Yeah some higher end security chips have passive mechanisms that make the microstructures more delicate and harder to reach and therefore harder to physically read. This is on top of active mechanisms that try constrain operation to well defined range of temperatures, voltage and power conditions to prevent brown out and booby traps that trigger effacement.

You have to disclose a lot of info during the cert process though so I don't think this is too much of a hurdle for big players like the NSA.