TY - GEN
T1 - RTL-Breaker
T2 - 2025 Design, Automation and Test in Europe Conference, DATE 2025
AU - Mankali, Lakshmi Likhitha
AU - Bhandari, Jitendra
AU - Alam, Manaar
AU - Karri, Ramesh
AU - Maniatakos, Michail
AU - Sinanoglu, Ozgur
AU - Knechtel, Johann
N1 - Publisher Copyright:
© 2025 EDAA.
PY - 2025
Y1 - 2025
N2 - Large language models (LLMs) have demonstrated remarkable potential with code generation/completion tasks for hardware design. However, the reliance on such automation introduces critical security risks. Notably, given that LLMs have to be trained on vast datasets of codes that are typically sourced from publicly available repositories, often without thorough validation, LLMs are susceptible to so-called data poisoning or backdoor attacks. Here, attackers inject malicious code for the training data, which can be carried over into the hardware description code (HDL) generated by LLMs. This threat vector can compromise the security and integrity of entire hardware systems. In this work, we propose RTL-Breaker, a novel backdoor attack framework on LLM-based HDL code generation. RTL-Breaker provides an indepth analysis of essential aspects of this novel problem: 1) various trigger mechanisms versus their effectiveness for inserting malicious modifications, and 2) side-effects by backdoor attacks on code generation in general, i.e., impact on code quality. RTL-Breaker emphasizes the urgent need for more robust measures to safeguard against such attacks. Toward that end, we open-source our framework and all data.
AB - Large language models (LLMs) have demonstrated remarkable potential with code generation/completion tasks for hardware design. However, the reliance on such automation introduces critical security risks. Notably, given that LLMs have to be trained on vast datasets of codes that are typically sourced from publicly available repositories, often without thorough validation, LLMs are susceptible to so-called data poisoning or backdoor attacks. Here, attackers inject malicious code for the training data, which can be carried over into the hardware description code (HDL) generated by LLMs. This threat vector can compromise the security and integrity of entire hardware systems. In this work, we propose RTL-Breaker, a novel backdoor attack framework on LLM-based HDL code generation. RTL-Breaker provides an indepth analysis of essential aspects of this novel problem: 1) various trigger mechanisms versus their effectiveness for inserting malicious modifications, and 2) side-effects by backdoor attacks on code generation in general, i.e., impact on code quality. RTL-Breaker emphasizes the urgent need for more robust measures to safeguard against such attacks. Toward that end, we open-source our framework and all data.
KW - Backdoor Attacks
KW - HDL Code Generation
KW - LLM
UR - http://www.scopus.com/inward/record.url?scp=105006895944&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=105006895944&partnerID=8YFLogxK
U2 - 10.23919/DATE64628.2025.10993260
DO - 10.23919/DATE64628.2025.10993260
M3 - Conference contribution
AN - SCOPUS:105006895944
T3 - Proceedings -Design, Automation and Test in Europe, DATE
BT - 2025 Design, Automation and Test in Europe Conference, DATE 2025 - Proceedings
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 31 March 2025 through 2 April 2025
ER -