A technical paper titled “SoCureLLM: An LLM-driven Approach for Large-Scale System-on-Chip Security Verification and Policy Generation” was published by researchers at the University of Florida.
“Contemporary methods for hardware security verification struggle with adaptability, scalability, and availability due to the increasing complexity of the modern system-on-chips (SoCs). Large language models (LLMs) have emerged as a viable approach to address these shortcomings in security verification because of their natural language understanding, advanced reasoning, and knowledge transfer capabilities. However, their application to large designs is limited by inherent token limitation and memorization constraints. In this paper, we introduce SoCureLLM, an LLM-based framework that excels in identifying security vulnerabilities within SoC designs and creating a comprehensive security policy database. Our framework is adaptable and adept at processing varied, large-scale designs, overcoming the abovementioned issues of LLM. In evaluations, SoCureLLM detected 76.47% of security bugs across three vulnerable RISC-V SoCs, outperforming the state-of-the-art security verification methods. Furthermore, assessing three additional large-scale RISC-V SoC designs against various threat models led to the formulation of 84 novel security policies, enriching the security policy database. Previously requiring extensive manual effort to craft, these newly generated security policies can be used as guidelines for developing secured SoC designs.”
Find the technical paper here. Published June 2024 (preprint).
Tarek, Shams, Dipayan Saha, Sujan Kumar Saha, Mark Tehranipoor, and Farimah Farahmandi. “SoCureLLM: An LLM-driven Approach for Large-Scale System-on-Chip Security Verification and Policy Generation.” Cryptology ePrint Archive (2024).
Further Reading
Trouble Ahead For IC Verification
First-time silicon success rates are falling, and while survey numbers point to problem areas, they may be missing the biggest issues.
Using AI/ML To Combat Cyberattacks
Defensive capabilities can be increased with strategic AI/ML application.
Leave a Reply