VerilogLAVD: LLM-Aided Rule Generation for Vulnerability Detection in Verilog
Xiang Long, Yingjie Xia, Xiyuan Chen, Li Kuang
TL;DR
VerilogLAVD introduces a novel LLM-assisted graph-based approach for early hardware vulnerability detection in Verilog, combining syntactic and semantic code features to generate detection rules and improve accuracy.
Contribution
It presents the first LLM-aided rule generation method using a unified Verilog Property Graph for vulnerability detection, enhancing detection consistency and accuracy.
Findings
Achieves an F1-score of 0.54 on 77 Verilog designs.
Outperforms LLM-only and external knowledge baselines by 0.27 and 0.31 in F1-score.
Demonstrates effectiveness across 12 CWE vulnerability types.
Abstract
Timely detection of hardware vulnerabilities during the early design stage is critical for reducing remediation costs. Existing early detection techniques often require specialized security expertise, limiting their usability. Recent efforts have explored the use of large language models (LLMs) for Verilog vulnerability detection. However, LLMs struggle to capture the structure in Verilog code, resulting in inconsistent detection results. To this end, we propose VerilogLAVD, the first LLM-aided graph traversal rule generation approach for Verilog vulnerability detection. Our approach introduces the Verilog Property Graph (VeriPG), a unified representation of Verilog code. It combines syntactic features extracted from the abstract syntax tree (AST) with semantic information derived from control flow and data dependency graphs. We leverage LLMs to generate VeriPG-based detection rules…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.