What is embedded memory?
Before discussing why securing embedded memory is so important – and providing some guidance on how to do it – we must touch on what types of memory are available and what the memory is used for. To not start here would be like trying to spec a house alarm without knowing anything about the property or its contents.
Techopedia defines an embedded system as follows:
“An embedded system is a dedicated computer system designed for one or two specific functions. This system is embedded as a part of a complete device system that includes hardware, such as electrical and mechanical components. The embedded system is unlike the general-purpose computer, which is engineered to manage a wide range of processing tasks. Because an embedded system is engineered to perform certain tasks only, design engineers may optimize size, cost, power consumption, reliability and performance. Embedded systems are typically produced on broad scales and share functionalities across a variety of environments and applications.”
The above definition is a great one, particularly the second half. A designer’s choice of memory is usually constrained by the overall optimization goals, and the priorities will change depending on the application and volumes (of product) likely to be manufactured. The implementation of security measures will be limited, in part, by having to meet the optimization goals.
For embedded systems, the memory is typically a solid-state memory (SSM). Also, for the purpose of this guide, we shall be discussing standalone memory ICs, cards, modules and solid-state drives (SSDs); because memory also resides inside microcontrollers and system-on-chip (SoC) devices too for example.
Memory falls into two categories, volatile memory and non-volatile memory (NVM):
- Volatile. This requires the memory to be powered and is used for the temporary storage of data. Two types are used in embedded systems, static random-access memory (SRAM) and dynamic random-access memory (DRAM). There are cost versus speed trade-offs between the two technologies as SRAM is faster but more expensive. Also, DRAM needs to be refreshed (even when powered) a few times every second.
- Non-volatile. This retains data once power is removed. Within this category there are two sub-categories:
- One time programmable (OTP). Examples include masked read only memory (ROM – written to at the point of manufacture), programmable ROM (PROM – which is manufactured blank, and the user can write to it just the once), and erasable PROM (EPROM – which can be written to again if is first erased using UV light).
- Read-write. Examples include electrically erasable PROM (EEPROM, sometime E2PROM) and Flash, which technically is a form of EEPROM. It is just architecturally different.
Your security considerations start right here. For example, where NVM is concerned, if you don’t envisage needing to revise data in the field, you can go down the non-volatile OTP route. Your data might be accessible – physically via a comms port or remotely via wireless – but it cannot be altered.
As for the physical form factor of the embedded memory, there are many types. The most common are chips/ICs.
Smaller memory capacity ICs are available in plastic dual in-line package (PDIP) and small outline IC (SOIC) package form factors, and are soldered onto the PCB; thus a permanent fixture. Larger capacity memory ICs, such as DRAM, packaging forms include thin small outline package (TSOP), chip-scale packaging (CSP), low-profile quad flat pack (LQFP) and ball grid array (BGA). Again, they can be soldered to a PCB as a permanent fixture.
If there is likelihood of needing to change / upgrade the memory, then cards and modules are available; and the PCB will have a card slot or connector.
Removable memory formats also include USB devices (e.g. memory sticks / thumb drives) and SD / microSD cards. Though capacities might not be as large, they are sufficient for most embedded systems.