LLM based SoC Security verification I

Instructor 

Dr. Farimah Farahmandi is the Wally Rhines Endowed Professor in Hardware Security in the Department of Electrical and Computer Engineering (ECE) at the University of Florida

Learning Objectives

In this course, students learn how Large Language Models (LLMs) can be used to perform key SoC security verification tasks—security question-answering, security asset identification, and automated property/SVA generation. Through hands-on modules, students explore Retrieval-Augmented Generation (RAG), CWE-guided reasoning, RTL parsing, threat modeling, and assertion synthesis. By the end, students will understand how LLM-based workflows can strengthen pre-silicon hardware security verification.

The LLM-Based SoC Security Verification I micro-certificate introduces students to foundational AI-assisted hardware security workflows, focusing on how Large Language Models (LLMs) can support SoC verification tasks such as security question-answering, asset identification, and security property generation. With the growing complexity of modern SoCs and the expanding range of hardware vulnerabilities, traditional manual verification methods struggle to keep pace. LLMs offer a transformative approach—capable of interpreting natural-language specifications, parsing RTL, mapping vulnerabilities using CWE, and producing verification-ready SystemVerilog Assertions (SVAs).

This course covers three major LLM-driven verification pipelines:

• Unit 1: Security Question Answering through RAG:  explores Retrieval-Augmented Generation (RAG) for security question-answering, highlighting how curated knowledge bases help prevent hallucinations and improve accuracy in hardware-focused queries. Students learn how RAG systems retrieve CWE entries, research papers, and design guidelines to support accurate reasoning in SoC security tasks.
• Unit 2: Security Asset Identification using LLM: focuses on automated security asset identification using LLMs. Students study how conceptual and structural assets are discovered from specifications and RTL, how attackers target these design elements, and how asset classification (primary vs. secondary) connects to threat analysis and CWE mapping.
• Unit 3: Security Property & SystemVerilog Assertion Generation using LLM: demonstrates property generation using LLMs, where students see how natural-language security requirements can be converted into structured security properties and SystemVerilog Assertions. The methodology emphasizes Design-to-CWE mapping, Threat-vector analysis, and LLM self-reflection loops to ensure correctness and high-quality SVA output.

Learning Outcomes:

By the end of the course, students will understand how modern LLM pipelines enhance pre-silicon security verification and how these AI-driven methods integrate into a real SoC design environment. Students will be able to:

1. Explain the limitations of general LLMs in hardware security and the advantages of RAG-based architectures.
2. Use RAG pipelines to retrieve CWE entries and domain-specific documents to answer SoC security questions.
3. Identify conceptual and structural SoC security assets using LLM-driven RTL and specification analysis.
4. Apply the SA-EDI and IEEE P3164 principles for asset classification (primary/secondary, CIA-based).
5. Perform CWE-guided vulnerability mapping for identified assets.
6. Generate high-quality natural-language security properties using structured prompts and CWE context.
7. Produce and validate SystemVerilog Assertions aligned with SoC security needs.
8. Understand how LLM-driven verification workflows integrate into pre-silicon security verification environments.

Prerequisites:

• Basic understanding of RTL design, SoC architecture, and hardware security concepts
• Familiarity with SystemVerilog Assertions (SVA), CWE taxonomy, and threat modeling
• Prior exposure to LLM frameworks (RAG, fine-tuning, prompting) or EDA verification flows is desired but not required.
• MEST Micro-Certificate: Introduction to Large Language Models (LLMs) (reccommended)
• MEST Micro-certificate: System-on-Chip (SoC) Verification (reccommended)

Target Audience

Designed for U.S. citizens working in the Department of War, Government, or Government-affiliated employees, industry, as well as college students and faculty. Must register with your organizational email, and will be notified of acceptance within one week of the course start date

Biography

Mark M. Tehranipoor is currently the Intel Charles E. Young Preeminence Endowed Chair Professor in Cybersecurity and the Chair of the Department of Electrical and Computer Engineering (ECE) at the University of Florida. He is also currently serving as the Director for Florida Institute for Cybersecurity (FICS) Research, Director for Edaptive Computing Inc. Transition Center (ECI-TC), Co-director for the AFOSR/AFRL Center of Excellence on Enabling Cyber Defense in Analog and Mixed Signal Domain (CYAN), and Co-Director for the National Microelectronic Security Training Center (MEST). He also served as the Associate Chair for Research and Strategic Initiatives for the ECE Department from 2017-2019 and the Program Director of Cybersecurity in the Herbert Wertheim College of Engineering from 2019-2022. His current research projects include: hardware security and trust, electronics supply chain security, IoT security, and reliable and testable VLSI design. Dr. Tehranipoor has published numerous journal articles and refereed conference papers and has delivered more than 220+ invited talks and keynote addresses. In addition, he has 15 patents issued, and has published 13 books of which two are textbooks. His projects have been sponsored by 50+ companies and Government agencies.

