Usually the data remanence problem is tackled by wrapping the device into tamper protection enclosure with temperature sensors to prevent freezing and tamper sensors to detect intrusion when try to Unlock Microcontroller Embedded Memory.
This gives enough time to safely wipe secret key off the microcontroller embedded memory contents. However, designing a device with embedded SRAM having a low data remanence comes at a cost. This often requires modifying the SRAM cells to incorporate an additional destruction signal.
On practice this means that developers have very narrow choice of microcontrollers and system-on-chip (SoC) devices with such capability. For example, Maxim Integrated (former Dallas Semiconductor) offer secure microcontroller DS5250 with two self-destruct inputs which on activation wipe off the memory contents within microseconds.
Data remanence in NVM is usually defeated by several cycles of erasing and overwriting operations. However, this can’t be accomplished in a short time especially for devices with a large memory size which could be a good features for MCU Recovery.
Microcontroller manufacturers do not publish information about remanence effects in their microcontrollers. Of course, a developer can run data remanence tests on a selected batch of suitable microcontrollers. But this would take time and add cost to the design.
The outcome of this research can be used to improve the protection of secure systems which use SRAM as a source of randomness and unique keys. First are used in pseudo random number generators (PRNG) employed in many cryptographic protocols.