Oct. 13, 2025
Contact: Eric Stann, StannE@missouri.edu
From smartphones to medical devices, computer chips power nearly everything we use today. But hidden deep inside these chips, there’s a little-known threat: hardware trojans — malicious modifications to a chip’s design that can steal data, weaken security and sabotage systems.
Traditionally, detecting hardware trojans has been an expensive, time-consuming and complicated process. Now, University of Missouri researchers are introducing a new artificial intelligence-driven method to find these threats faster and more easily than before, said Ripan Kumar Kundu, a doctoral candidate in Mizzou’s College of Engineering.
In a project led by Kundu, Mizzou’s team is leveraging existing large language models — the same type of AI that powers popular chatbots — to scan chip designs for hidden threats. The method doesn’t just identify suspicious lines of code with 97% accuracy; it also explains why it’s malicious, making the process more transparent.
“That explanation is critical because it saves developers from digging through thousands of lines of code,” Kundu said. “We’re making the process faster, clearer and more trustworthy.”
The system is flexible, too: It can run on local machines or through cloud services, making it useful for both open-source developers and large companies. It can also be integrated into chip-design processes across multiple industries, including consumer electronics, health care, finance and defense.
Why it matters
Unlike software viruses, hardware trojans can’t be removed once the chip is made. They go undetected until triggered by an attacker, and the results can be devastating — devices can malfunction, leak sensitive data or even disrupt national defense systems.
Because these chips are designed and built through a global supply chain, trojans can be added at almost any stage of production, making it difficult to identify them. Mizzou’s approach offers big advantages for the industries involved in this production pipeline. By catching trojans early, companies can avoid the huge financial and reputational damage of discovering them later, which leads to costly recalls of chips or destroyed products.
“These chips are the foundation of our digital world,” Khurram Khalil, a doctoral candidate in Mizzou’s College of Engineering and co-author of the study, said. “By combining the power of artificial intelligence with an understandable explanation, we’re building tools to protect that foundation at every step of the supply chain.”
The Mizzou team is also developing ways to automatically fix chips in real time, which can help prevent problems before they ever reach production. In addition, researchers see the potential for their method to help secure other critical systems, such as power grids and infrastructure.
The project is detailed in the study: “PEARL: An adaptive and explainable hardware trojan detection using open source and enterprise large language models,” which is published in IEEE Access. University of Missouri Curators’ Distinguished Professor Prasad Calyam and Associate Professor Khaza Anuarul Hoque are co-authors, as well as Eric Garcia, a student at Columbia College, and Ethan Grassia, a student at Loyola University.
