1. Introduction

The Internet of Things (IoT) is a comprehensive network of interconnected physical devices equipped with sensors, software, and various communication technologies, enabling them to communicate and share data over the Internet. Powered by smart devices, edge computing (EC), and big data analytics, IoT is transforming both business operations and the interactions between service providers and customers [1]. The number of IoT devices is estimated to nearly double, increasing from 15.9 billion in 2023 to over 32.1 billion by 2030. IoT-based services are rapidly being adopted across various industries and consumer markets, including healthcare, industrial automation, automotive, smart cities, logistics, and agriculture [2,3]. The adoption of IoT has been further driven by the integration of advanced technologies such as 5G, AI, Blockchain, and EC [4,5]. A typical IoT architecture, shown in Figure 1, consists of devices, sensors, and actuators in the perception layer, generating a large amount of data which requires further processing to enable intelligence for service providers and end users. The network layer transports data from the perception layer to the network via gateways that might perform preprocessing and often gather data from other edge devices. Authentication, encryption, malware protection, processing, and initial decision-making are carried out in this layer. The data processing is either carried out in the gateway or the cloud, based on the application and implementation. Cloud computing technology requires sensed data to be uploaded to centralized servers called data centers for further processing, and the results are transmitted back to the device layer. Such a centralized processing approach puts enormous pressure on the communication network regarding bandwidth, latency, and the vulnerability of data security [6].

Centrally located servers at data centers offer poor quality of service (QoS) in addition to the burden imposed on the communication networks, including the following:

Additional costs are involved due to inefficient utilization of bandwidth and network resources;

The idea behind “edge computing (EC)” is to minimize communication latency and bandwidth usage, enable real-time data analysis, reduce operational costs, enhance scalability, and improve service quality [9,10,11,12]. Closer EC proximity to the data sources reduces transmission delays, packet loss, and high energy consumption [10,13,14]. Additionally, EC offers location-aware services and enhances resource allocation by shifting tasks from IoT devices with limited resources to more powerful edge servers [15]. Thus, EC is characterized by its heterogeneous distributed network architecture, large-scale data processing, parallel computing capabilities, and support for mobility services, including location tracking. However, EC increases vulnerability to cyberattacks and threats, as sensitive data are stored and processed in a distributed environment with limited resources, making it difficult to implement complex security algorithms [7,16]. Figure 2 shows an edge-based IoT attack model outlining various threats and vulnerabilities specific to the edge computing environment in the Internet of Things (IoT) context [17].

Additionally, the dynamic nature of the edge in IoT networks makes them more susceptible to security attacks and difficult to protect. Mostly, the data security threats and attacks on EC architecture are placed under four categories, i.e., distributed denial-of-service (DDoS) attacks, side-channel attacks, malware injection attacks, and authentication and authorization attacks [18]. Xiao et al. provide a classification of security attacks in an edge environment under six categories, i.e., DDoS attacks, side-channel attacks, malware injection attacks, authentication and authorization attacks, man-in-the-middle attacks, and bad-data injection attacks [18]. A threat intelligence report from “Netscout” reports an upsurge in DDoS attacks during the second half of 2021. About 9.7 million attacks were identified in 2021, which is 14% higher than in 2019 [19]. The number of malware attacks on IoT devices has grown from 813 million to 2.9 billion from 2018 to 2020 [20]. Current research on EC security and privacy is focused on techniques such as data privacy, lightweight security protocols, artificial intelligence (AI) integration, trust management, and collaborative security. Differential privacy (DP) adds noise to data to protect individual privacy while allowing aggregate data analysis in five critical areas: data transmission, data processing, data model training, data publishing, and location privacy [21,22,23]. Authors of [24] introduce a hybrid differential privacy model combined with adaptive gradient compression, providing stronger protection against inference attacks while transmitting gradient parameters. Implementing secured lightweight encryption and authentication techniques secures data from side-channel and hardware attacks [25]. Samad et al. proposed an anonymous authentication protocol that utilizes elliptic curve cryptography (ECC) and signcryption techniques [26]. Several encryption models have been developed over the years using or combining various techniques like authenticated encryption (AE) with associated data (AEAD) schemes [27].

Trust management is a critical component of EC, involving the processing and storage of data at the network’s edge. Blockchain and distributed ledger technologies (DLTs) enable decentralized, secure, and transparent trust management. Wang et al. introduced a blockchain-based secure data aggregation strategy (BSDA) integrating a security label into the block header, which includes the task’s security level (SL) and completion requirement (CR) [28]. A blockchain-based protocol introduced in [29] supports conditional anonymity and efficient key management, overcoming the limitations of traditional cryptographic protocols. Authors of [30] propose multiple edge blockchains that interact through a cloudlet chain operating independently. Collaborative EC enhances privacy by selectively sharing data or insights among nodes or with the cloud, minimizing overall exposure to sensitive information. Techniques such as federated learning (FL) allow multiple devices to train ML models locally on their data without transmitting the raw data to others. This approach helps organizations comply with data residency and privacy regulations by ensuring that data remain within designated geographic boundaries. Li et al. have developed algorithms based on Multi-Armed Bandit (MAB) frameworks by sharing information about server security risks [31] while proposing an SDN-based framework [32]. Data disturbance and adversarial training methods are adopted in [33] for generating adversarial samples using the Firefly Algorithm (FA).

