The growing complexity of modern system-on-chip (SoC) and IP designs is making security assurance difficult day by day. One of the fundamental steps in the pre-silicon security verification of a hardware design is the identification of security assets, as it substantially influences downstream security verification tasks, such as threat modeling, security property generation, and vulnerability detection. Traditionally, assets are determined manually by security experts, requiring significant time and expertise. To address this challenge, we present LAsset, a novel automated framework that leverages large language models (LLMs) to identify security assets from both hardware design specifications and register-transfer level (RTL) descriptions. The framework performs structural and semantic analysis to identify intra-module primary and secondary assets and derives inter-module relationships to systematically characterize security dependencies at the design level. Experimental results show that the proposed framework achieves high classification accuracy, reaching up to 90% recall rate in SoC design, and 93% recall rate in IP designs. This automation in asset identification significantly reduces manual overhead and supports a scalable path forward for secure hardware development.

翻译：现代片上系统（SoC）和IP设计的日益复杂性使得安全保证变得日益困难。硬件设计在流片前的安全验证中，一个基础步骤是识别安全资产，因为它深刻影响下游的安全验证任务，例如威胁建模、安全属性生成和漏洞检测。传统上，资产由安全专家手动确定，需要大量的时间和专业知识。为应对这一挑战，我们提出了LAsset，一种新颖的自动化框架，它利用大语言模型（LLMs）从硬件设计规范和寄存器传输级（RTL）描述中识别安全资产。该框架执行结构和语义分析，以识别模块内的主要和次要资产，并推导模块间关系，从而在设计层面系统地刻画安全依赖关系。实验结果表明，所提出的框架实现了高分类准确率，在SoC设计中召回率高达90%，在IP设计中召回率达到93%。这种资产识别的自动化显著减少了人工开销，并为安全的硬件开发提供了一条可扩展的前进路径。