🤖 AI Summary
This work addresses the lack of structured, context-aware intelligent assistance in hardware security verification, a domain where general-purpose large language models often suffer from hallucination and outdated knowledge. The paper proposes the first conversational AI framework tailored for hardware security verification, integrating multi-agent collaborative reasoning with retrieval-augmented generation (RAG) and deeply embedding open-source EDA tools—namely Icarus Verilog, Yosys, and SymbiYosys—to enable automated syntax checking, simulation, and formal verification of RTL designs. Operating within engineers’ existing workflows, the system delivers high-fidelity security guidance, achieving 87.73% faithfulness in evaluation—significantly outperforming leading closed-source models—and successfully autonomously detects, simulates, and formally verifies a key-leakage hardware Trojan in an AES S-Box IP core.
📝 Abstract
Hardware security verification is a multi-stage process in which engineers must navigate complex design analyses, threat considerations, and verification strategies. They often need security-focused guidance, yet current verification environments provide little structured support for such assistance. Although conversational AI could offer such on-demand assistance, directly using general-purpose chatbots like ChatGPT or Gemini is risky due to their tendency to hallucinate and their reliance on static, outdated knowledge. We present VeriChat, a domain-specialized conversational assistant designed to support, rather than replace, existing verification workflows by providing context-aware security guidance. VeriChat employs a retrieval-augmented, multi-agent workflow in which three specialized agents collaboratively minimize hallucinations while improving the transparency and reliability of the response. Beyond question answering, VeriChat integrates open-source EDA tools, including Icarus Verilog, Yosys, and SymbiYosys, to perform syntax checking, synthesis analysis, simulation, and formal verification directly on user-provided RTL designs. Evaluated using a comprehensive methodology, VeriChat achieves a Faithfulness score of 87.73%, significantly outperforming the leading proprietary models. We demonstrate the framework through a hardware Trojan detection case study on an AES S-Box IP, where VeriChat autonomously identifies, simulates, and formally proves a covert key-leakage vulnerability through a multi-turn conversational workflow.