AI-driven techniques enhance intrusion detection, data confidentiality, and access control in edge environments. Researchers have developed various strategies to secure EC, including machine learning (ML) algorithms and innovative methods like hybrid feature analysis. ML is especially effective in detecting real-time anomalies and potential breaches, offering robust protection against advanced attacks [34,35]. AI chips with computational accelerators like Field Programmable Gate Arrays (FPGAs), Graphics Processing Units (GPUs), Tensor Processing Units (TPUs), and Neural Processing Units (NPUs) are integrated into intelligent mobile devices [36]. Field programmable gate arrays (FPGAs) are suitable for implementing customized hardware logic and real-time image processing for high-performance edge computation [37]. FPGAs’ characteristics suit EC requirements like (i) processing of data streams at lower latency, (ii) adaptability to any algorithm due to their reconfigurable architecture exploiting spatial and temporal parallelism at a finer granularity, and (iii) thermal stability reducing cooling cost [38]. FPGA-based edge devices have proven their resilience to physical and side-channel attacks. FPGAs’ inherent ability to process tasks in parallel and flexibility in handling diverse workloads can match AI and ML algorithms’ computational and processing needs. FPGAs allow greater flexibility in what the processor does, they are very useful in building AI accelerators [39]. The FPGA-based edge reduces the response time by 1.62× for the object application and 1.14× for the face application compared to CPU-based edge offloading in general [40]. Zhao et al. presented a novel approach to secure FPGA-based edge devices using a lightweight hardware-assisted chaos-based stream cipher for protecting FPGA bitstreams [41]. Regarding security, IP protection techniques implemented on FPGA have better flexibility and require no extra resource overhead compared to those implemented on a traditional custom circuit. Ngo et al. implemented a hierarchical decision-making approach combined with an ANN model as a hardware-accelerated framework on the FPGA for real-time detection of network intrusions [42]. An Oscillator Collapse (OC-PUF) designed to utilize manufacturing variations in FPGAs that generate unique responses to input challenges was tested on Altera DE2-115 FPGA boards, achieving an inter-chip Hamming distance of 46.7% [43]. FPGAs can run several lightweight cryptographic protocols simultaneously, in addition to advantages like optimal chip area, speed, and power consumption [44]. Silicon physically unclonable functions (PUFs) implemented on FPGA platforms are flexible, secure, cost-effective, and offer a quick turnaround. FPGA-based PUFs are diverse and effective in IP protection [45], RFIDs [46], secured key generation [47], and remote activation [48].

The remainder of this paper is divided into the following sections. Section 2 discusses the basic edge IoT architecture and key components of the edge ecosystem across three distinct layers of cloud, edge, and devices. Section 3 comprehensively discusses security, privacy challenges, associated countermeasures, and defense mechanisms deployed in an edge paradigm. Section 4 provides the implementation details of PUFs for device-specific authentication schemes in hardware security, digging into the reasons responsible for authentication and trust challenges, access control, and root causes of edge computing security threats, and also proposes future research directions. Finally, we conclude this paper in Section 5.

1.1. Motivation

The primary strength of EC in IoT network security lies in its decentralized architecture. EC reduces the need for data to travel, thus reducing the potential attack surface. Hence, due to its precise control over data processing locations and methods, the EC can uphold data privacy regulations like the General Data Protection Regulation (GDPR) or the California Consumer Privacy Act (CCPA). Therefore, EC enables the implementation of security protocols and analytics directly at the device level, facilitating real-time threat detection and response. EC is expected to possess flexible, lightweight, secure, and self-adaptive data analytics mechanisms based on user data sensitivity. However, the decentralized architecture of EC poses significant trust management challenges due to the issues related to collecting and managing evidence information from edge devices [49]. ML-enabled EC can make data-driven inferences, predictions, and decisions based on acquired knowledge from past data. Also, ML is a preferred choice for IoT services’ privacy and data security due to its analytical capability. However, ML-based security schemes possess serious limitations due to the need for huge training datasets and privacy issues. So, there is an urgent need to devise an ML-based security scheme with low computation and communication costs [50]. ML-based modeling through anomaly detection techniques offers more generic and robust security solutions against unknown attacks. However, ML-based security solutions may be vulnerable to ever-evolving attacks like adversarial ML [51]. With a large amount of data generated by edge devices, there is a need for ML models that can run on resource-constrained edge devices. Also, techniques should exist for compressing the ML models that can make these models lighter and faster while making them suitable for edge deployment. Traditional security solutions rely on cryptographic methods where a secret key is stored within the device. However, the entire security system can be breached if this key is compromised. In contrast, a Physical Unclonable Function (PUF) uses the hardware itself as the medium to generate a unique secret key. The core principle of PUFs is based on the unique, device-level variations introduced during the manufacturing process. PUFs can be applied in various security protocols, including unique identifiers, secret keys, device authentication, intellectual property protection, and pseudo-random bit generators (PRNGs) [52].

