Secure Tiny Machine Learning on Edge Devices: A Lightweight Dual Attestation Mechanism for Machine Learning

BACIU Vlad-Eusebiu; An Braeken; Laurent Segers; Bruno da Silva

doi:10.3390/fi17020085

Secure Tiny Machine Learning on Edge Devices: A Lightweight Dual Attestation Mechanism for Machine Learning

BACIU Vlad-Eusebiu, An Braeken, Laurent Segers, Bruno da Silva

Research output: Contribution to journal › Article › peer-review

Abstract

Emerging edge devices are transforming the Internet of Things (IoT) by enabling more responsive and efficient interactions between physical objects and digital networks. These devices support diverse applications, from health-monitoring wearables to environmental sensors, by moving data processing closer to the source. Traditional IoT systems rely heavily on centralized servers, but advances in edge computing and Tiny Machine Learning (TinyML) now allow for on-device processing, enhancing battery efficiency and reducing latency. While this shift improves privacy, the distributed nature of edge devices introduces new security challenges, particularly regarding TinyML models, which are designed for low-power environments and may be vulnerable to tampering or unauthorized access. Since other IoT entities depend on the data generated by these models, ensuring trust in the devices is essential. To address this, we propose a lightweight dual attestation mechanism utilizing Entity Attestation Tokens (EATs) to validate the device and ML model integrity. This approach enhances security by enabling verified device-to-device communication, supports seamless integration with secure cloud services, and allows for flexible, authorized ML model updates, meeting modern IoT systems’ scalability and compliance needs.

Original language	English
Article number	85
Number of pages	27
Journal	Future Internet
Volume	17
Issue number	2
DOIs	https://doi.org/10.3390/fi17020085
Publication status	Published - Feb 2025

Bibliographical note

Funding Information:
This work is part of the COllective Research NETworking (CORNET) project \u201CTrustedIOT: Trusted Computing Architectures for IoT Devices\u201D funded by VLAIO under grant number HBC.2021.0895. This publication is also based upon work from COST Action CA22104 Beingwise (Behavioral Next Generation in Wireless Networks for Cyber Security), supported by COST (European Cooperation in Science and Technology; www.cost.eu) and Cybersecurity Research Program Flanders-second cycle (VOEWICS02).

Publisher Copyright:
© 2025 by the authors.

Access to Document

10.3390/fi17020085

Cite this

@article{06a1df2c62544224ac26fe2b4e7c3722,

title = "Secure Tiny Machine Learning on Edge Devices: A Lightweight Dual Attestation Mechanism for Machine Learning",

abstract = "Emerging edge devices are transforming the Internet of Things (IoT) by enabling more responsive and efficient interactions between physical objects and digital networks. These devices support diverse applications, from health-monitoring wearables to environmental sensors, by moving data processing closer to the source. Traditional IoT systems rely heavily on centralized servers, but advances in edge computing and Tiny Machine Learning (TinyML) now allow for on-device processing, enhancing battery efficiency and reducing latency. While this shift improves privacy, the distributed nature of edge devices introduces new security challenges, particularly regarding TinyML models, which are designed for low-power environments and may be vulnerable to tampering or unauthorized access. Since other IoT entities depend on the data generated by these models, ensuring trust in the devices is essential. To address this, we propose a lightweight dual attestation mechanism utilizing Entity Attestation Tokens (EATs) to validate the device and ML model integrity. This approach enhances security by enabling verified device-to-device communication, supports seamless integration with secure cloud services, and allows for flexible, authorized ML model updates, meeting modern IoT systems{\textquoteright} scalability and compliance needs.",

author = "BACIU Vlad-Eusebiu and An Braeken and Laurent Segers and Silva, {Bruno da}",

