To address security vulnerabilities of analog integrated circuits (ICs) to stealthy analog Trojans (ATs) in outsourced manufacturing, this paper proposes the first large language model (LLM)-based automated framework for AT generation and evaluation. Unlike digital Trojans, existing AT research suffers from scarce real-world instances and inadequate modeling of stealthiness. Our approach innovatively employs an LLM as an autonomous agent, integrating a circuit simulation feedback loop, netlist-level topological modeling, and activation-range constraint optimization to enable customized, highly stealthy AT synthesis. Experimental results demonstrate that the generated ATs exhibit an average activation voltage range of only 15.74%, ensuring high stealth under normal operating conditions; upon activation, they degrade critical performance metrics by 11.3%, significantly enhancing attack realism and strengthening benchmarks for Trojan detection.

Analog and mixed-signal (A/MS) integrated circuits (ICs) are integral to safety-critical applications. However, the globalization and outsourcing of A/MS ICs to untrusted third-party foundries expose them to security threats, particularly analog Trojans. Unlike digital Trojans which have been extensively studied, analog Trojans remain largely unexplored. There has been only limited research on their diversity and stealth in analog designs, where a Trojan is activated only during a narrow input voltage range. Effective defense techniques require a clear understanding of the attack vectors; however, the lack of diverse analog Trojan instances limits robust advances in detection strategies. To address this gap, we present LATENT, the first large language model (LLM)-driven framework for crafting stealthy, circuit-specific analog Trojans. LATENT incorporates LLM as an autonomous agent to intelligently insert and refine Trojan components within analog designs based on iterative feedback from a detection model. This feedback loop ensures that the inserted Trojans remain stealthy while successfully evading detection. Experimental results demonstrate that our generated Trojan designs exhibit an average Trojan-activation range of 15.74%, ensuring they remain inactive under most operating voltages, while causing a significant performance degradation of 11.3% upon activation.