1.2. Comparison with Existing Literature

Table 1 lists recently published research articles that comprehensively survey data security and privacy challenges and their mitigation techniques in the context of EC-based IoT services. Topics covered include comprehensive trust management frameworks, mechanisms orchestration, and standardization, software-defined networking (SDN), blockchain, ML techniques, and diverse versions of cryptosystems. PUFs enable the authentication of integrated circuit (IC) chips by exploiting inherent device variations. These features include random delay characteristics of wires and transistors due to process variations during semiconductor manufacturing processes [53]. PUF-enabled RFIDs and processors are under development that can generate cryptographic keys and make physical cloning of semiconductors difficult [47]. Majzoobi et al. published a survey on PUF-enabled security primitives for field programmable gate arrays (FPGAs) that can mitigate IP theft and tampering at HDL, synthesis, and bitstream levels [54]. Edge machine learning (ML) implementation models and architectures were surveyed by Merenda et al. [55]. Edge ML effectively reduces data load on the IoT network while improving privacy. Also, various security aspects, effective countermeasures through edge artificial intelligence (AI), and the potential to improve edge AI through blockchain and Deep Reinforcement Learning are highlighted in [56,57].

Ref. [79] proposes a blockchain-enabled FL-based architecture that integrates blockchain technology with FL for decentralized training and secure data exchanges in UAV networks. The authors of [59] carried out cryptanalysis of a blockchain-based decentralized security solution for EC, i.e., DecChain architecture, using the AVISPA simulation tool. The authentication and transactions between users and service providers are verified through blockchain mechanisms. An overview of the integration between blockchain and EC systems, providing a tamper-proof transaction ledger, is discussed in [61,80]. The survey identifies the critical issues in areas such as scalability, self-organization, security, resource management, and combining blockchain’s consensus algorithms with EC’s dynamic nature. Zhao et al. conducted a detailed study on the benefits of integrating EC with cloud computing and performance issues related to resource management, virtualization, and networking in several sub-aspects [69]. Authors of [71,74] review the integration of intrusion detection systems (IDSs) and ML techniques on known signatures for an adaptive and efficient performance. A Hybrid Intrusion Detection Framework (EHIDF) for addressing security threats in Mobile Edge Computing (MEC) is proposed in [73], utilizing modules like Signature Detection Module (SDM), Anomaly Detection Module (ADM), and Hybrid Detection Module (HDM). The framework was evaluated using the UNSW-NB15 dataset, which includes various attack types. The researchers in [75] implemented a double PUF-based model on the Xilinx Virtex5 FPGA for authenticating edge devices and software (IP cores), achieving a 61.96% reduction in resource utilization along with a performance stability rate of 99.54%. In [76], XORArbiter PUFs were used for authenticating Edge Data Centres (EDCs) and edge devices, with Raspberry Pi devices simulating EDCs. In [77], a 10-transistor SRAM cell was utilized to perform both XOR encryption (PUF) and MAC operations within the same cell, allowing the processing and encryption of DNN model weights. A delay-based PUF, producing a 1-bit signature, was synthesized and configured on a 28 nm FPGA using on-chip resources such as lookup tables (LUTs) and flip-flops, achieving an average uniqueness of 49.7% [78]. A fast and effective data encryption application, called Selective Encryption and Component-Oriented Deduplication (SEACOD) [81], is discussed in context to the EC security [82]. A blockchain-based mutual authentication scheme integrated into certificate-less cryptography, elliptic curve cryptography, and pseudonym-based cryptography that authenticates transactions between edge servers and IoT devices is presented in [83]. Also, the key generation negotiation mechanism while considering IoT devices’ mobility is implemented on hyperledger fabric. A review of the current research status in EC security on access control, key management, privacy protection, attack mitigation, and anomaly detection is carried out in [84]. The authors advocate the need for innovative proposals in EC, as already mature cloud computing does not meet recent challenges and requirements. Access control and key management schemes in Information-centric networking (ICN) and non-ICN infrastructures are based on traditional schemes, and there is a need for newer architectures with lighter encryption protocols. A secure searching scheme for desired data within own/shared data on storage, as well as a searching scheme for IoT smart devices at the edge of cloud-assisted IoT, is proposed in [85]. The researchers claim that their proposed data-sharing mechanism, along with secret and public key encryption, improves data processing time as compared to existing cloud-based systems.

