalta","year":"2024","journal-title":"Front. Big Data"},{"key":"B45","doi-asserted-by":"crossref","first-page":"754","DOI":"10.1109\/SP46214.2022.9833571","article-title":"\u201cAsleep at the keyboard? Assessing the security of github copilot's code contributions,\u201d","volume-title":"IEEE Symposium on Security and Privacy, S&P 2022","author":"Pearce","year":"2022"},{"key":"B46","doi-asserted-by":"crossref","first-page":"2339","DOI":"10.1109\/SP46215.2023.10179420","article-title":"\u201cExamining zero-shot vulnerability repair with large language models,\u201d","volume-title":"2023 IEEE Symposium on Security and Privacy (SP)","author":"Pearce","year":"2023"},{"key":"B47","doi-asserted-by":"publisher","first-page":"38889","DOI":"10.1109\/ACCESS.2025.3546700","article-title":"Finetuning large language models for vulnerability detection","volume":"13","author":"Shestov","year":"2025","journal-title":"IEEE Access"},{"key":"B48","doi-asserted-by":"publisher","DOI":"10.1145\/3564625.3567985","article-title":"\u201cTransformer-based language models for software vulnerability detection,\u201d","author":"Thapa","year":"2022","journal-title":"Proceedings of the 38th Annual Computer Security Applications Conference"},{"key":"B49","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/s10664-024-10590-1","article-title":"How secure is ai-generated code: a large-scale comparison of large language models","volume":"30","author":"Tihanyi","year":"2025","journal-title":"Empir. Softw. Eng"},{"key":"B50","doi-asserted-by":"publisher","first-page":"33","DOI":"10.1145\/3617555.3617874","article-title":"\u201cThe formai dataset: Generative AI in software security through the lens of formal verification,\u201d","author":"Tihanyi","year":"2023","journal-title":"Proceedings of the 19th International Conference on Predictive Models and Data Analytics in Software Engineering, PROMISE 2023, San Francisco, CA, USA, 8 December 2023"},{"key":"B51","doi-asserted-by":"publisher","DOI":"10.1109\/SP54263.2024.00210","article-title":"\u201cLLMs cannot reliably identify and reason about security vulnerabilities (yet?): a comprehensive evaluation, framework, and benchmarks,\u201d","author":"Ullah","year":"2024","journal-title":"IEEE Symposium on Security and Privacy, S&P"},{"key":"B52","first-page":"131545","article-title":"\u201cLLMDFA: analyzing dataflow in code with large language models,\u201d","author":"Wang","year":"2024","journal-title":"Advances in Neural Information Processing Systems"},{"key":"B53","doi-asserted-by":"publisher","DOI":"10.1109\/MedAI59581.2023.00044","article-title":"\u201cA review on code generation with llms: application and evaluation,\u201d","author":"Wang","year":"2023","journal-title":"2023 IEEE International Conference on Medical Artificial Intelligence (MedAI)"},{"key":"B54","doi-asserted-by":"publisher","DOI":"10.1145\/3611643.3616256","article-title":"\u201cRAP-gen: retrieval-augmented patch generation with codet5 for automatic program repair,\u201d","author":"Wang","year":"2023","journal-title":"Proceedings of the 31st ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering"},{"key":"B55","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3653718","article-title":"Automatically inspecting thousands of static bug warnings with large language model: how far are we?","volume":"18","author":"Wen","year":"","journal-title":"ACM Trans. Knowl. Discov. Data"},{"key":"B56","first-page":"302","article-title":"\u201cEnchanting program specification synthesis by large language models using static analysis and program verification,\u201d","volume-title":"International Conference on Computer Aided Verification","author":"Wen","year":""},{"key":"B57","doi-asserted-by":"publisher","DOI":"10.1145\/3650212.3652124","article-title":"\u201cSCALE: constructing structured natural language comment trees for software vulnerability