Even though encryption would be a part of firmware security, attackers can often sniff the data being passed between two different hardware components. To ensure that none of your sensitive information is getting into the hands of attackers, make sure that you are encrypting data that is in transit as well as at rest.
One of the other things to consider when talking about encryption in embedded devices is the amount of resources it would take to perform a certain encryption function.
Since the devices are low on resources, performing extremely strong crypto wouldn't be feasible-thus, a good balance between encryption and usability should be thought about ahead of time and implemented in the hardware.
If possible and when the chip supports it take advantage of the TPM to store all the various cryptographic keys, which can also provide functionalities such as a root of trust, preventing modifications to the boot up process. Most TPMs support an effective...