A comprehensive overview of blockchain technology and its application in the network control, storage, and computation at edge nodes, offering network security, data integrity, and computation verification, is presented in [60,61,86]. A blockchain technology integrated into the communication layer of an edge network can manage the radio spectrum and authentication of edge devices, as well as network access control in the network layer [86]. Liu et al. proposed blockchain-based data and energy coins on the distributed consensus principle for the secured data exchange in Electric vehicles cloud and edge (EVCE) computing [58]. Blockchain-based decentralized framework named “DecChain” is proposed to eliminate the need for authentication to access third-party services or resources [59]. Also, hardware-assisted blockchain implementation of a defense-in-depth strategy and proper network segmentation forms the basis for a secured and trusted environment for the unidirectional payment channels is investigated in [62,64]. Infrastructure for cloud access through the adoption of the Secure access service edge (SASE) framework is used for developing strategies for threat and intrusion detection, network segmentation, and defense in depth (DiD) [65,66].

1.3. Novelty and Contribution

The geographical distribution of edge devices increases the chances of security risk as well as physical interference or damage. In addition, remote accessibility of edge devices presents opportunities for data theft and sabotages corporate operations. There are numerous research works available in the literature that address the above-discussed issues. Some of the research publications are survey conclusions related to the security aspects of IoT networks without any specific consideration of EC-assisted network deployments. The contributions made in this survey are listed below:

We present a summary as well as detailed scrutiny and analysis of security and privacy-related issues about EC-assisted IoT services. Also, security objectives and functions on EC-based IoT applications are discussed.

2. Edge Computing

The enormous volume of data generated at IoT sensing nodes can overwhelm any commercial network, bringing all activities on the network to a halt. This leads to increased IT costs, dissatisfied customers causing financial and reputational losses, poor productivity in the industry, and, most importantly, health and safety concerns [87]. EC is the real-time analysis, processing, and storage of data at a location near the source of data where they are generated. Therefore, EC utilizes the available technology that moves computation nearer to the network edge. This involves handling downstream data for cloud services and upstream data for IoT services. [8]. EC brings computational services, data storage, and retrieval as well as diverse enterprise applications close to the actual consumers of information. We can summarize the benefits of EC as it eases the load on the network, cloud, and data center systems while mitigating latency concerns, offers quicker responses, improves application performance and customers’ experience. An edge computing platform provides its services by [88]

processing the sensed data away from the central cloud or data center in real time;

There are numerous applications and services, such as industrial automation, virtual reality, real-time traffic management, data analytics, and home automation, that leverage the capabilities of EC. These capabilities include features like mobility support, situational awareness, minimal latency, and proximity to edge nodes or users [89]. Edge computing complements cloud computing services through improved user experience in the delay-sensitive application as well as offloading the cloud platform [90]. Although there exist similarities between edge and cloud computing, certain distinct characteristics set them apart from each other. The location of EC and cloud computing layers in an IoT network is distinctive. Cloud is located significantly from the nodes/users’ location and induces high latency compared to EC. Location awareness and mobile support are possible in EC as it is based on a distributed computing model compared to a centralized model of cloud computing [91]. An EC is a subset of cloud computing that comprises hosting diverse services and applications in proximity to sensing nodes and users. As shown in Table 2, there is a significant difference between cloud computing and EC. Also, an edge (location) is different from EC (action). Data collection at the edge (location) and forwarding it to a cloud with limited data processing is not considered to be EC. It is just a case of networking. However, EC occurs if data collection and processing are carried out at the edge of the EC.

2.1. Edge Architecture

Several architectures are proposed for the deployment of the EC layer, but they lack clear definitions and distinctions among nodes. Recent surveys conducted by researchers on EC architectures contain numerous outlooks such as mobile edge cloud servers and networks, application specificity, and considerations regarding resource type, resource management objectives, resource location, and resource utilization. Also, architectural-related challenges like scalability and heterogeneity are elaborated. Premsankar et al. classified all such edge architectures under three categories, i.e., based on the location of resourceful servers from edge devices, resources from heterogeneous edge nodes, and classes of resources at edge and data centers [13].

Figure 3 illustrates a fundamental three-layer architecture for EC. This structure establishes a connection from devices to an edge server, which in turn links to the entire network, encompassing both the cloud and data centers. Within this type of EC architecture, the edge server is situated in a fixed physical location and boasts significant computational capabilities, albeit less powerful than the conventional data centers employed in cloud computing. Furthermore, there is a discernible demarcation between the device level and the edge level, which includes the presence of edge servers [92,93]. The lowest layer includes the IoT sensing nodes responsible for the ingestion of data and applications. It includes IoT devices like cameras, sensors, controllers, industrial machines, etc. The middle layer includes the edge computing infrastructure for data processing, routing, and computing operations. Data generated at the device layer undergo aggregation, analysis, and processing at the edge servers before being transmitted to the upper layer or returned to the device. Although edge computing servers have lower computational ability than cloud servers, they offer better quality of service (QoS) and lower latency than cloud servers. At the topmost layer, there are cloud data centers involving a central data center and interconnected regional data centers. Even in an EC architecture, cloud data centers persist to serve a crucial role as storage places of information. This layer is accountable for tasks such as data analytics, artificial intelligence, machine learning, visualization, and more.

