Contrary to popular assumption, Static RAM (SRAM), the main memory in most modern microcontrollers, temporarily retains its contents after power is lost. Instead of an immediate erase, SRAM data progressively degrades over a period (from milliseconds to several minutes at low temperatures) when power is cut o . This e ect, known as data remanence, is exploited by cold boot attacks, which are hardware-level threads that target encryption keys and other sensitive data stored in SRAM. On power-up, SRAM cells spontaneously set to unpredictable 0 or 1-states. These initial SRAM values describe a unique binary pattern that reveals a physical ngerprint of the device. Physical Unclonable Functions (PUFs) take advantage of this inherent process to obtain cryptographic keys or identi ers directly out of the chips, o ering a cost-e ective solution and a more secure alternative to conventional key-storage based on non-volatile memories. Moreover, SRAM power-up states may also be used as a source of randomness for True Random Number Generators (TRNGs). This Master's Thesis addresses these two security-related topics regarding SRAM modules in embedded systems. First, this project aims to investigate the vulnerability against cold-boot attacks of modern low-power devices, which is directly related to their low-temperature SRAM data remanence characteristics. Second, to assess the feasibility of implementing a PUF and a TRNG from SRAM power-up states. Both analyses consider the impact of temperature variations and are particularized for SRAM modules embedded in PIC18F4520 microcontrollers. Two sets of experiments are performed to generate the data required by both studies. The experimental setup and methodology are entirely designed and implemented within this project. The control of the execution of the experiments and the post-processing of the data are performed using MATLAB. Then, a set of metrics for characterizing SRAM data remanence are de ned, and a general methodology for SRAM-PUF and TRNG evaluation is established. The characterization of SRAM data remanence reveals that unprotected PIC18F4520 microcontrollers could be vulnerable to cold-boot attacks at temperatures below 0 C and that similar behaviour could be expected from same-range devices. The evaluation of the SRAM power-up states characteristics indicates that implementing an SRAM-PUF in PIC18F4520 microcontrollers could be feasible. In contrast, insu cient randomness appears to be contained in PIC18F4520 SRAM power-up states for a TRNG implementation to be viable in practice
