diff --git a/src/file_mfa.c b/src/file_mfa.c
index c63d9997..a89f34e4 100644
--- a/src/file_mfa.c
+++ b/src/file_mfa.c
@@ -30,6 +30,7 @@
 #include "types.h"
 #include "filegen.h"
 
+/*@ requires \valid(file_stat); */
 static void register_header_check_mfa(file_stat_t *file_stat);
 
 const file_hint_t file_hint_mfa= {
@@ -41,12 +42,35 @@ const file_hint_t file_hint_mfa= {
   .register_header_check=&register_header_check_mfa
 };
 
+/*@
+  @ requires valid_file_recovery(file_recovery);
+  @ requires \valid(file_recovery->handle);
+  @ requires \separated(file_recovery, file_recovery->handle, file_recovery->extension, &errno, &Frama_C_entropy_source);
+  @ requires \initialized(&file_recovery->time);
+  @
+  @ requires file_recovery->file_check == &file_check_mfa;
+  @ assigns *file_recovery->handle, errno, file_recovery->file_size;
+  @ assigns Frama_C_entropy_source;
+  @
+  @ ensures \valid(file_recovery->handle);
+  @*/
 static void file_check_mfa(file_recovery_t *file_recovery)
 {
   const unsigned char mfa_footer[5]= {'!','D','N','E', '!'};
   file_search_footer(file_recovery, mfa_footer, sizeof(mfa_footer), 0x84);
 }
 
+/*@
+  @ requires buffer_size > 0;
+  @ requires \valid_read(buffer+(0..buffer_size-1));
+  @ requires valid_file_recovery(file_recovery);
+  @ requires \valid(file_recovery_new);
+  @ requires file_recovery_new->blocksize > 0;
+  @ requires separation: \separated(&file_hint_mfa, buffer+(..), file_recovery, file_recovery_new);
+  @ assigns  *file_recovery_new;
+  @ ensures \result == 0 || \result == 1;
+  @ ensures  \result!=0 ==> valid_file_recovery(file_recovery_new);
+  @*/
 static int header_check_mfa(const unsigned char *buffer, const unsigned int buffer_size, const unsigned int safe_header_only, const file_recovery_t *file_recovery, file_recovery_t *file_recovery_new)
 {
   reset_file_recovery(file_recovery_new);