Most memory devices are notoriously insecure. Some memory devices employ security features to prevent regular device programmers from reading stored data, such as physical fuses on ROMs and boot-block protection in Flash. Reading RAM or other volatile storage areas while the device is in operation may yield temporarily stored data or plaintext components. The Dallas Semiconductor DS2432 EEPROM is an example of a secure memory device that uses the Secure Hash Algorithm (SHA-1) and a user-provided write-only secret to protect stored data. The Atmel CryptoMemory family of devices includes EEPROMs and synchronous and asynchronous Flash with authentication, password, and encryption features. Most standard memory devices do not have this type of functionality and are readable, often in-circuit, with standard tools.
IC delidding, for the purpose of gaining access to the silicon die of the IC, is difficult to perform without the use of proper tools because hazardous chemicals are often required and the underlying die is very fragile. However, many academic institutions have access to such equipment. Decapsulation products are also offered by a handful of companies specializing in failure analysis, including Nippon Scientific and ULTRA TEC Manufacturing. So, although the attacks are advanced, the tools required to perform them are available with proper funding. Additionally, reverse-engineering services are offered by companies such as Semiconductor Insights that aid in functional investigation, extraction, and simulation of ICs.
With access to the die, it is possible to bypass many of the available security mechanisms and determine the contents of the device. Beck's Integrated Circuit AnalysisA Guide to Preparation Techniques  and Kömmerling and Kuhn's "Design Principles for Tamper-Resistant Smartcard Processors"  provide details of such techniques. It is difficult to prevent reading of ROM devices, because each cell is a physical broken or intact connection. However, it is possible to add a top-layer sensor mesh as described in  that may disrupt microprobing techniques of an active attack (e.g., while the device is functioning). This will not prevent an attacker from performing microprobing on an inoperable device (e.g., one whose power has been removed).