The Surprising Truth: Verification Is Bigger Than Design
Many people think engineers spend most of their time designing chips. They don't.

When people imagine chip development, they picture inventions: a new processor architecture, a clever accelerator, a faster data path or a more secure way to protect information. That is the visible part of the work. The less visible part is often larger.
On many complex semiconductor programmes, verification takes more effort than design. A modern system-on-chip (SoC) is not one circuit but a tightly connected network of processors, memories, interfaces, security functions and specialised blocks. The challenge is not only to make each part work. It is to prove that the complete system still behaves correctly when everything happens at once, eventually under software workload.
That is where verification begins. Designers define what should happen. Verification explores what might happen.

The dangerous gaps between correct blocks
A specification describes expected behaviour, and the design turns that description into logic. Real systems, however, rarely stay on the neat, expected path. Data may arrive late. Two subsystems may request the same resource simultaneously. A reset may interrupt a transaction. An interface may receive a malformed message. A protected memory region may be reached through an unexpected sequence.
The most serious defects often appear in these interactions rather than inside a single block. A processor, memory controller and security engine may each be correct in isolation, while their combination creates a flaw no one intended.
Verification exists to uncover those hidden interactions before they become permanent silicon. It is not a second attempt at design, but a different perspective: not only whether the intended path works, but whether the system remains correct when events arrive in the wrong order, at the wrong time or under hostile conditions.
Battlefield lesson: when a drone identifies its own operator
Commercial DJI drones have played an important role in the war in Ukraine, but some models also transmit a signal known as DroneID. Researchers showed that it could reveal the drone’s identity and position - and the coordinates of the person controlling it. In civilian airspace, that feature supports accountability and safety. On a battlefield, it can become a targeting mechanism. Ukrainian forces reported that intercepted DroneID signals and DJI AeroScope receivers could help Russian units locate operators, forcing users to modify firmware, change procedures and reduce the time spent transmitting from one position. The security lesson is broader than a conventional software bug. Hardware and firmware designed for one environment may expose critical information in another. In embedded systems, every radio transmission should be treated as a potential intelligence signal.
Sources: NDSS 2023, Drone Security and the Mysterious Case of DJI’s DroneID; Conner Bender, DJI Drone IDs Are Not Encrypted; WIRED, This Hacker Tool Can Pinpoint a DJI Drone Operator’s Exact Location
Testing a chip before it exists
Most verification happens before there is any physical chip to test. The design begins as a digital model that can be simulated, stressed and examined long before wafers are manufactured.
Some tests confirm specific functions. Others are generated automatically to create combinations that no engineer would think to try manually. Formal methods go further by proving that selected rules cannot be broken under permitted conditions: an untrusted domain must never access protected memory; a safety response must occur within a defined time; conflicting control signals must never be active together.
Coverage analysis shows what has actually been exercised and what remains uncertain. Later, the design may run on an FPGA or emulation platform so that real software, sensors and interfaces can interact with it before the final silicon exists.
No single technique is enough. Confidence comes from combining simulation, formal proof, coverage, emulation and repeated regression testing as the design evolves. In practice, the verification environment becomes a complex product of its own.
AI is changing both sides of the equation
AI is entering semiconductor development in two different ways. Generative tools can help create RTL, testbenches and verification properties faster. That may accelerate development, but generated logic can look plausible while containing subtle errors, unnecessary functions or insecure behaviour. AI-generated hardware should therefore be treated as untrusted input until it has been independently checked.
AI is also helping verification teams work more effectively. Commercial EDA platforms such as Cadence Verisium, Synopsys VSO.ai and Siemens Questa One SFV use machine learning or generative techniques to prioritise tests, analyse failures, identify coverage gaps and direct effort toward the areas of greatest risk.
The emerging role of AI is clear: widen the search and shorten the path to coverage closure, but do not replace formal proof, measurable evidence or independent sign-off. The goal is not to let AI verify its own work. It is to use AI to explore more possibilities while established methods decide whether the design is ready.
Security changes the question
Traditional verification asks whether the chip works. Security asks whether it can be misused.
A chip may produce the correct result and still be vulnerable. A secret key may leak through an unintended path. A debug interface may remain accessible after production. A malformed message may bypass a protection mechanism, or a compromised subsystem may influence another one.
Adding secure boot, encryption or a hardware root of trust is therefore not enough. Security functions must be examined in the context of the complete system. In autonomous systems and critical infrastructure, the distinction is stark: a functional defect may stop a device; a security defect may allow someone else to control it.
Verification must build evidence that the platform remains trustworthy when conditions become abnormal, adversarial or difficult to predict. A security feature that has not been verified is still only an intention.
Geopolitical lesson: hardware that cannot be trusted may become unusable
The dispute over Huawei’s role in Western 5G networks was not based solely on proof of a specific hidden backdoor. A central concern was whether governments and telecom operators could obtain enough assurance about the security, integrity and long-term maintainability of extremely complex network equipment. UK reviews identified recurring weaknesses in Huawei’s software engineering, component management and ability to demonstrate that deployed equipment reliably matched reviewed code. Combined with changes in Huawei’s semiconductor supply chain, those uncertainties led the UK to stop new purchases of Huawei 5G equipment and require its removal from the network. The security lesson: in critical infrastructure, an inability to verify hardware and its supply chain can itself become an unacceptable risk. Trust must be demonstrated across silicon, firmware, updates and manufacturing - not merely promised by the vendor.
From correctness to sovereign trust
The next step is broader than cybersecurity. Technological sovereignty is often described as the ability to design or manufacture chips within a region. It also depends on the ability to understand and verify what is inside them.
Modern chips combine internally developed logic with external IP, firmware, design libraries and automated tool flows. Reuse is essential, but it creates complexity and dependency. Future verification must show not only that every required function is present, but that every important part of the implementation has a clear purpose.
That means asking whether unused interfaces remain enabled, undocumented operating modes exist, data can travel along unintended paths or third-party IP contains capabilities the final product does not need. Unnecessary logic increases the attack surface even when it was not added maliciously.
The long-term direction is stronger traceability from requirements to implementation, more formal analysis of information flow, e.g. using the verification IP from another vendor, and more auditable design processes. Absolute proof that no hidden function exists is extraordinarily difficult. But it should become increasingly possible to show that implemented logic is understood, justified and controlled. That is what sovereign trust should mean in practice.
Verification is the foundation of confidence
Verification becomes bigger than design because the consequences of getting it wrong are growing. Chips are more complex, more connected and more deeply embedded in systems that matter. Customers, regulators and governments increasingly expect evidence, not claims.
Strong verification reduces the risk of costly respins, protects schedules, supports certification and makes customer adoption easier. It also creates reusable assets for future chip generations: test environments, security properties, formal proofs and validation platforms.
Design defines what the chip should do. Verification builds the evidence that it does exactly that - and that nothing important remains unexplained.
In an age of AI-generated logic, cyberattacks, global supply chains and growing reliance on autonomous systems, trust cannot simply be assumed. It has to be designed, challenged and verified.
What’s Next?
If verification is how engineers build confidence before manufacturing, a question follows: How can a chip be tested, refined and even run before the physical silicon exists?
In the next article, we’ll explore how modern chips are effectively built first as complete digital models before they exist as physical devices.
Next article: A Modern Chip Is Built Twice
© 2026 Polski Krzem PSA


