The microcontrollers in some systems and devices are configured to execute-in-place (XIP) code from memory devices that are external to the microcontrollers. For example, a microcontroller and an external (e.g., flash) memory device may be disposed on a printed circuit board (PCB), or equivalent structure, and coupled to each other over PCB tracks, traces, or equivalents. In such system or device, however, using an external memory device to store the code image for a microcontroller has the inherent risk of theft of the code it contains. For example, a malicious party may physically remove the external memory device and may subsequently download (or otherwise) extract the code image stored therein.
One approach to address this issue may be to keep the code image on the external memory device in encrypted form and, when needed for execution, to copy the encrypted image to random access memory (RAM) within the microcontroller and decrypt it there. One drawback of this approach, however, is that it requires a large internal cache or RAM memory (e.g., to hold the encrypted and unencrypted copies of the code image), which a microcontroller typically does not have since it is the reason why an external memory device is being used in the first place. Another drawback is that this approach simply defeats the purpose of XIP code execution. For this reason, at present most (if not all) microcontroller providers offer no protection against code theft when using external memory with their microcontroller devices.