With our growing reliance on computer systems, designers increasingly look to hardware-based solutions for improving security in the face of many cybersecurity threats. Hardware-assisted security can take myriad forms, including integrating hardware components that monitor and respond to unexpected changes in system behaviour. However, systematically making decisions about what types of hardware for security improvement to incorporate, as well as designing and implementing the actual hardware, continues to be challenging. Moreover, the current attitude is that once the hardware has been committed to silicon, it is almost impossible to modify. In this paper, we provide an overview of some of the challenges that designers might face when incorporating hardware-based security approaches into system-on-chip designs and discuss some opportunities for research in this domain. In particular, we focus on design time considerations that can impact the ongoing security of systems in the field.