Caspia Technologies Significantly Expands Agentic Silicon Security Verification with New Release of CODAx

GAINESVILLE, Fla., May 20: Caspia Technologies announced a significant expansion of its flagship security verification product CODAx. New features were described along with the impact on agentic workflows and associated customer momentum. Some details of Caspia’s security audit of the open-source Caliptra root-of- trust were also disclosed. And the company provided a preview of its communication plans over the next two months.

CODAx, Caspia’s RTL security analyser, was updated with two new AI- driven features, Asset Assist and Report Assist. These features significantly enhance the usability for wider deployment across all design teams, without requiring security expertise.

Security analysis begins with understanding what needs to be protected. Current practices in identifying security assets are manual and require expert assistance. This results in limited identification of security assets and limited scope and coverage for security analysis.

Asset Assist performs automated asset identification on the target design using design-specific details to find a much broader list of security-relevant attributes. The result is a more targeted and comprehensive security analysis. Examples of security assets include untrusted signals, protected states, and critical control signals.

Report Assist addresses the process of understanding the impact of violations to develop a prioritised solution strategy. Current practices can be extremely time-consuming and also require expert assistance. Report Assist delivers AI-driven analysis of CODAx security violations with context- driven insights, design-specific severity ratings, and tailored impact scores. This automated violation triage delivers much faster and more effective strategies to address key issues.

These new features can reduce weeks to months of security verification to minutes to hours, allowing existing design teams to perform advanced security verification at scale.

“Report Assist and Asset Assist are paving the way for automated, agentic security verification,” said Stuart Audley, VP and GM of product management at Caspia. “We are seeing significant traction across first-tier CPU, GPU, and memory providers. I am delighted to see our agentic vision begin to take shape.”

The Caliptra root-of-trust represents a production-grade, open-source security IP developed to serve as a foundational trust anchor in SoC designs. It contains over 700 design files, amounting to more than 300,000 lines of RTL code.

The analysis identified 10 critical items and over 50 high-priority findings. These vulnerabilities are exactly the kind of footholds an attacker needs to wedge into a device and take control.

Caspia shared the details of errors associated with one directive related to fault injection susceptibility for sensitive controller states. This directive analyzes the fault injection feasibility metric for finite state machine (FSM) state encodings. Caspia explained that violating this directive makes glitches or fault-induced jumps into protected behavior more feasible, impacting integrity and resulting in potential information leakage.

“The Caliptra design sees widespread use in the industry,” said Beau Bakken, VP of products at Caspia. “We are working with the appropriate contacts in the industry to share these results and assist in developing appropriate corrective action.”