eprint.iacr.org will be offline for approximately an hour for routine maintenance at 11pm UTC on Tuesday, April 16. We lost some data between April 12 and April 14, and some authors have been notified that they need to resubmit their papers.

Paper 2023/212

Generating Secure Hardware using ChatGPT Resistant to CWEs

Madhav Nair, Indian Institute of Technology Kharagpur
Rajat Sadhukhan, Indian Institute of Technology Kharagpur
Debdeep Mukhopadhyay, Indian Institute of Technology Kharagpur
Abstract

The development of Artificial Intelligence (AI) based systems to automatically generate hardware systems has gained an impulse that aims to accelerate the hardware design cycle with no human intervention. Recently, the striking AI-based system ChatGPT from OpenAI has achieved a momentous headline and has gone viral within a short span of time since its launch. This chatbot has the capability to interactively communicate with the designers through a prompt to generate software and hardware code, write logic designs, and synthesize designs for implementation on Field Programmable Gate Array (FPGA) or Application Specific Integrated Circuits (ASIC). However, an unvetted ChatGPT prompt by a designer with an aim to generate hardware code may lead to security vulnerabilities in the generated code. In this work, we systematically investigate the necessary strategies to be adopted by a designer to enable ChatGPT to recommend secure hardware code generation. To perform this analysis, we prompt ChatGPT to generate code scenarios listed in Common Vulnerability Enumerations (CWEs) under the hardware design (CWE-1194) view from MITRE. We first demonstrate how a ChatGPT generates insecure code given the diversity of prompts. Finally, we propose techniques to be adopted by a designer to generate secure hardware code. In total, we create secure hardware code for $10$ noteworthy CWEs under hardware design view listed on MITRE site.

Metadata
Available format(s)
PDF
Category
Applications
Publication info
Preprint.
Keywords
ChatGPTCommon Vulnerability EnumerationHardware Design
Contact author(s)
madhav rajunair @ gmail com
rajatssr835 @ gmail com
debdeep mukhopadhyay @ gmail com
History
2023-02-20: approved
2023-02-17: received
See all versions
Short URL
https://ia.cr/2023/212
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2023/212,
      author = {Madhav Nair and Rajat Sadhukhan and Debdeep Mukhopadhyay},
      title = {Generating Secure Hardware using ChatGPT Resistant to CWEs},
      howpublished = {Cryptology ePrint Archive, Paper 2023/212},
      year = {2023},
      note = {\url{https://eprint.iacr.org/2023/212}},
      url = {https://eprint.iacr.org/2023/212}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.