Dr. Tehranipoor is a Fellow of IEEE, Fellow of ACM, Golden Core Member of IEEE Computer Society, and Member of ACM SIGDA. He is also a member of the Connecticut Academy of Science and Engineering (CASE). He is a recipient of 14 best paper awards and nominations, the 2009 NSF CAREER award, the 2014 AFOSR MURI award on Nanoscale Security, the 2008 IEEE Computer Society (CS) Meritorious Service award, the 2012 and 2017 IEEE CS Outstanding Contribution, the 2010 and 2016 IEEE TTTC/CS Most Successful Technical Event for co-founding and chairing HOST Symposium, the 2018 IEEE HOST Hall of Fame Member, the 2009 and 2014 UConn ECE Research Excellence award, the 2012 UConn SOE Outstanding Faculty Advisor award, the 2016 UF College of Engineering Excellence in Leadership award, the 2016 UF ECE Research Excellence Award, the 2020 UF’s College of Engineering Teacher/Scholar of the year award, and the 2020 UF Innovation of the Year Award.

He serves on the program committee of more than a dozen leading conferences and workshops. Prof. Tehranipoor served as the guest editor for JETTA, IEEE Design and Test of Computers, ACM JETC, and IEEE Computer Society Computing Now. He served as Program Chair of the 2019 International Test Conference (ITC), Vice-program Chair of the 2018 ITC, Program Chair of the 2007 IEEE Defect-Based Testing (DBT) workshop, 2016 IEEE International Verification and Security Workshop (IVSW), Program Chair of the 2008 IEEE Defect and Data Driven Testing (D3T) workshop, Co-program Chair of the 2008 International Symposium on Defect and Fault Tolerance in VLSI Systems (DFTS), General Chair for D3T-2009 and DFTS-2009, and Vice-general Chair for NATW-2011, General Chair for 2008-2009, and 2021 IEEE HOST, and General Chair for 2019-2021 IEEE PAINE Conference.

Over the years, he has led a number of major initiatives in the domain of microelectronics security and trust. He co-founded the IEEE International Symposium on Hardware-Oriented Security and Trust (HOST) and served as HOST-2008 and HOST-2009 General Chair and continue to serve as Chair of the Steering Committee for HOST. He also co-founded IEEE Asian-HOST and the IEEE International Conference of Physical Assurance and Inspection of Electronics (PAINE). Further, he co-founded the Journal on Hardware and Systems Security (HaSS) and currently serving as EIC for HaSS. He is also led development of Trust-Hub sponsored by the National Science Foundation (NSF). He served as associate Editor-in-Chief (EIC) for IEEE Design and Test of Computers from 2012-2014. He is currently serving as an Associate Editor for IEEE Design and Test of Computers, JETTA, Journal of Low Power Electronics (JOLPE), ACM Transactions for Design Automation of Electronic Systems (TODAES), IEEE Transactions on Computers, and IEEE Transactions on VLSI (TVLSI). He has served as an IEEE Distinguished Speaker and an ACM Distinguished Speaker from 2010-2013. Further, he served as an ambassador of cybersecurity for IEEE from 2016-2020.

Prior to joining University of Florida, Dr. Tehranipoor served as the founding director of the Center for Hardware Assurance, Security, and Engineering (CHASE) and the Comcast Center of Excellence in Security Innovation (CSI) at the University of Connecticut.

Dr. Farimah Farahmandi is the Wally Rhines Endowed Professor in Hardware Security in the Department of Electrical and Computer Engineering (ECE) at the University of Florida. She also serves as the Associate Director of the Florida Institute for Cybersecurity (FICS) at the University of Florida. Her research focuses on hardware security verification, formal methods, fault-injection attack analysis, and post-silicon validation and debug, resulting in 7 books and over 140 publications in these fields. Dr. Farahmandi’s research has been sponsored by a variety of leading companies and government agencies. For her contributions, she is a recipient of 7 best paper and nomination awards, and was recognized with the ACM/IEEE DAC Under 40 Innovators Award (2024), the Best Assistant Professor Award at the University of Florida (2024), the Excellence in Service Award (2023), and the Excellence in Research Award (2022) from the ECE department at UF. She also received the prestigious Young Faculty Award from SRC (2022) and the NSF CAREER Award.