ThreatLens: LLM-guided Threat Modeling and Test Plan Generation for Hardware Security Verification
This addresses the scalability and efficiency challenges in hardware security verification for engineers, though it appears incremental as it automates existing processes with LLMs.
The paper tackled the problem of manual, error-prone hardware security verification by proposing ThreatLens, an LLM-driven multi-agent framework that automates threat modeling and test plan generation, reducing manual effort and enhancing coverage as demonstrated on the NEORV32 SoC.
Current hardware security verification processes predominantly rely on manual threat modeling and test plan generation, which are labor-intensive, error-prone, and struggle to scale with increasing design complexity and evolving attack methodologies. To address these challenges, we propose ThreatLens, an LLM-driven multi-agent framework that automates security threat modeling and test plan generation for hardware security verification. ThreatLens integrates retrieval-augmented generation (RAG) to extract relevant security knowledge, LLM-powered reasoning for threat assessment, and interactive user feedback to ensure the generation of practical test plans. By automating these processes, the framework reduces the manual verification effort, enhances coverage, and ensures a structured, adaptable approach to security verification. We evaluated our framework on the NEORV32 SoC, demonstrating its capability to automate security verification through structured test plans and validating its effectiveness in real-world scenarios.