NETLAM: An Automated LLM Framework to Generate and Evaluate Stealthy Hardware Trojans
Tishya Sarma Sarkar, Kislay Arya, Siddhartha Chowdhury, and 4 more authors
In Applied Cryptography and Network Security Workshops, 2026
Securing externally sourced hardware designs is essential to prevent adversaries from embedding hardware Trojans. Trojans are stealthy modifications that leak data or create backdoors. Existing benchmarks like Trust-Hub provide only a limited set of Trojans (106), while the possibilities are virtually infinite. To address this, we propose NETLAM, a comprehensive framework utilizing multiple LLM-based tools to generate previously undiscovered Trojans not included in Trust-Hub. The first tool converts hardware netlists into Directed Acyclic Graphs (DAGs) to identify vulnerable nets and components in digital designs. Using these insights, the second tool generates stealthy Trojan-infected versions of the original design. To evaluate the stealthiness of these Trojans, we use an LLM-based equivalence checker, where stealthier Trojans pass equivalence checks while others are detected. We evaluate NETLAM using the AES dataset from Trust-Hub consisting of 28 Trojans. We identified 5 new Trojans, with high Common Vulnerability Scoring System (CVSS) scores, demonstrating their stealthiness. To prove the efficacy of the NETLAM generated Trojans, we further utilize an open-source formal equivalence checker to perform a functional equivalence check between the golden and the NETLAM generated Trojan-infected circuits. All of the suggested Trojans pass the formal equivalence check. However, the same Trojan-infested circuits fail in the NETLAM equivalence test, thus validating the effectiveness of our proposed framework. We show that LLMs and Generative AI models, such as GPT-4o and Gemini, can enhance Trojan detection by using semantic and probabilistic analysis rather than strict logical equivalence (GitHub Repository: https://github.com/shubhishukla10/NETLAM).