VeriCWEty: Embedding enabled Line-Level CWE Detection in Verilog
For hardware designers using LLM-generated RTL code, this provides a precise, line-level vulnerability detection method that outperforms existing rule-based and coarse-grained approaches.
The paper tackles the problem of detecting common vulnerabilities (CWEs) in Verilog RTL code generated by LLMs. Their embedding-based framework achieves 89% precision for identifying CWEs and 96% accuracy for line-level bug detection.
Large Language Models (LLMs) have shown significant improvement in RTL code generation. Despite the advances, the generated code is often riddled with common vulnerabilities and weaknesses (CWEs) that can slip by untrained eyes. Attackers can often exploit these weaknesses to fulfill their nefarious motives. Existing RTL bug-detection techniques rely on rule-based checks, formal properties, or coarse-grained structural analysis, which either fail to capture semantic vulnerabilities or lack precise localization. In our work, we bridge this gap by proposing an embedding-based bug-detection framework that detects and classifies bugs at both module and line-level granularity. Our method achieves about 89% precision in identifying common CWEs such as CWE-1244 and CWE-1245, and 96% accuracy in detecting line-level bugs.