AccScience Publishing / IJOCTA / Online First / DOI: 10.36922/IJOCTA025140070
Submit to IJOCTA
Cite this article
22
Download
201
Views
Journal Browser
Volume | Year
Issue
Search
Forthcoming Issue
Current Issue
View All
News and Announcements
View All
RESEARCH ARTICLE

Advancing IoT edge device security: A novel approach integrating lightweight virtualization and trusted execution environments with performance optimization

Ramakrishna Goli1 Aravindhan Alagarsamy1* Kumar Sureshkumar1 Sundarakannan Mahilmaran2 Gian Carlo Cardarilli3
Show Less
1 Centre for Multi-Core Architecture Computation (C-MAC), Department of ECE, Koneru Lakshmaiah Education Foundation, Vaddeswaram, AP, India
2 Department of Mathematics, Sri Sivasubramaniya Nadar College of Engineering, Chennai, Tamil Nadu, India
3 Department of Electronics Engineering, University of Rome Tor Vergata, Via del Politecnico, Roma, Italy
IJOCTA, 025140070 https://doi.org/10.36922/IJOCTA025140070
Received: 3 April 2025 | Revised: 11 September 2025 | Accepted: 18 September 2025 | Published online: 16 October 2025
© 2025 by the Author(s). This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution -Noncommercial 4.0 International License (CC-by the license) ( https://creativecommons.org/licenses/by-nc/4.0/ )
Download PDF
XML
Cite
Abstract

As the Internet of Things (IoT) grows, securing IoT edge devices has become increasingly critical, with threats becoming more sophisticated and frequent. This paper presents a novel security architecture that integrates Lightweight Virtualization (LV) with enhanced Trusted Execution Environments (TEEs), designed specifically to strengthen the security of IoT edge devices. Using ARM TrustZone technology, the proposed approach creates a secure execution environment capable of meeting the real-time performance requirements of industrial IoT applications. The architecture provides end-to-end security through embedded virtualization and trust mechanisms, ensuring protection from hardware to application layers and reducing the risk of unauthorized access and data breaches. Results from rigorous experiments demonstrate the superior performance of the proposed architecture compared to existing security frameworks. The experimental results indicate that the proposed approach offers a 40.93% average latency reduction over existing methods. Furthermore, the proposed approach offers a 19.19% average throughput improvement and a 33.65% reduction in average energy over existing methods.

Graphical abstract
Keywords
IoT security
Lightweight virtualization
Trusted execution environments
Optimization
Funding
The first three authors thank DST-FIST for funding the lab facility for supporting this research under grant number SR/FST/ET-II/2019/450.
Conflict of interest
The authors declare that they have no conflict of interest regarding the publication of this article.
References
  1. Buyya R, Yeo CS, Venugopal S, Broberg J, Brandic I. Cloud computing and emerging IT platforms: vision, hype, and reality for delivering computing as the 5th utility. Future Gener Comput Syst. 2009;25(6):599-616.

 

  1. Puliafito C, Mingozzi E, Longo F, Puliafito A, Rana O. Fog computing for the internet of things: a survey. ACM Trans Internet Technol. 2019;19(2):1-41.

 

  1. Mansouri Y, Toosi AN, Buyya R. Data storage management in cloud environments: taxonomy, survey, and future directions. ACM Comput Surv. 2017;50(6):1-51.

 

  1. Kocher P, Horn J, Fogh A, et al. Spectre attacks: exploiting speculative execution. Commun ACM. 2020;63(7):93-101.

 

  1. Mosenia A, Jha NK. A comprehensive study of security of Internet of Things. IEEE Trans Emerg Top Comput. 2016;5(4):586-602

 

  1. Yang Y, Wu L, Yin G, Li L, Zhao H. A survey on security and privacy issues in Internet of Things. IEEE Internet Things J. 2017;4(5):1250-1258

 

  1. Zhang J, Chen B, Zhao Y, Cheng X, Hu F. Data security and privacy-preserving in edge computing paradigm: survey and open issues. IEEE Ac- cess. 2018;4:18209-18237

 

  1. Zanella A, Bui N, Castellani A, Vangelista L, Zorzi M. Internet of Things for smart cities. IEEE Internet Things J. 2014;1(1):22-32

 

  1. Atzori L, Iera A, Morabito G. The Inter- net of Things: a survey. Comput Netw. 2010;54(15):2787-2805

 

  1. Gubbi J, Buyya R, Marusic S, Palaniswami M. Internet of Things (IoT): a vision, architectural elements, and future directions. Future Gener Com- put Syst. 2013;29(7):1645-1660

 

  1. Catarinucci L, De Donno D, Mainetti L, et al. An IoT-aware architecture for smart healthcare systems. IEEE Internet Things J. 2015;2(6):515-526.

 

  1. Chen N, Chen Y. Smart city surveillance at the network edge in the era of IoT: opportunities and challenges. Smart Cities: Dev Gov Frameworks. 2018:153-176.

 

  1. Junior FM, Kamienski CA. A survey on trustworthiness for the Internet of Things. IEEE Access. 2021;9:42493-42514.

 

  1. Fitwi A, Chen Y, Zhu S, Blasch E, Chen G. Privacy-preserving surveillance as an edge service based on lightweight video protection schemes using face de-identification and window masking. Electronics (Basel). 2021;10(3):236.

