Applied research portfolio on large language models for digital hardware design, verification, and hardware security analysis. The work spans automated RTL synthesis from natural-language specifications, LLM-assisted testbench and assertion generation, correct-by-construction logic synthesis from Boolean satisfiability, and offensive/defensive hardware Trojan analysis carried out for the HOST AHA 2026 international hardware security competition.
Developed at the NYU Tandon School of Engineering under the course LLM4ChipDesign, taught by Prof. Ramesh Karri and Weihua Xiao.
Large language models are increasingly proposed as co-designers in the RTL development loop, but their outputs are not guaranteed to be functionally correct, synthesizable, or secure. Each project in this repository isolates one stage of a trustworthy LLM-assisted hardware flow: specification-to-RTL generation, iterative simulation-driven refinement, formal correct-by-construction synthesis, automated verification-gap discovery, and adversarial RTL analysis for hardware Trojan insertion and detection. Together they form a progression from "can an LLM write RTL" toward "can an LLM be trusted to write, verify, and audit RTL."
| Project | Track | Summary |
|---|---|---|
ChipChat-LLM-RTL-Generation |
Coursework | Baseline study of prompt-driven Verilog generation for a combinational and a sequential (FSM) design, with manual cleanup, self-checking testbenches, and an iterative debugging case study. |
AutoChip-IterativeRTLSynthesis |
Coursework | Closed-loop RTL generation using the AutoChip framework, comparing GPT-4o-mini and GPT-4o across combinational and sequential designs with simulation feedback driving convergence. |
Veritas-CNF2RTL-CorrectByConstruction |
Coursework | Correctness-by-construction pipeline that lowers a specification to CNF, transforms it into a BENCH netlist, simulates it to produce ground-truth truth tables, synthesizes Verilog, and validates the result with Python oracles across adder and decoder designs at multiple bit widths. |
Adder-LLM-RTL-Synthesis |
Coursework | Focused case study on LLM-driven generation and verification of parameterized adder RTL. |
TestbenchGen-AutomatedVerification |
Coursework | Automated generation of self-checking testbenches for adder, BCD-converter, multiplexer, and custom RTL modules, evaluating LLM testbench quality against manual references. |
ROME-HierarchicalRTL-Generation |
Coursework | Hierarchical multi-module RTL synthesis using the ROME framework's recursive generation and iterative-repair loop, demonstrated on a multiplexer hierarchy and an independently designed ripple-carry adder tree (half adder to 8-bit adder). |
VeriGuard-VerificationGapAnalyzer |
Hackathon (Cognichip) | LLM-driven analysis tool that identifies coverage holes in an existing testbench and auto-generates directed tests and SystemVerilog Assertions to expose bugs a passing baseline simulation silently masks, demonstrated on a synchronous FIFO. |
HOST-AHA2026-RedTeam-AES-HardwareTrojans |
Security competition (Phase 1) | Three LLM-generated hardware Trojans inserted into an open-source AES core (key-schedule backdoor, periodic ciphertext corruption, single-entry S-box substitution), each characterized with a trigger/payload model, stealth rationale, PPA impact, and CVSS v3.1 scoring. |
HOST-AHA2026-BlueTeam-AgenticTrojanDetection |
Security competition (Phase 2) | Two-stage AI detection framework for locating hardware Trojans in AES, Ethernet MAC, and CV32E40P RTL without clean-reference diffing: a batch first-pass/second-pass pipeline (GPT-4o-mini) for smaller files, escalating to an agentic, tool-using reasoning loop (Claude) with decoy rejection for large RISC-V core files. |
Every project follows the same evidentiary standard: an LLM-generated artifact is never accepted on the basis of the model's claim alone. Each pipeline pairs generation with an independent, mechanical check, a compiled simulation, a formal truth table, an assertion monitor, or a second adversarial model pass, and reports the pass/fail outcome of that check rather than the model's self-assessment. Where a design is security-relevant (the HOST AHA submissions), findings are further required to state an explicit trigger condition, payload effect, and impact justification, and syntactically-modified-but-functionally-equivalent decoys are explicitly filtered out rather than counted as findings.
| Category | Tools |
|---|---|
| Language models | GPT-4o, GPT-4o-mini, Claude (Sonnet, via agentic tool-use sessions) |
| RTL simulation | Icarus Verilog (iverilog, vvp), Verilator |
| Synthesis / STA | Yosys, OpenSTA, SkyWater sky130 PDK |
| Frameworks | AutoChip, ROME (hier_gen, verilog_loop), Veritas CNF-to-RTL pipeline |
| Verification | SystemVerilog Assertions (SVA), scoreboard-based testbenches, waveform inspection (GTKWave) |
| Environment | Google Colab notebooks for all generation and simulation runs |
The HOST-AHA2026-RedTeam and HOST-AHA2026-BlueTeam projects were produced for the academic HOST AHA 2026 hardware security competition. The Red Team artifacts are deliberately vulnerable RTL variants created for a sanctioned Trojan-insertion exercise; the Blue Team artifacts are the corresponding detection tooling. Neither project targets a production system, and both are documented here strictly for research and educational purposes in line with the competition's rules.
Tejas Attarde M.S. Electrical & Computer Engineering, NYU Tandon School of Engineering
Course: LLM4ChipDesign Instructor: Prof. Ramesh Karri Course Assistant: Weihua Xiao