detection,\u201d","author":"Wen","year":"2024","journal-title":"Proceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis"},{"key":"B58","doi-asserted-by":"publisher","DOI":"10.1145\/3597926.3598135","article-title":"\u201cHow effective are neural networks for fixing security vulnerabilities,\u201d","author":"Wu","year":"2023","journal-title":"Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis"},{"key":"B59","doi-asserted-by":"publisher","DOI":"10.1145\/3691620.3695013","article-title":"\u201cEffective vulnerable function identification based on cve description empowered by large language models,\u201d","author":"Wu","year":"2024","journal-title":"Proceedings of the 39th IEEE\/ACM International Conference on Automated Software Engineering"},{"key":"B60","article-title":"Security vulnerability detection with multitask self-instructed fine-tuning of large language models","author":"Yang","year":"2024","journal-title":"arXiv preprint arXiv:2406.05892"},{"key":"B61","doi-asserted-by":"publisher","first-page":"112234","DOI":"10.1016\/j.jss.2024.112234","article-title":"DLAP: a deep learning augmented large language model prompting framework for software vulnerability detection","volume":"219","author":"Yang","year":"2025","journal-title":"J. Syst. Softw"},{"key":"B62","doi-asserted-by":"publisher","first-page":"3071","DOI":"10.1109\/TSE.2024.3470333","article-title":"Multitask-based evaluation of open-source LLM on software vulnerability","volume":"50","author":"Yin","year":"2024","journal-title":"IEEE Trans. Softw. Eng"},{"key":"B63","article-title":"Smart-LLaMA: two-stage post-training of large language models for smart contract vulnerability detection and explanation","author":"Yu","year":"2024","journal-title":"arXiv preprint arXiv:2411.06221"},{"key":"B64","article-title":"A systematic literature review on large language models for automated program repair","author":"Zhang","year":"2024","journal-title":"CoRR, abs\/2405.01466"},{"key":"B65","doi-asserted-by":"publisher","first-page":"2507","DOI":"10.1109\/TDSC.2023.3308897","article-title":"Pre-trained model-based automated software vulnerability repair: how far are we?","volume":"21","author":"Zhang","year":"2023","journal-title":"IEEE Trans. Depend. Sec. Comput"},{"key":"B66","article-title":"Large language model for vulnerability detection and repair: literature review and the road ahead","author":"Zhou","year":"","journal-title":"CoRR, abs\/2404.02525"},{"key":"B67","doi-asserted-by":"publisher","DOI":"10.1145\/3597503.3639222","article-title":"\u201cOut of sight, out of mind: better automatic vulnerability repair by broadening input ranges and sources,\u201d","author":"Zhou","year":"","journal-title":"Proceedings of the IEEE\/ACM 46th International Conference on Software Engineering"},{"key":"B68","doi-asserted-by":"publisher","first-page":"317","DOI":"10.1109\/JAS.2024.124971","article-title":"When software security meets large language models: a survey","volume":"12","author":"Zhu","year":"2025","journal-title":"IEEE CAA J. Autom. Sinica"},{"key":"B69","doi-asserted-by":"publisher","first-page":"103951","DOI":"10.1016\/j.csi.2024.103951","article-title":"The use of large language models for program repair","volume":"93","author":"Zubair","year":"2025","journal-title":"Comput. Stand. Interfaces"}],"container-title":["Frontiers in Computer Science"],"original-title":[],"link":[{"URL":"https:\/\/www.frontiersin.org\/articles\/10.3389\/fcomp.2025.1655469\/full","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,11,24]],"date-time":"2025-11-24T06:28:59Z","timestamp":1763965739000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.frontiersin.org\/articles\/10.3389\/fcomp.2025.1655469\/full"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,11,24]]},"references-count":69,"alternative-id":["10.3389\/fcomp.2025.1655469"],"URL":"https:\/\/doi.org\/10.3389\/fcomp.2025.1655469","relation":{},"ISSN":["2624-9898"],"issn-type":[{"value":"2624-9898","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,11,24]]},"article-number":"1655469"}}