2.2. Edge Computing Challenges

EC is characterized by higher bandwidth, lower latency, and real-time services, but it is still in the development stages and lacks a well-defined standard framework. As illustrated in Figure 4, the number of edge devices is experiencing rapid growth, creating significant challenges for cloud servers in handling real-time data processing. Statista projects that by 2030, there will be approximately 6.5 billion consumer-focused edge devices, with their average processing speeds advancing exponentially. As a distributed computing technology, EC necessitates well-defined deployment strategies for application workloads on edge nodes. Deployment strategies should be able to answer key questions like where to place a workload, connection policies, and heterogeneity of nodes [94]. EC-driven IoT services create management challenges that organizations should overcome to ensure resilient and reliable operations. Equipment suppliers, service providers, and software vendors are required to work collaboratively to offer cohesive interoperability between various network functions and seamless integration from across edge-to-cloud infrastructure. These factors present challenges in deploying, scaling up, and managing the EC paradigm [95].

Some of the challenges that must be addressed for the widespread adoption of edge computing are discussed below.

Heterogeneity. Many hardware devices and communication standards of diverse natures are deployed at edge networks [96]. EC exhibits heterogeneity across multiple dimensions, including hardware architecture, operating systems, programming languages, accessibility, and the nature of tasks [97]. First, edge devices are diverse, generating data in various formats. Second, data are transmitted through various network access technologies, including 3G, 4G, 5G, WiFi, WiMAX, and LPWAN technologies like Sigfox [98]. Third, the heterogeneous edge nodes providing services encompass a variety of devices such as end-user devices, access points, routers, and switches [49,91].

3. Security and Privacy Challenges

The first level of data processing is at the edge of EC, making them vulnerable to security attacks and data theft associated with end users. Security measures adopted in IoTs include advanced security algorithms like attribute-based access control, authentication based on group signatures, homomorphic encryption, and techniques based on public-key cryptography. Such algorithms demand sizable computational capabilities and memory availability on the devices where they are deployed [107]. The cloud can host almost unlimited resources like memory, computing capabilities, power, etc., but lacks real-time user experience due to its physical distance from IoT end devices. Some research efforts have been made in developing and deploying edge-based security architecture designs like firewalls, Packet filters, intrusion detection systems, side-channel signal analysis, authentication and authorization protocols, privacy-preserving mechanisms, real-time traffic monitoring systems (RTMSs), and cryptographic schemes. Adversaries use various hardware- and software-based techniques to falsify, change, steal, or remove data within edge networks and infect and manipulate edge nodes, devices, or servers found at the edge [112].

Numerous security threats that can compromise user privacy and data integrity or disrupt critical services exist in the edge device layer, communication layer, and edge computing layer in the EC paradigm of IoT network [7,16,113,114]. The commonly identified edge/communication network attacks are eavesdropping, replay attacks, denial-of-service, and jamming [9,115]. The vulnerabilities associated with various edge peripherals within the computing layer are mostly DoS and DDoS attacks [116], whereas ref. [18] has placed DDoS attacks, side-channel attacks, malware injection attacks, and authentication and authorization attacks under the EC infrastructure layer.

However, the research outcomes for edge-based IoT security remain in the early stages of development [107,117]. Initially, EC was assumed to be resilient against cyberattacks since user data no longer needed to travel to cloud servers. Nonetheless, the edge network layer’s dynamic nature makes it susceptible to data security threats, as unified security protocols cannot be uniformly applied [118]. Numerous factors contribute to data security and privacy concerns in EC. The vicinity of end users to edge nodes increases the risk of data interception by adversaries. Additionally, the constrained memory and processing capabilities of edge devices, when compared to cloud computing, impede the application of complex encryption techniques and thus aggravate security challenges [119]. It is essential for all stakeholders within an EC ecosystem, like service providers, system and application developers, and end users, to appreciate data security’s ethical, legal, and financial implications. Another pressing concern is determining the ownership of sensitive data collected at edge nodes [120]. Mukherjee et al. proposed a layered security framework shown in Figure 5 implemented on cloud EC architecture [121]. Authentication features are implemented at every layer to ensure that only verified end devices can access cloud and edge services. Additionally, location-specific EC is applied at the edge and end-device levels to safeguard user privacy. Moreover, firewalls and intrusion detection systems deployed in both cloud and edge infrastructures help identify and thwart network intrusions. Common security components can exist across multiple layers due to network layer and device requirements, and their purpose and functionality might differ [121]. Robust cryptographic techniques are needed in the cloud edge collaborative architecture, as a huge amount of data flows through unsecured or least secure public channels with a higher probability of privacy leakage and unauthorized data access [122].

