VYPR
researchPublished Jul 13, 2026· 1 source

AI Assistant VeriChat Enhances Hardware Security by Detecting Hidden Backdoors in Chips

Researchers at the University of Florida have developed VeriChat, an AI-powered conversational assistant designed to identify malicious circuitry and hidden backdoors in integrated circuit designs.

The integrity of the hardware supply chain is a growing concern, as complex electronic devices often incorporate circuitry designed and licensed from numerous third-party vendors. This reliance creates an avenue for malicious actors to embed hidden backdoors or "Trojans" within seemingly legitimate chip designs. These hidden circuits can remain dormant until triggered by specific inputs, at which point they could leak sensitive data or compromise system functionality. To combat this threat, researchers at the University of Florida have developed VeriChat, an innovative AI assistant specifically tailored for hardware security engineers.

VeriChat functions as a conversational interface, allowing engineers to query its knowledge base about hardware security and, crucially, to upload and analyze circuit design files. Unlike general-purpose AI chatbots that are prone to generating confident but inaccurate information, VeriChat employs a retrieval-first architecture. This design ensures that its responses are grounded in evidence drawn from a curated library of over 28,000 hardware security papers and live web searches, mitigating the risk of fabricated technical details that could mislead engineers.

The system's core strength lies in its integration with automated verification tools. The research team demonstrated VeriChat's capabilities by using it to uncover a deliberately planted Trojan within an AES S-Box, a common component in encryption hardware. This malicious circuit was designed to trigger upon receiving a specific three-byte sequence (0xDE, 0xAD, 0xBE) and then leak the encryption key via a status light. The trigger's low probability of accidental activation made it difficult to detect through standard testing protocols.

Through a series of conversational prompts, an engineer unfamiliar with the hidden circuit could guide VeriChat to inspect the design file. The AI assistant then executed a sequence of verification steps: a syntax pass confirmed the code's validity, a synthesis pass identified extraneous memory elements indicative of tampering, and a simulation fed the trigger sequence to observe the key leakage. Finally, a formal verification check provided a mathematical proof of the design's data leakage vulnerability.

Evaluations of VeriChat showed promising results. In a benchmark test involving experienced hardware security researchers, VeriChat successfully retrieved relevant supporting material significantly more often than a baseline retrieval system. A blind human review scored its factual accuracy at an impressive 87.73 percent. Furthermore, when presented with prompts based on invented technologies, VeriChat refused to fabricate information 92 percent of the time, a stark contrast to more general commercial models that readily accepted false premises.

While VeriChat demonstrates a powerful new approach to hardware security, some limitations remain. The Trojan used in the demonstration was created by the same research team, meaning its effectiveness against unknown, novel attacks still needs to be proven. Additionally, the accuracy scoring, while high, still indicates a potential for errors, requiring engineers to exercise due diligence and verify the AI's findings. The reliance on other AI models for some scoring aspects also presents a potential circularity in evaluation.

Despite these caveats, VeriChat represents a significant step forward in securing the hardware supply chain. By enabling engineers to interrogate complex chip designs using natural language and leverage automated verification tools, it helps bridge the gap in trust between chip designers and buyers. This AI-driven approach offers a more proactive and accessible method for identifying and mitigating the risks posed by hidden malicious circuitry before it can be integrated into critical systems.

Synthesized by Vypr AI