 

  1. Gisdakis S, Lagana M, Giannetsos T, Papadimitratos P. SEROSA: service-oriented security architecture for vehicular communications. In: Proc IEEE Vehicular Networking Conference; 2013:111-118.

 

  1. Dimitriou T, Giannetsos T, Chen L. RE- WARDS: privacy-preserving rewarding and incentive schemes for the smart electricity grid and other loyalty systems. Comput Commun. 2019;137:1-4.

 

  1. Wang W, Tornatore M, Zhao Y, et al. Infrastructure-efficient virtual machine placement and workload assignment in cooperative edge- cloud computing over backhaul networks. IEEE Trans Cloud Comput. 2021;11(1):653-665.

 

  1. Liang J, Li K, Liu C, Li K. Joint offloading and scheduling decisions for DAG applications in mobile edge computing. 2021;424:160-171.

 

  1. Al-Habob AA, Dobre OA, Armada AG, Muhaidat S. Task scheduling for mobile edge computing using genetic algorithm and conflict graphs. IEEE Trans Veh Technol. 2020;69(8):8805-8819.

 

  1. Zhang F, Zhang H. SoK: a study of using hardware-assisted isolated execution environments for security. In: of Hardware Archit Support Secur Priv. 2016;3:1-8.

 

  1. Al-Omary A, Othman A, AlSabbagh HM, Al-Rizzo H. Survey of hardware-based security support for IoT/CPS systems. KnE Eng. 2018:52-70.

 

  1. Adams K, Agesen O. A comparison of software and hardware techniques for x86 virtualization. ACM Sigplan Not. 2006;41(11):2-13.

 

  1. Khan MN, Rao A, Camtepe S. Lightweight cryptographic protocols for IoT-constrained devices: a survey. IEEE Internet Things J. 2020;8(6):4132-

 

  1. Madria S, Kumar V, Dalvi R. Sensor cloud: a cloud of virtual sensors. IEEE Softw. 2013;31(2):70-77.

 

  1. Santos IL, Pirmez L, Delicato FC, et al. A re- source allocation algorithm for the cloud of sen Future Gener Comput Syst. 2019;92:564-581.

 

  1. Sahni Y, Cao J, Zhang S, Yang L. Edge mesh: a new paradigm to enable distributed intelligence in Internet of Things. IEEE Access. 2017;5:16441-

 

  1. Hoang TT, Duran C, Serrano R, et al. Trusted execution environment hardware by isolated heterogeneous architecture for key scheduling. IEEE Access. 2022;10:46014-46027.

 

  1. Kumar VB, Chattopadhyay A, Haj-Yahya J, Mendelson A. Itus: a secure RISC-V system- on-chip. In: International System-on-Chip Conference Sep 3 ; 2019:418-423.

 

  1. Haj-Yahya J, Wong MM, Pudi V, Bhasin S, Chattopadhyay A. Lightweight secure-boot architecture for RISC-V system-on-chip. In: Proc International Symposium on Quality Electronic Design; 2019:216-223.

 

  1. Lee D, Kohlbrenner D, Shinde S, Asanovi´c K, Song D. Keystone: an open framework for architecting trusted execution environments. In: Proc of the Fifteenth European Conference on Computer Systems; 2020:1-16.

 

  1. Bahmani R, Brasser F, Dessouky G, et al. CURE: a security architecture with customizable and resilient enclaves. In: of USENIX Security Symposium; 2021:1073-1090.

 

  1. Nasahl P, Schilling R, Werner M, Mangard S. HECTOR-V: a heterogeneous CPU architecture for a secure RISC-V execution environment. In: of the 2021 ACM Asia Conference on Computer and Communications Security ; 2021:187- 199.

 

  1. Costan V, Lebedev I, Devadas S. Sanctum: minimal hardware extensions for strong software isolation. In: of USENIX Security Symposium; 2016:857-874.

 

  1. Xia K, Luo Y, Xu X, Wei S. SGX-FPGA: trusted execution environment for CPU-FPGA heterogeneous architecture. In: of ACM/IEEE De- sign Automation Conference; 2021:301-306.

 

  1. Cilardo A. Memory encryption support for an FPGA-based RISC-V implementation. In: of International Conference on Design Technology of Integrated Systems in Nanoscale Era; 2021:1-5.

 

  1. Aitchison C, Buckle R, Ch’ng A, Clarke C, Malley J, Halak B. On the integration of physically unclonable functions into ARM TrustZone security technology. In: of European Conference on Circuit Theory and Design; 2020:1-4.

 

  1. Armanuzzaman M, Zhao    BYOTee:   towards building  your  own  trusted execution environments  using  FPGA.  arXiv  Preprint. 2022;arXiv:2203.04214.

 

  1. Meng X, Raj K, Ray S, Basu K. SeVNoC: security validation of system-on-chip designs with NoC fabrics. IEEE Trans Comput Aided Des Integr Circuits Syst. 2023;42(2):672-682.

 

  1. Singh SK, Pan Y, Park JH. OTS scheme- based secure architecture for energy-efficient IoT in edge infrastructure. Comput Mater Contin. 2021;66:2905-2922.
Previous article in this issue
Share
Back to top
An International Journal of Optimization and Control: Theories & Applications, Electronic ISSN: 2146-5703 Print ISSN: 2146-0957, Published by AccScience Publishing
We use cookies on our website to ensure you get the best experience.
Read more about our cookies here
Accept