The security of computer systems typically relies on a hardware root trust. As vulnerabilities in can have severe implications system, there is need for techniques to support verification activities. Assertion-based popular technique that involves capturing design intent set assertions be used formal or testing-based checking. However, writing security-centric challenging task. In this work, we investigate the use emerging large language models (LLMs) code generation assertion security,...

The security of computer systems typically relies on a hardware root trust. As vulnerabilities in can have severe implications system, there is need for techniques to support verification activities. Assertion-based popular technique that involves capturing design intent set assertions be used formal or testing-based checking. However, writing security-centric challenging task. In this work, we investigate the use emerging large language models (LLMs) code generation assertion security,...

Recent research has shown that hardware fuzzers can effectively detect security vulnerabilities in modern processors. However, existing do not fuzz well the hard-to-reach design spaces. Consequently, these cannot security-critical control- and data-flow logic processors, hence missing vulnerabilities. To tackle this challenge, we present HyPFuzz, a hybrid fuzzer leverages formal verification tools to help part of increase effectiveness perform optimizations time space. First, develop...

The increasing complexity of modern processors poses many challenges to existing hardware verification tools and methodologies for detecting security-critical bugs. Recent attacks on have shown the fatal consequences uncovering exploiting vulnerabilities. Fuzzing has emerged as a promising technique software Recently, few fuzzing techniques been proposed. However, they suffer from several limitations, including non-applicability commonly used Hardware Description Languages (HDLs) like...

Hardware security vulnerabilities in computing systems compromise the defenses of not only hardware but also software running on it. Recent research has shown that fuzzing is a promising technique to efficiently detect such large-scale designs as modern processors. However, current techniques do adjust their strategies dynamically toward faster and higher design space exploration, resulting slow vulnerability detection, evident through low coverage. To address this problem, we propose...

Timing vulnerabilities in processors have emerged as a potent threat. As are the foundation of any computing system, identifying these flaws is imperative. Recently fuzzing techniques, traditionally used for detecting software vulnerabilities, shown promising results uncovering large-scale hardware designs, such processors. Researchers adapted black-box or grey-box to detect timing However, they cannot identify locations root causes nor do provide coverage feedback enable designer's...

Large language models (LLMs) have emerged as transformative tools within the hardware design and verification lifecycle, offering numerous capabilities in accelerating processes. Recent research has showcased efficacy of LLMs translating specifications into source code through description languages. Researchers are also using to generate test cases write assertion rules bolster detection vulnerabilities. Thus, semiconductor industry is swiftly integrating its workflows. However, this...

The recent trend of providing fast and flexible hardware platforms as-a-service coupled with the advancements in design tools have significantly reduced effort designing new hardware. Additionally, advent open-source Instruction Set Architectures (ISAs) such as OpenRISC RISC-V, we witness rise a wide variety commercial processor cores System-On-Chip (SoC) designs short time.

The rise in the development of complex and application-specific commercial open-source hardware shrinking verification time are causing numerous hardware-security vulnerabilities. Traditional techniques limited both scalability completeness. Research this direction is hindered due to lack robust testing benchmarks. In paper, collaboration with our industry partners, we built an ecosystem mimicking hardware-development cycle where inject bugs inspired by real-world vulnerabilities into RISC-V...

Hardware-level memory vulnerabilities severely threaten computing systems. However, hardware patching is inefficient or difficult postfabrication. We investigate the effectiveness of fuzzing in detecting and highlight challenges potential future research directions to enhance for safety.

Modern computing systems heavily rely on hardware as the root of trust. However, their increasing complexity has given rise to security-critical vulnerabilities that cross-layer at-tacks can exploit. Traditional vulnerability detection methods, such random regression and formal verification, have limitations. Random regression, while scalable, is slow in exploring hardware, verification techniques are often concerned with manual effort state explosions. Hardware fuzzing emerged an effective...

Microarchitectural attacks represent a challenging and persistent threat to modern processors, exploiting inherent design vulnerabilities in processors leak sensitive information or compromise systems. Of particular concern is the susceptibility of Speculative Execution, fundamental part performance enhancement, such attacks. We introduce Specure, novel pre-silicon verification method composing hardware fuzzing with Information Flow Tracking (IFT) address speculative execution leakages....

Hardware security vulnerabilities in computing systems compromise the defenses of not only hardware but also software running on it. Recent research has shown that fuzzing is a promising technique to efficiently detect such large-scale designs as modern processors. However, current techniques do adjust their strategies dynamically toward faster and higher design space exploration, resulting slow vulnerability detection, evident through low coverage. To address this problem, we propose...

As the complexities of processors keep increasing, task effectively verifying their integrity and security becomes ever more daunting. The intricate web instructions, microarchitectural features, interdependencies woven into modern pose a formidable challenge for even most diligent verification engineers. To tackle this growing concern, recently, researchers have developed fuzzing techniques explicitly tailored hardware processors. However, prevailing issue with these fuzzers is heavy...