This work proposes an automated methodology leveraging large language models (LLMs) to systematically translate standardized threat models into verifiable security properties for system-on-chip (SoC) formal verification. By integrating the Common Weakness Enumeration (CWE) knowledge base, asset-centric analysis, and SoC-specific context, the approach employs threat modeling templates to automatically generate security assertions and corresponding JasperGold verification scripts. This represents the first end-to-end automation pipeline that bridges vulnerability knowledge with formal security properties. Evaluated on the HACK@DAC benchmarks, the method successfully identifies 39 out of 48 relevant CWEs and generates correct verification properties for 33 of them, significantly advancing the automation and knowledge-driven capabilities of SoC security verification.

This work presents ATLAS, an LLM-driven framework that bridges standardized threat modeling and property-based formal verification for System-on-Chip (SoC) security. Starting from vulnerability knowledge bases such as Common Weakness Enumeration (CWE), ATLAS identifies SoC-specific assets, maps relevant weaknesses, and generates assertion-based security properties and JasperGold scripts for verification. By combining asset-centric analysis with standardized threat model templates and multi-source SoC context, ATLAS automates the transformation from vulnerability reasoning to formal proof. Evaluated on three HACK@DAC benchmarks, ATLAS detected 39/48 CWEs and generated correct properties for 33 of those bugs, advancing automated, knowledge-driven SoC security verification toward a secure-by-design paradigm.