Implementing a uniform security strategy across all edge nodes is extremely difficult due to their management by various users. Wei Yu et al. proposed a problem space of EC-based IoT security defined over three distinct classes, i.e., transmission, storage, and computation [6],

Transmission: Jamming attacks, sniffing attacks, worm propagation, distributed denial-of-service (DDoS), and similar assaults can disrupt data links by choking the network or observing the data flow.

3.1. Classification of Edge Computing Security Threats

According to Statista’s 2017 report, approximately 159,700 cyberattacks targeted edge networks and were grouped under six distinct groups: side-channel attacks, malware injection attacks, DDoS attacks, man-in-the-middle attacks, authentication and authorization attacks, and corrupt data injection attacks. The percentage share of each class of attacks is shown in Figure 6. User privacy and data security are the most important factors from the service provider’s perspective. Sensing network data can extract a lot of private and vulnerable information. For example, access to the data from the electricity and water meters can provide information about the occupancy of a house. There are still open challenges that need to be answered by the EC service providers to protect user-sensitive data.

Figure 7 shows a classification of security and privacy threats, listing their types and origins across various levels and layers within EC networks. All stakeholders in EC, including service providers, system and application developers, and end users, must realize their responsibility against data security threats. Another essential data privacy and security issue is establishing the ownership of collected data at the network edge. A suggested solution is to collect and store data at the edge while leaving ownership to the user. Capable tools and technologies are needed to ensure data privacy and security while meeting EC requirements. Edge nodes are resource-constrained, making deploying advanced data security measures difficult due to their resource-intensive nature. Furthermore, the dynamic nature of the location at the network edge increases vulnerability to security attacks and illegal access to user data. Table 3 summarizes the security and privacy challenges as well as corresponding mitigation techniques against jamming attacks, distributed denial of service (DDoS) attacks, eavesdropping or sniffing, routing information attacks, physical attacks, and privacy leakage.

Table 4 lists some possible countermeasures against security attacks on edge networks.

3.2. Mitigation Strategies Against EC Security Challenges

The countermeasures against security and privacy challenges in an EC-driven IoT network are discussed in numerous works of literature and can be summarized and placed under classes as shown in Table 5.

Cryptographic schemes: The edge layer, which includes local data centers, as well as sensing devices, is vulnerable to security threats. These edge devices need cybersecurity solutions within limited storage and computation capabilities. A Zero-Trust approach is recommended for securing data in the EC paradigm, with an assumption that all devices have been compromised and all access has to be strictly monitored and authenticated. The standard encryption/decryption methods are memory- and computing-exhaustive [128]. ISO/IEC 29192, Lightweight cryptography is a cryptographic algorithm meant for implementation in constrained environments, including RFID tags, sensors, contactless smart cards, healthcare devices, etc., for the protection of communication protocols.

3.3. AI Role in EC Security

Edge intelligence, or edge AI, represents the blending of machine learning (ML) or artificial intelligence (AI) with EC. Edge AI enables both model training and inference directly at the edge through collaboration between edge devices or utilizing local edge servers near the devices [143]. It is significant for adopting self-learning security solutions at the edges, thus fostering the development of adaptive and autonomous security mechanisms capable of addressing emerging threats in real time [144]. AI algorithms can handle highly unpredictable and complex data while ensuring data security against advanced and evolving threats [145]. Edge intelligence implies a network of interconnected systems and devices conceived for data collection, storage, processing, and analysis near the physical location where the data are generated. This methodology aims to enhance the quality and speed of data processing while improving data privacy and security by preserving sensitive information nearer to its source [146]. The convergence of AI and EC is seen as a natural progression due to their clear intersection. EC is centered around coordinating numerous collaborative edge devices and servers, while AI aims to infuse devices with intelligent behavior by learning from data, thereby simulating human-like intelligence.

AI is important in ensuring data security through its advanced data processing and pattern recognition capabilities [147]. The taxonomy of AI presents numerous techniques like machine learning (ML), Deep Learning (DL), Natural Language Processing (NLP), Computer Vision (CV), and Robotics [148]. A Venn diagram shown in Figure 9 demonstrates the relation between artificial intelligence (AI), machine learning, deep learning (DL), data science, and data mining techniques [149].

