You maintain C firmware for an embedded network-security appliance with tight RAM and flash constraints, and a recent build added protocol parsing and telemetry features that pushed memory usage close to the device limit. The device processes untrusted network input, stores short-lived cryptographic material in memory, and must stay stable under malformed traffic without reboot loops or watchdog resets. You need to reduce memory usage without introducing buffer overflows, use-after-free bugs, or secret leakage through logs, heap reuse, or crash artifacts.
How would you optimize memory usage in this firmware while preserving security and operational safety? Walk through the design and implementation choices you would make, the threats those choices mitigate, and how you would verify that the optimized build is still safe under hostile input and low-memory conditions.