I understand your concerns only too well.
Wasted a day debugging a multiprocessor system looking through a chain of memory windows spanning across 13 PDP-11 (custom variants).
The code was still visible when I powered the target down! What the heck?
Only to realise I had extended the local cache window a bit too large. Oops.
A simply solution for the MR CLUELESS or myself might be to have a couple of IC pins that disable or change modes in the security blob for the developers in the development phase.
Later on in the silicon Fab during the end of a good test pass, the IC test rig blows a few one-time fuses and then it boots and runs in secure mode forever.
I am not an academic type. But great at turning theory into practical bits that work well. You may need more practical people like me who are also good at writing hardware diagnostics and test code.