Weebit Nano eyes ReRAM edge as chip security race heats up

• Computer memory is a favourite back door for hackers
• ReRAM makes that door nearly impossible to pick
• Weebit Nano is bringing ReRAM to the market

Special Report: Many hackers look to exploit vulnerabilities in the memory technology inside devices, and that weakness is where Weebit Nano (ASX:WBT) ’s ReRAM sees its chance.

For all the talk about hackers breaching clouds and databases, the truth is many attacks don’t start there.

They begin right inside the chips that power everything from smart cards to cars, to the ocean of IoT gadgets now embedded in our daily lives.

And the part of the chip that makes attackers lick their lips?

Memory technology.

Memories are where the crown jewels sit. Encryption keys, personal data, logs – all the stuff you really don’t want walking out the back door.

The problem is that traditional memory technologies like flash and DRAM were never built with iron-clad security in mind.

With the right tools (and these days those tools are more accessible than ever) they can be probed, cloned or corrupted.

“Traditionally, in SoC architectures, sensitive data constantly moves across the interconnect bus linking RAM, the CPU, and security blocks,” explained Florian Pebay-Peyroula, a senior research engineer at CEA-Leti in France.

“This makes them highly vulnerable to physical side-channel attacks, which can easily capture such information in transit,” he told Stockhead.

That’s just the start.

Pebay-Peyroula points out that SoC (System-on-Chip) memories themselves are wide open to a range of hardware attacks, from data remanence to malicious modifications with laser fault injection.

In other words, today’s memory looks less like a vault and more like a filing cabinet with a wobbly lock.

Enter ReRAM

This is where ReRAM (Resistive RAM) starts to look less like just another memory technology and more like a genuine security play.

Unlike flash, which stores data as charges that can leak or be read out, ReRAM stores bits through changes in resistance at the atomic level.

In simple terms, instead of holding tiny packets of electric charge that hackers can sneak a peek at, it shifts the “pathways” inside the material itself to represent ones and zeros.

That physical difference makes it inherently harder to tamper with or reverse engineer.

Think of it like comparing a padlock where you can copy the key just by looking at the grooves, versus a vault that changes its locks every time you close the door.

“In this landscape, ReRAM memories could represent a major shift in SoC security,” said Pebay-Peyroula.

Current research shows it’s almost impossible to look directly into the tiny filament inside ReRAM – the part that flips to store a 1 or 0 – even with the most advanced imaging techniques.

“While programming signals can still reveal some data-dependent electromagnetic leakage, ongoing work is actively mitigating this issue.”

He added that ReRAM also works well with newer in-memory and near-memory computing architectures.

That means sensitive data doesn’t have to keep travelling back and forth between the processor, the memory and the security blocks.

Less movement means fewer chances for attackers to snoop.

Watch: WBT’s CEO Coby Hanoch on the company’s FY25 results, which saw revenue grow by more than 300%.

Randomness as defence

But ReRAM isn’t just about being harder to hack. It has another trick up its sleeve: randomness.

When bits are programmed, the underlying physical processes produce entropy that can be harnessed to generate random numbers.

That matters because random numbers sit at the heart of all cryptography, from generating unique security IDs to creating encryption keys that can’t be guessed.

“Randomness generation is another promising area where ReRAM can bring added value,” Pebay-Peyroula said.

The way ReRAM devices are built and programmed can naturally create high-quality entropy (which basically means true randomness) as long as they’re run under the right conditions.

“This entropy can be leveraged for true random number generators (TRNGs) as well as physically unclonable functions (PUFs).”

That combination – secure memory storage and native randomness – is powerful.

With PUFs, every chip can be given its own “fingerprint,” impossible to clone and immune to traditional theft of stored keys.

Pebay-Peyroula notes that ReRAM’s strong thermal robustness makes it especially attractive for automotive markets, where devices need to last decades in environments far harsher than a smartphone will ever see.

The standards game

Of course, no technology exists in a vacuum.

For ReRAM to be adopted in smart cards, cars, or IoT, it has to pass the scrutiny of regulators and certifiers. And that’s where things get tricky.

Proving security takes more than claims, it requires solid models showing entropy and resilience under real-world conditions.

“For widespread adoption in markets such as automotive, IoT and smart cards, ReRAM-based security functions must comply with established certification standards such as Common Criteria,” said Pebay-Peyroula.

This is already mandatory for TRNGs (True Random Number Generators), as required by AIS-31 (a German standard), and will likely extend to PUFs (Physically Unclonable Functions) soon.

He warned that evaluators sometimes demand full access to memory designs, a thorny issue for IP companies such as Weebit Nano.

But certification frameworks are evolving, he said, and will need to adapt to new memory technologies like ReRAM.

The timing couldn’t be sharper

Security threats are rising with every new wave of connected devices, and attackers are only getting more sophisticated.

IoT gadgets, in particular, are easy pickings; they are small, underpowered, and often shipped without much thought to security.

But it’s not just wearables or smart fridges on the line.

Cars today are rolling computers packed with dozens of chips, each one a potential entry point. A successful hack in automotive isn’t just about stolen data; it can put lives at risk.

And for ASX-listed Weebit Nano, all that shift in the threat landscape could be a real opportunity.

This article was developed in collaboration with Weebit Nano, a Stockhead advertiser at the time of publishing.

This article does not constitute financial product advice. You should consider obtaining independent advice before making any financial decisions.