Machine learning (ML), a subset of AI, learns from past data, whereas deep learning (DL), a more specific area within ML, processes data using several nonlinear transformations. DL, compared to traditional ML methods, has demonstrated a remarkable ability to extract and process data, but it also requires sizable computational resources [150]. Decentralized deep learning (DDL), like federated learning (FL) and swarm learning, is a promising tool in securing the data processing at edge devices [151]. ML algorithms for data security can broadly be categorized into transaction algorithms and decision algorithms. Transaction algorithms handle data exploration and preprocessing tasks, while decision algorithms are used to manage business decisions [152]. A major advantage of DL over traditional ML techniques is its ability to automatically extract complex, high-level features from data. DL uses hierarchical neural network models that automatically learn from unstructured data, such as images, sound, text, and video [35]. Wang et al. have discussed numerous techniques which optimize DL models for EC, such as model pruning, quantization, early exit methods, and approaches in DL tasks distribution between cloud and edge nodes [102]. Data science covers various aspects of data processing, including collection, storage, analysis, cleaning, visualization, interpretation, decision-making, value creation, and effectively reporting relevant insights. Data mining aims to uncover newer, hidden patterns and knowledge from data [153].

AI and EC are mutually beneficial to each other as they enable real-time dynamic adjusting and self-optimizing execution of IoT applications. The bottom-to-top arrow shown in Figure 10 represents optimization and the development of EC that requires the assistance of AI algorithms (e.g., computation offloading optimization). Alternatively, the top-to-bottom arrow indicates the need for EC deployment closer to edge devices, hence meeting the latency-sensitive requirements of AI applications [154]. Deng et al. have placed edge intelligence in two groups. The first group, named “AI for Edge”, or Intelligence, enables EC and utilizes AI technology in resource allocation, whereas the second group, “AI on Edge”, or AI models at the Edge, carries out training of the models and inference at the edge [36]. A hierarchical framework proposed in [155] distributes data fusion and AI processing across three levels, i.e., edge nodes, edge servers, and the cloud. Data fusion eliminates data redundancy by combining data from multiple sources and thus improving AI performance. The authors of [156] proposed a hybrid learning framework, as current AI-based anomaly detection systems often report false detections. The proposed framework utilizes the Stackelberg game model combined with expert-guided ML rules for higher detection accuracy and minimal false detections. Mitigation techniques against data security and privacy threats are grouped into software-based and hardware-based approaches. In software-based security mechanisms, authentication keys are stored in the non-volatile memories of devices. However, innovations in hardware designs and computational abilities have facilitated data adversaries to breach the security measures adopted under software approaches. Alternatively, hardware-based techniques utilize dedicated hardware-integrated circuits or processors to accomplish cryptographic functions and store access keys. One of the principal challenges with hardware-based security techniques is their susceptibility to man-in-the-middle attacks. In such attacks, hackers can clone the device if the hardware security module becomes compromised. To address these limitations, Gassend et al. proposed hardware-based physically unclonable functions (PUFs) as a security primitive [157]. PUFs leverage intrinsic manufacturing alterations within devices to craft a unique fingerprint of the hardware, rendering it extremely challenging for hackers to reproduce these intrinsic characteristics. However, data acquired from PUFs are vulnerable to environmental factors and the physical conditions of the tested devices. Subsequently, numerous versions of PUFs have been proposed in the literature to enable device identification and authentication, compliant with a tolerable margin of error [158].

3.3.1. Machine Learning for Data Security and Privacy

Machine learning (ML) indicates algorithms and statistical models for carrying out specific tasks without explicit instructions. An ML algorithm puts up a mathematical model of user data, also known as a “training set” capable of making predictions or decisions. ML can be used to detect suspicious activity by analyzing user behavior to detect patterns that may indicate malicious activity and ensure data security and privacy requirements [159]. Machine learning (ML) techniques have the potential for enhanced detection of data security and privacy threats while dealing with huge amounts of data coming from IoT end devices. Rigaki et al. mention that the training dataset utilized in the development of ML models is itself vulnerable to a possible data security threat [160]. Usually, the data owners and end users are against the sharing of their sensitive data, which becomes a bottleneck in the development of trusted ML models. To circumvent such issues, classification protocols utilize ML classifiers over encrypted data to protect the privacy of end users and service providers.

The training approach in centralized ML modeling involves the collection as well as the storage of data in a central location or server. Additionally, in a centralized approach, the intended model is trained using a complete dataset on a central server. This type of approach is practical when the training entity owns the data or has authorization to use it. As shown in Figure 11a, each participant computes their part of the ML model, and subsequently a reduced function finalizes the desired model. However, this technique has disadvantages, including privacy issues due to the distribution of sensitive data with a central cluster of servers and the training process becoming a bottleneck as the dataset grows. Various researchers have proposed an edge-based security system by combining ML with cryptography techniques, which monitors and detects suspicious activities on the network and takes appropriate countermeasures. The deployed ML models include Support Vector Machine (SVM), K-Nearest Neighbor (KNN), and Long Short-Term Memory (LSTM) [161,162].

