SecureRAG-RTL: A Retrieval-Augmented, Multi-Agent, Zero-Shot LLM-Driven Framework for Hardware Vulnerability Detection

TL;DR

SecureRAG-RTL leverages retrieval-augmented generation with large language models to significantly improve hardware vulnerability detection accuracy in HDL designs, addressing data scarcity and domain knowledge gaps.

Contribution

The paper introduces SecureRAG-RTL, a novel RAG-based framework that enhances LLM-based hardware security verification through domain-specific retrieval and generative reasoning.

Findings

Detection accuracy increased by about 30% on average.

SecureRAG-RTL outperforms prompt-only baseline methods.

A new benchmark dataset of 14 HDL designs with vulnerabilities was curated.

Abstract

Large language models (LLMs) have shown remarkable capabilities in natural language processing tasks, yet their application in hardware security verification remains limited due to scarcity of publicly available hardware description language (HDL) datasets. This knowledge gap constrains LLM performance in detecting vulnerabilities within HDL designs. To address this challenge, we propose SecureRAG-RTL, a novel Retrieval-Augmented Generation (RAG)-based approach that significantly enhances LLM-based security verification of hardware designs. Our approach integrates domain-specific retrieval with generative reasoning, enabling models to overcome inherent limitations in hardware security expertise. We establish baseline vulnerability detection rates using prompt-only methods and then demonstrate that SecureRAG-RTL achieves substantial improvements across diverse LLM architectures, regardless of size. On average, our method increases detection accuracy by about 30%, highlighting its effectiveness in bridging domain knowledge gaps. For evaluation, we curated and annotated a benchmark dataset of 14 HDL designs containing real-world security vulnerabilities, which we will release publicly to support future research. These findings underscore the potential of RAG-driven augmentation to enable scalable, efficient, and accurate hardware security verification workflows.