Key Takeaways
- Mark Teranipur emphasized the importance of integrating security into System-on-Chip (SoC) verification, highlighting its current underaddressed status despite the growing complexity of chip designs.
- Caspia Technologies' Codax utilizes large language models (LLMs) to accurately identify security violations in semiconductor designs, addressing gaps left by traditional verification tools.
- High-profile security incidents, such as Intel's Meltdown and Alibaba's T-Head Ghostwrite attack, illustrate the urgent need for robust security measures in chip design verification.
- Teranipur outlined a divide-and-conquer strategy for applying LLMs to large SoC designs, enabling effective analysis despite input token capacity limitations.
- The adoption of AI-driven tools like Codax is transforming the semiconductor industry, accelerating time-to-market and reducing human error in security checks, marking a pivotal shift in verification practices.
On July 18, 2025, Mark Teranipur, chairman of the Electrical and Computer Engineering Department at the University of Florida and co-founder of Caspia Technologies, delivered a compelling talk at DACtv on leveraging large language models (LLMs) for System-on-Chip (SoC) security, as seen in the YouTube video. Addressing the growing complexity of modern chip designs, Teranipur highlighted how LLMs are transforming security verification, a critical yet often overlooked aspect of semiconductor design, amidst a verification market exceeding $2.2 billion.
Teranipur emphasized that while functional correctness, power, performance, and area optimization dominate verification efforts, security remains underaddressed. The intricate interplay of intellectual properties (IPs) in SoCs introduces vulnerabilities, exemplified by high-profile incidents like Intel’s Meltdown and Spectre vulnerabilities, which exploited out-of-order execution, causing an 7-8% stock drop in a single day. Similarly, Alibaba’s T-Head Ghostwrite attack exposed faulty RTL instructions, enabling unauthorized memory rewrites. These incidents underscore the urgency of integrating security into verification flows, as traditional functional verification tools like SpyGlass may detect issues but lack specificity for security violations.
Caspia Technologies’ solution, Codax, leverages LLMs to address this gap. Unlike conventional tools, Codax identifies confidentiality and integrity violations with 100% accuracy, eliminating the tedious manual analysis required by tools like SpyGlass. By focusing on security-specific linting, Codax ensures precise detection of vulnerabilities, such as those enabling data leaks or unauthorized access. Teranipur noted that seven of the top ten semiconductor companies, alongside automotive, data center, and military prime contractors, have adopted Codax, reflecting its broad applicability and industry trust.
Responding to an audience question about detecting hardware Trojans—malicious circuits causing confidentiality or integrity breaches—Teranipur explained that Codax excels by targeting these violations directly, whether introduced intentionally or unintentionally. The solution’s ability to pinpoint such threats is critical, as Trojans can compromise chip integrity, especially in sensitive applications like defense or automotive systems. Another question addressed the challenge of applying LLMs to large SoC designs, given their limited input token capacity. Teranipur acknowledged this constraint, explaining that Caspia employs a divide-and-conquer strategy, breaking down designs into manageable segments for analysis. This approach, combined with open-source LLMs, ensures scalability while maintaining accuracy, though token limitations remain a hurdle.
The integration of LLMs into security verification offers a paradigm shift. By processing vast amounts of design data, including RTL and netlists, LLMs can identify patterns indicative of vulnerabilities that traditional tools miss. This is particularly vital as SoC complexity grows, with billions of gates and diverse IPs increasing attack surfaces. Teranipur stressed that the industry’s slow adoption of security-focused verification—despite its critical importance—must change, as vulnerabilities can lead to catastrophic financial and reputational losses, as seen with Intel’s market cap hit.
Caspia’s approach also aligns with broader industry trends, where AI-driven tools are enhancing design and verification. By automating security checks, Codax reduces human error and accelerates time-to-market, crucial in competitive sectors like AI accelerators and automotive chips. Teranipur’s vision positions LLMs as a cornerstone for future-proofing SoC security, urging companies to prioritize it alongside functional verification.
The session concluded with a call to action, emphasizing that security verification is no longer optional. With Caspia’s Codax gaining traction across major industries, Teranipur’s presentation highlighted a pivotal moment for semiconductor security, where LLMs offer a robust, scalable solution to safeguard increasingly complex SoCs against evolving threats.
Also Read:
AI and VLSI: A Symbiotic Revolution at DAC 2025
AI’s Transformative Role in Semiconductor Design and Sustainability
From Atoms to Tokens: Semiconductor Supply Chain Evolution
Share this post via:
Comments
There are no comments yet.
You must register or log in to view/post comments.