ATLAS: LLM Framework for Automated SoC Security Verification
ATLAS is a framework powered by LLM that connects threat modeling with formal verification for the security of System-on-Chip (SoC). It leverages vulnerability databases such as Common Weakness Enumeration (CWE) to pinpoint SoC-specific assets, outline vulnerabilities, and create assertion-based security properties along with JasperGold scripts. In tests conducted on three HACK@DAC benchmarks, ATLAS identified 39 out of 48 CWEs and successfully generated accurate properties for 33 of these vulnerabilities, pushing automated, knowledge-based SoC security verification closer to a secure-by-design approach.
Key facts
- ATLAS is an LLM-driven framework for SoC security verification.
- It bridges standardized threat modeling and property-based formal verification.
- It uses Common Weakness Enumeration (CWE) as a vulnerability knowledge base.
- ATLAS identifies SoC-specific assets and maps relevant weaknesses.
- It generates assertion-based security properties and JasperGold scripts.
- Evaluated on three HACK@DAC benchmarks.
- Detected 39 out of 48 CWEs.
- Generated correct properties for 33 of those bugs.
Entities
Institutions
- Common Weakness Enumeration (CWE)
- JasperGold
- HACK@DAC