note = "Funding Information: This work is part of the COllective Research NETworking (CORNET) project \u201CTrustedIOT: Trusted Computing Architectures for IoT Devices\u201D funded by VLAIO under grant number HBC.2021.0895. This publication is also based upon work from COST Action CA22104 Beingwise (Behavioral Next Generation in Wireless Networks for Cyber Security), supported by COST (European Cooperation in Science and Technology; www.cost.eu) and Cybersecurity Research Program Flanders-second cycle (VOEWICS02). Publisher Copyright: {\textcopyright} 2025 by the authors.",

year = "2025",

month = feb,

doi = "10.3390/fi17020085",

language = "English",

volume = "17",

journal = "Future Internet",

issn = "1999-5903",

publisher = "MDPI",

number = "2",

}

TY - JOUR

T1 - Secure Tiny Machine Learning on Edge Devices: A Lightweight Dual Attestation Mechanism for Machine Learning

AU - Vlad-Eusebiu, BACIU

AU - Braeken, An

AU - Segers, Laurent

AU - Silva, Bruno da

N1 - Funding Information: This work is part of the COllective Research NETworking (CORNET) project \u201CTrustedIOT: Trusted Computing Architectures for IoT Devices\u201D funded by VLAIO under grant number HBC.2021.0895. This publication is also based upon work from COST Action CA22104 Beingwise (Behavioral Next Generation in Wireless Networks for Cyber Security), supported by COST (European Cooperation in Science and Technology; www.cost.eu) and Cybersecurity Research Program Flanders-second cycle (VOEWICS02). Publisher Copyright: © 2025 by the authors.

PY - 2025/2

Y1 - 2025/2

N2 - Emerging edge devices are transforming the Internet of Things (IoT) by enabling more responsive and efficient interactions between physical objects and digital networks. These devices support diverse applications, from health-monitoring wearables to environmental sensors, by moving data processing closer to the source. Traditional IoT systems rely heavily on centralized servers, but advances in edge computing and Tiny Machine Learning (TinyML) now allow for on-device processing, enhancing battery efficiency and reducing latency. While this shift improves privacy, the distributed nature of edge devices introduces new security challenges, particularly regarding TinyML models, which are designed for low-power environments and may be vulnerable to tampering or unauthorized access. Since other IoT entities depend on the data generated by these models, ensuring trust in the devices is essential. To address this, we propose a lightweight dual attestation mechanism utilizing Entity Attestation Tokens (EATs) to validate the device and ML model integrity. This approach enhances security by enabling verified device-to-device communication, supports seamless integration with secure cloud services, and allows for flexible, authorized ML model updates, meeting modern IoT systems’ scalability and compliance needs.

AB - Emerging edge devices are transforming the Internet of Things (IoT) by enabling more responsive and efficient interactions between physical objects and digital networks. These devices support diverse applications, from health-monitoring wearables to environmental sensors, by moving data processing closer to the source. Traditional IoT systems rely heavily on centralized servers, but advances in edge computing and Tiny Machine Learning (TinyML) now allow for on-device processing, enhancing battery efficiency and reducing latency. While this shift improves privacy, the distributed nature of edge devices introduces new security challenges, particularly regarding TinyML models, which are designed for low-power environments and may be vulnerable to tampering or unauthorized access. Since other IoT entities depend on the data generated by these models, ensuring trust in the devices is essential. To address this, we propose a lightweight dual attestation mechanism utilizing Entity Attestation Tokens (EATs) to validate the device and ML model integrity. This approach enhances security by enabling verified device-to-device communication, supports seamless integration with secure cloud services, and allows for flexible, authorized ML model updates, meeting modern IoT systems’ scalability and compliance needs.

UR - https://www.mdpi.com/1999-5903/17/2/85

UR - http://www.scopus.com/inward/record.url?scp=85218632169&partnerID=8YFLogxK

U2 - 10.3390/fi17020085

DO - 10.3390/fi17020085

M3 - Article

VL - 17

JO - Future Internet

JF - Future Internet

SN - 1999-5903

IS - 2

M1 - 85

ER -

Secure Tiny Machine Learning on Edge Devices: A Lightweight Dual Attestation Mechanism for Machine Learning

Abstract

Bibliographical note

Access to Document

Other files and links

Cite this