This work addresses the growing hardware security challenges in modern System-on-Chip designs, where manually authored security properties have become a bottleneck for formal verification. The authors propose a large language model–driven approach that integrates RTL semantic analysis, mapping to Common Weakness Enumerations (CWEs), and threat modeling to automatically generate syntactically correct and semantically consistent SystemVerilog security assertions. Leveraging a self-reflection optimization mechanism, the method significantly outperforms GPT-5 across 11 representative hardware designs, achieving relative improvements of 61.22% in correct assertion generation rate, 59.49% in unique CWE coverage, and 67.92% in architectural vulnerability detection. These results demonstrate a substantial expansion in vulnerability coverage breadth and a marked enhancement in assertion quality.

The increasing complexity of modern system-on-chip designs amplifies hardware security risks and makes manual security property specification a major bottleneck in formal property verification. This paper presents Assertain, an automated framework that integrates RTL design analysis, Common Weakness Enumeration (CWE) mapping, and threat model intelligence to automatically generate security properties and executable SystemVerilog Assertions. Assertain leverages large language models with a self-reflection refinement mechanism to ensure both syntactic correctness and semantic consistency. Evaluated on 11 representative hardware designs, Assertain outperforms GPT-5 by 61.22%, 59.49%, and 67.92% in correct assertion generation, unique CWE coverage, and architectural flaw detection, respectively. These results demonstrate that Assertain significantly expands vulnerability coverage, improves assertion quality, and reduces manual effort in hardware security verification.