New Technical Guide: Physical Memory Protection for Embedded Systems
We are pleased to share the publication of a new technical guide (STIG) on microcontroller memory protection.
This document aims to support embedded cybersecurity teams in transitioning from a system without memory protection to an architecture where the MPU (Memory Protection Unit) is used as a defensible security control in technical review and cyber audit.
This guide connects hardware mechanisms to concrete threats, software architecture choices, and operational verification criteria.
Supported Architectures
This guide covers the following architectures:
- ARMv7-M
- ARMv8-M
- NXP PowerPC base e200
- RISC-V with PMP
Guide Objectives
The guide aims to:
- formalize security objectives related to the use of the MPU in critical systems
- link concrete attack scenarios, illustrated with real-world examples
- associate an analysis and validation logic allowing to demonstrate compliance with security objectives
It also indicates the limitations of using the MPU alone, in order to better understand its ability to integrate into a more general secured and resilient architecture for equipment using microcontrollers.
Download the Guide
English version: Download Technical Guide (PDF)
French version: Télécharger le guide technique (PDF)
The document is published under a Free License.