Your design IP is your most valuable asset. ChipPilot is built for on-prem, private cloud, hybrid routing, command allowlists, sandboxed execution, redaction, and audit-ready verification runs.
ChipPilot never stores your RTL, netlist, or design files on our servers. All processing happens locally on your machine or within your private infrastructure. When using cloud LLM providers, only sanitized, abstracted prompts are transmitted — never raw design data.
Enterprise customers can deploy ChipPilot entirely within their private network with zero internet connectivity. Air-gapped mode uses local Ollama models for LLM inference and includes all dependencies in a self-contained Docker image.
All LLM prompts pass through a policy engine that strips sensitive identifiers, applies redaction rules, and validates output before it reaches your design environment. The sanitizer is configurable per organization.
The IP Guard module scans all outbound data for patterns that match proprietary design elements (module names, signal patterns, company identifiers) and blocks transmission if a match is found.
Enterprise RBAC provides three roles: Viewer (read-only), Operator (run pipelines), and Admin (full configuration). Roles are enforced at the API layer with hierarchical permissions.
Every action is logged with timestamp, user identity, action type, and affected resources. Audit logs are stored in structured JSON format and can be forwarded to your SIEM system for compliance monitoring.
Compliance in progress
Okta, Azure AD, OneLogin
TLS 1.3 in transit, AES-256 at rest
We take security vulnerabilities seriously. If you discover a security issue in ChipPilot, please report it responsibly:
We will acknowledge receipt within 48 hours and provide a timeline for resolution. We do not pursue legal action against security researchers who act in good faith.
Talk to our team about air-gapped deployments, custom security configurations, and compliance requirements.