"Automating The Detection Of Hardware Common Weakness Enumerations In Early Design"
Researchers from NYU, Intel, Duke, and the University of Calgary have published a new technical paper titled "Don't CWEAT It: Toward CWE Analysis Techniques in Early Stages of Hardware Design." The paper emphasizes that it is critical to identify security concerns as early as possible, such as in Register Transfer Level (RTL) designs, to help prevent hardware security vulnerabilities from moving into later design stages where fixes are costly. The researchers investigated the practical implications and feasibility of developing a set of security-specific scanners that operate on Verilog source files. The scanners identify sections of code that may contain one of MITRE's Common Weakness Enumerations (CWEs). This article continues to discuss the new paper on automating the detection of hardware CWEs in early design.