Table of Contents
Fetching ...

LAsset: An LLM-assisted Security Asset Identification Framework for System-on-Chip (SoC) Verification

Md Ajoad Hasan, Dipayan Saha, Khan Thamid Hasan, Nashmin Alam, Azim Uddin, Sujan Kumar Saha, Mark Tehranipoor, Farimah Farahmandi

TL;DR

This work tackles the challenge of pre-silicon security verification in increasingly complex SoCs by introducing LAsset, an automated LLM-assisted framework that analyzes hardware design specifications and RTL to identify security assets and their interdependencies. LAsset follows a three-agent pipeline (Input Pre-processing, Asset Generation, Asset Refinement) aligned to the SA-EDI standard, maps conceptual assets to structural RTL elements, and strengthens assets with attack scenarios and CWE mappings. The approach achieves high recall (up to about 93%) across SoC and IP designs, and introduces a DoI metric to quantify inter-asset influence, providing actionable context for downstream threat modeling and security verification. Together, these contributions standardize and scale security asset identification, reduce manual effort, and enable more robust, pre-silicon hardware security assurances with practical impact for secure hardware development.

Abstract

The growing complexity of modern system-on-chip (SoC) and IP designs is making security assurance difficult day by day. One of the fundamental steps in the pre-silicon security verification of a hardware design is the identification of security assets, as it substantially influences downstream security verification tasks, such as threat modeling, security property generation, and vulnerability detection. Traditionally, assets are determined manually by security experts, requiring significant time and expertise. To address this challenge, we present LAsset, a novel automated framework that leverages large language models (LLMs) to identify security assets from both hardware design specifications and register-transfer level (RTL) descriptions. The framework performs structural and semantic analysis to identify intra-module primary and secondary assets and derives inter-module relationships to systematically characterize security dependencies at the design level. Experimental results show that the proposed framework achieves high classification accuracy, reaching up to 90% recall rate in SoC design, and 93% recall rate in IP designs. This automation in asset identification significantly reduces manual overhead and supports a scalable path forward for secure hardware development.

LAsset: An LLM-assisted Security Asset Identification Framework for System-on-Chip (SoC) Verification

TL;DR

This work tackles the challenge of pre-silicon security verification in increasingly complex SoCs by introducing LAsset, an automated LLM-assisted framework that analyzes hardware design specifications and RTL to identify security assets and their interdependencies. LAsset follows a three-agent pipeline (Input Pre-processing, Asset Generation, Asset Refinement) aligned to the SA-EDI standard, maps conceptual assets to structural RTL elements, and strengthens assets with attack scenarios and CWE mappings. The approach achieves high recall (up to about 93%) across SoC and IP designs, and introduces a DoI metric to quantify inter-asset influence, providing actionable context for downstream threat modeling and security verification. Together, these contributions standardize and scale security asset identification, reduce manual effort, and enable more robust, pre-silicon hardware security assurances with practical impact for secure hardware development.

Abstract

The growing complexity of modern system-on-chip (SoC) and IP designs is making security assurance difficult day by day. One of the fundamental steps in the pre-silicon security verification of a hardware design is the identification of security assets, as it substantially influences downstream security verification tasks, such as threat modeling, security property generation, and vulnerability detection. Traditionally, assets are determined manually by security experts, requiring significant time and expertise. To address this challenge, we present LAsset, a novel automated framework that leverages large language models (LLMs) to identify security assets from both hardware design specifications and register-transfer level (RTL) descriptions. The framework performs structural and semantic analysis to identify intra-module primary and secondary assets and derives inter-module relationships to systematically characterize security dependencies at the design level. Experimental results show that the proposed framework achieves high classification accuracy, reaching up to 90% recall rate in SoC design, and 93% recall rate in IP designs. This automation in asset identification significantly reduces manual overhead and supports a scalable path forward for secure hardware development.
Paper Structure (23 sections, 2 equations, 7 figures, 3 tables, 1 algorithm)

This paper contains 23 sections, 2 equations, 7 figures, 3 tables, 1 algorithm.

Figures (7)

  • Figure 1: Security Verification Flow in hardware design
  • Figure 2: Overview of Asset Types in an AES Encryption Design
  • Figure 3: SA-EDI IP bundle b4
  • Figure 4: Overview of the proposed LAsset framework for security asset identification
  • Figure 5: A snippet of LAsset output for NEORV32 processor (Spec. + RTL approach)
  • ...and 2 more figures