Modern microcontrollers offer mechanisms to protect memory regions from being inadvertently accessed, either by programmer error or by malice. Until recently, Zephyr was not making use of it. This talk will present the work performed to retrofit memory protection in the Zephyr kernel, discussing the constraints, design decisions (affecting portability, security, and performance), its current state, and the next steps. We will discuss details on a novel method of tracking and validating kernel objects, techniques for defining system calls with a minimal amount of boilerplate code, details on our APIs for managing memory permissions, and implications of the recently unveiled Meltdown and Spectre bugs and their implications for Zephyr.