- Hardware trojans threaten the global chip industry from deep within supply chains
- Even 97% accuracy leaves room for devastating vulnerabilities in production chips
- Detecting hidden threats before deployment remains a critical engineering challenge
AI is increasingly being used to detect hidden threats in computer chips, with researchers at the University of Missouri claiming their new method achieves a 97% success rate in identifying hardware trojans.
These malicious alterations are inserted during chip manufacturing and can compromise devices used in data centers, medical equipment, or even defense systems.
The team’s work represents an important step in applying AI tools to secure the hardware that supports much of the digital economy.
The persistent challenge of hardware trojans
Modern computer chips are produced through an extensive global supply chain, with design, testing, and assembly often handled by multiple firms in different countries.
This complexity creates opportunities for trojans to be inserted at nearly any stage of production, making them extremely difficult to detect.
Once embedded, they can remain dormant until activated, leading to data theft or device failure.
Detecting and removing these threats is costly, and in severe cases can force companies to recall entire product lines, damaging both finances and reputation.
To address these challenges, researchers from the University of Missouri introduced PEARL, a system that applies large language models (LLMs) like GPT-3.5 Turbo, Gemini 1.5 Pro, Llama 3.1, and DeepSeek-V2 for hardware trojan detection.
PEARL uses in-context learning techniques, including zero-shot, one-shot, and few-shot strategies, to identify trojans in Verilog code without training from scratch.
It also provides human-readable explanations that describe why a section of code was classified as malicious, thereby improving transparency.
By combining open-source and enterprise LLMs, the researchers tested the model’s adaptability and interpretability across different chip benchmarks, including Trust-Hub and ISCAS 85/89 datasets.
Experimental results show that enterprise LLMs like GPT-3.5 Turbo achieved up to 97% accuracy in detecting unknown hardware trojans, while open-source models like DeepSeek-V2 reached about 91%.
Additionally, PEARL operates without needing a “golden model,” which is typically a clean reference chip used for comparison, allowing broader practical application.
Despite its promising results, a detection rate of 97% still leaves a small but meaningful margin for undetected trojans.
Given that chips underpin critical digital systems, from financial networks to national defense operations, even minor vulnerabilities could have wide-reaching effects.
In high-stakes industries, a single missed threat could result in catastrophic failures – therefore, experts remain cautious about relying solely on AI-driven models without additional layers of manual verification and testing.
The authors acknowledge that perfect detection is still unattainable, especially given the sophistication of emerging trojans.
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.
