Understanding the Security Landscape of Embedded Non-Volatile Memories: A Comprehensive Survey
Zakia Tamanna Tisha, Ujjwal Guin
TL;DR
This survey analyzes embedded non-volatile memories (eNVMs) as they become integral to high-performance, secure computing. It first surveys the five major eNVM technologies (Flash, PCM, MRAM, RRAM, FeRAM) and their architectural vulnerabilities, then details security primitives (PUFs and TRNGs) and protective techniques (obfuscation/locking) across these memories. It comprehensively catalogs attack vectors—side channels, probing, fault injection, row-hammer, information leakage, DoS, and thermal—demonstrating how eNVM properties can both enable robust security primitives and expose new vulnerabilities. The paper also tracks research trends and outlines future directions, emphasizing cross-layer design, secure in-memory computing, and resilience against evolving physical and logical threats.
Abstract
The modern semiconductor industry requires memory solutions that can keep pace with the high-speed demands of high-performance computing. Embedded non-volatile memories (eNVMs) address these requirements by offering faster access to stored data at an improved computational throughput and efficiency. Furthermore, these technologies offer numerous appealing features, including limited area-energy-runtime budget and data retention capabilities. Among these, the data retention feature of eNVMs has garnered particular interest within the semiconductor community. Although this property allows eNVMs to retain data even in the absence of a continuous power supply, it also introduces some vulnerabilities, prompting security concerns. These concerns have sparked increased interest in examining the broader security implications associated with eNVM technologies. This paper examines the security aspects of eNVMs by discussing the reasons for vulnerabilities in specific memories from an architectural point of view. Additionally, this paper extensively reviews eNVM-based security primitives, such as physically unclonable functions and true random number generators, as well as techniques like logic obfuscation. The paper also explores a broad spectrum of security threats to eNVMs, including physical attacks such as side-channel attacks, fault injection, and probing, as well as logical threats like information leakage, denial-of-service, and thermal attacks. Finally, the paper presents a study of publication trends in the eNVM domain since the early 2000s, reflecting the rising momentum and research activity in this field.