Paper 2023/212
Generating Secure Hardware using ChatGPT Resistant to CWEs
Abstract
The development of Artificial Intelligence (AI) based systems to automatically generate hardware systems has gained an impulse that aims to accelerate the hardware design cycle with no human intervention. Recently, the striking AI-based system ChatGPT from OpenAI has achieved a momentous headline and has gone viral within a short span of time since its launch. This chatbot has the capability to interactively communicate with the designers through a prompt to generate software and hardware code, write logic designs, and synthesize designs for implementation on Field Programmable Gate Array (FPGA) or Application Specific Integrated Circuits (ASIC). However, an unvetted ChatGPT prompt by a designer with an aim to generate hardware code may lead to security vulnerabilities in the generated code. In this work, we systematically investigate the necessary strategies to be adopted by a designer to enable ChatGPT to recommend secure hardware code generation. To perform this analysis, we prompt ChatGPT to generate code scenarios listed in Common Vulnerability Enumerations (CWEs) under the hardware design (CWE-1194) view from MITRE. We first demonstrate how a ChatGPT generates insecure code given the diversity of prompts. Finally, we propose techniques to be adopted by a designer to generate secure hardware code. In total, we create secure hardware code for $10$ noteworthy CWEs under hardware design view listed on MITRE site.
Metadata
- Available format(s)
- Category
- Applications
- Publication info
- Preprint.
- Keywords
- ChatGPTCommon Vulnerability EnumerationHardware Design
- Contact author(s)
-
madhav rajunair @ gmail com
rajatssr835 @ gmail com
debdeep mukhopadhyay @ gmail com - History
- 2023-02-20: approved
- 2023-02-17: received
- See all versions
- Short URL
- https://ia.cr/2023/212
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2023/212, author = {Madhav Nair and Rajat Sadhukhan and Debdeep Mukhopadhyay}, title = {Generating Secure Hardware using {ChatGPT} Resistant to {CWEs}}, howpublished = {Cryptology {ePrint} Archive, Paper 2023/212}, year = {2023}, url = {https://eprint.iacr.org/2023/212} }