- Hardware Trojans threaten the global chip industry deep in supply chains
- Even 97% accuracy leaves room for devastating vulnerabilities in production chips
- Detecting hidden threats before deployment remains a critical engineering challenge
AI is increasingly being used to detect threats hidden in computer chips, with researchers at the University of Missouri claiming their new method achieves a 97% success rate in identifying hardware Trojans.
These malicious alterations are inserted during chip manufacturing and can compromise devices used in data centers, medical equipment or even defense systems.
The team’s work represents an important step in applying AI tools to secure the hardware that supports much of the digital economy.
The persistent challenge of hardware Trojans
Modern computer chips are produced through a vast global supply chain, with design, testing and assembly often carried out by multiple companies in different countries.
This complexity creates the possibility of inserting Trojans at almost every stage of production, making them extremely difficult to detect.
Once integrated, they may remain inactive until activated, leading to data theft or device failure.
Detecting and eliminating these threats is expensive and, in severe cases, can force companies to recall entire product lines, damaging their finances and reputation.
To address these challenges, researchers at the University of Missouri introduced PEARL, a system that applies extended language models (LLMs) such as GPT-3.5 Turbo, Gemini 1.5 Pro, Llama 3.1, and DeepSeek-V2 for hardware Trojan detection.
PEARL uses context-learning techniques, including zero, one-shot, and few-shot strategies, to identify Trojans in Verilog code without training from scratch.
It also provides human-readable explanations describing why a section of code has been classified as malicious, improving transparency.
By combining open source and enterprise LLMs, the researchers tested the adaptability and interpretability of the model on different chip benchmarks, including the Trust-Hub and ISCAS 85/89 datasets.
Experimental results show that enterprise LLMs like GPT-3.5 Turbo achieved 97% accuracy in detecting unknown hardware Trojans, while open source models like DeepSeek-V2 achieved around 91%.
Additionally, PEARL works without the need for a “golden model”, which is typically a clean reference chip used for comparison purposes, allowing for wider practical application.
Despite its promising results, a 97% detection rate still leaves a small but significant margin for undetected Trojans.
Since chips are the foundation of critical digital systems, from financial networks to national defense operations, even minor vulnerabilities could have far-reaching effects.
In high-stakes industries, a single missed threat could lead to catastrophic failures. That’s why experts remain cautious about relying solely on AI-based models without additional layers of manual verification and testing.
The authors acknowledge that perfect detection is still elusive, especially given the sophistication of emerging Trojans.
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
