VeriChat: AI Assistant Finds Chip Backdoors
Summary
A new AI assistant called VeriChat helps hardware security engineers check chips for hidden backdoors. Chip designers often use circuitry from outside vendors, and a malicious supplier could embed a hidden circuit that activates with a specific input. VeriChat acts as a conversational assistant. It answers technical questions about chip security and can run verification tools directly on a user-uploaded design file. This is important because general chatbots can sometimes provide incorrect information, which can be costly in hardware security. What's interesting is how VeriChat works. It uses a retrieval-first design with three agents. The first rewrites a user's question for search. The second pulls relevant information from a curated library of over 28,000 hardware security papers and live web results. The third then crafts an answer using only this gathered evidence. The system can also link to verification tools. Researchers demonstrated this by hiding a Trojan in an AES S-Box, a component used in encryption hardware. This malicious circuit would leak an encryption key when a specific three-byte sequence was detected. VeriChat helped uncover this hidden circuit through a conversation and automated checks, even for a user unaware of the Trojan. The bottom line is this tool offers a new way to identify potential vulnerabilities in chip designs, which could help prevent significant security risks.
This is an AI-generated audio summary. Always check the original source for complete reporting.