Large language models (LLMs) pose a critical intellectual property (IP) leakage risk in RTL code generation due to training data memorization—even structurally equivalent yet syntactically distinct RTL implementations (e.g., behavioral vs. gate-level) may inadvertently expose sensitive design logic, while minor syntactic changes (e.g., blocking vs. non-blocking assignments) readily compromise functional correctness. To address this, we propose CircuitGuard: the first fine-grained memorization suppression framework tailored for RTL synthesis. Our approach introduces an RTL-aware structural-semantic joint similarity metric and integrates activation-layer steering within Transformer architectures to precisely identify and suppress memorized features—specifically 275 memorized neurons across layers 18–28 of Llama 3.1-8B. Experiments demonstrate an 80% reduction in semantic similarity to memorized training samples, stable generation quality, and cross-circuit-category protection rates of 78%–85%.

Large Language Models (LLMs) have achieved remarkable success in generative tasks, including register-transfer level (RTL) hardware synthesis. However, their tendency to memorize training data poses critical risks when proprietary or security-sensitive designs are unintentionally exposed during inference. While prior work has examined memorization in natural language, RTL introduces unique challenges: In RTL, structurally different implementations (e.g., behavioral vs. gate-level descriptions) can realize the same hardware, leading to intellectual property (IP) leakage (full or partial) even without verbatim overlap. Conversely, even small syntactic variations (e.g., operator precedence or blocking vs. non-blocking assignments) can drastically alter circuit behavior, making correctness preservation especially challenging. In this work, we systematically study memorization in RTL code generation and propose CircuitGuard, a defense strategy that balances leakage reduction with correctness preservation. CircuitGuard (1) introduces a novel RTL-aware similarity metric that captures both structural and functional equivalence beyond surface-level overlap, and (2) develops an activation-level steering method that identifies and attenuates transformer components most responsible for memorization. Our empirical evaluation demonstrates that CircuitGuard identifies (and isolates) 275 memorization-critical features across layers 18-28 of Llama 3.1-8B model, achieving up to 80% reduction in semantic similarity to proprietary patterns while maintaining generation quality. CircuitGuard further shows 78-85% cross-domain transfer effectiveness, enabling robust memorization mitigation across circuit categories without retraining.