Understanding the Security Landscape of Embedded Non-Volatile Memories: A Comprehensive Survey

TL;DR

This comprehensive survey explores the security landscape of embedded non-volatile memories (eNVMs), highlighting vulnerabilities, security primitives, threats, and research trends in this rapidly evolving field.

Contribution

It provides an extensive review of security issues, primitives, threats, and publication trends related to eNVMs, offering a valuable resource for future research and development.

Findings

eNVMs have unique security vulnerabilities due to their data retention features.

Security primitives like PUFs and TRNGs are extensively used in eNVMs.

Research activity on eNVM security has significantly increased since the early 2000s.

Abstract

The modern semiconductor industry requires memory solutions that can keep pace with the high-speed demands of high-performance computing. Embedded non-volatile memories (eNVMs) address these requirements by offering faster access to stored data at an improved computational throughput and efficiency. Furthermore, these technologies offer numerous appealing features, including limited area-energy-runtime budget and data retention capabilities. Among these, the data retention feature of eNVMs has garnered particular interest within the semiconductor community. Although this property allows eNVMs to retain data even in the absence of a continuous power supply, it also introduces some vulnerabilities, prompting security concerns. These concerns have sparked increased interest in examining the broader security implications associated with eNVM technologies. This paper examines the security aspects of eNVMs by discussing the reasons for vulnerabilities in specific memories from an architectural point of view. Additionally, this paper extensively reviews eNVM-based security primitives, such as physically unclonable functions and true random number generators, as well as techniques like logic obfuscation. The paper also explores a broad spectrum of security threats to eNVMs, including physical attacks such as side-channel attacks, fault injection, and probing, as well as logical threats like information leakage, denial-of-service, and thermal attacks. Finally, the paper presents a study of publication trends in the eNVM domain since the early 2000s, reflecting the rising momentum and research activity in this field.