A huge amount of data is required for the training of AI models, and quite often, user-sensitive data become exposed in the process. The integration of AI models with differential privacy ensures the accuracy of models with or without the inclusion of user-sensitive data. The traditional ML models might be robust against data attacks but lack feature extraction from the data and fail to detect attacks that have undergone minor modifications [154]. The study in [163] reviews ML frameworks like TensorFlow Lite, Apache MXNet, and Core ML, along with hardware platforms such as Nvidia Jetson and Google Edge TPU, focusing on their efficiency and accuracy in data processing within edge environments.

3.3.2. Federated Learning

Google has proposed a distributed ML scheme called federated learning (FL) which requires a local ML model at each data site. Later, it trained a complex ML model on an aggregating centralized server [164,165]. FL allows the training of AI models without the need to transmit sensitive data to third-party servers. However, FL networks need a large number of heterogeneous distributed devices, which reduces their communication efficiency. To circumvent the problem of channel efficiency, Feng et al. have proposed a Hierarchical Federated Learning (HFL) framework with an intermediate model aggregator [166]. In a typical distributed learning environment shown in Figure 11b, each participant has access to a local dataset, and the parameter server coordinates the participants. The parameter server in the role of an aggregator has no control over or access to the data stored on participants. The aggregator server selects participants and aggregates the updated model parameters from the intended participants. Secure model transmission to the server is achieved using cryptographic techniques like Secure Multi-Party Computation (SMC), Differential Privacy (DP), Homomorphic Encryption (HE), etc., among multiple clients without revealing any classified data to each other. Hence, FL has reduced the communication overhead due to the processing of data locally and can offer data privacy and security. Integration of blockchain technology with the FL takes data security to the next higher levels [167]. Blockchain prevents security and privacy threats with its decentralization, immutability, consensus, and transparency characteristics [168]. Among the challenges that FL faces, resource constraints stand at the forefront due to limited power computing nodes and slower communication links. Hence, the FL process at the edge node may take a longer time than expected, as well as energy overheads. Each data source frequently communicates with the central server as the FL model needs to be updated repeatedly and continuously, and there is a higher probability that some nodes upload wrong or old model parameters [169]. A lightweight protocol using secret sharing and a weight masks-based framework is proposed in [170] which protects gradients during FL against attacks like replay and gradient leakage attacks without compromising the model’s accuracy.

3.3.3. Multi-Access Edge Computing

Cloud computing capabilities are brought to the edge servers or nodes in a Multi-access Edge Computing (MEC) network shown in Figure 12. MEC exists between the central cloud servers and edge nodes primarily for managing and processing huge amounts of raw data generated from IoT edge devices [171]. It comprises four functional layers, i.e., end devices or hosts, access network, edge network, and core infrastructure. The hosts are connected to the access network, serving as the connection between the functional layers and the Internet. Radio access networks (RANs) establish a connection between the hosts and the remainder of an operator’s network. MEC has the potential to improve the quality of service by reducing the end-to-end latency between the edge nodes and data processors, as well as improvement in data security and privacy. MEC also fosters data encryption, authentication, and access control at the edge, thus ensuring authorized access and processing of the data. MEC is deployed either by Mobile Network Operators (MNOs) or by private cloud service providers closer to end customers and has less latency and higher availability [172]. Previous research works focused on resource allocation algorithms rather than ensuring the security of MEC servers and end devices. Of late, limitations of mobile devices and support for resource-intensive applications were introduced by Mobile Cloud Computing (MCC). MCC supports extended battery lifetime, unlimited storage on demand, improved processing capability, and self-service provisioning.

Due to the distributed, small-scale MEC infrastructure, there is less concentration of significant data, thus there is less chance of security and privacy-related attacks. Also, there is a possibility that MEC servers are owned privately, which eases data privacy concerns. For example, the enterprise deployment of MEC skips uploading of users’ classified data to remotely located datacentres, as the enterprise administrator manages the authorization, access control, and classifies different levels of service requests at its discretion without involving external parties [173]. MEC can introduce newer classes of services, but its unique characteristics open new types of security and privacy challenges. A huge amount of heterogeneous data generated at IoT edge nodes aggregated, stored, transmitted, and utilized in MEC networks may suffer data leakage incidents [174].

3.3.4. Data Anonymization Techniques

Data anonymization is a privacy-preserving technique that masks or removes personally identifiable information (PII) from a dataset to protect the privacy of the users. The user identifiers or PII fall under the direct and indirect identifier types. The attributes that can directly identify a user, such as names, addresses, photos, etc., are direct identifiers, whereas indirect identifiers relate to the attributes that identify users by establishing a relation with other available datasets, like age, salary, occupation, etc. The anonymization techniques have an edge over other privacy-enhancing techniques like encryption, as they do not require key management and large computational resources. However, data anonymization techniques are an irreversible process that provides privacy, but confidentiality or integrity remains unanswered [175]. In recent times, numerous data anonymization techniques have been proposed, including privacy-preserving mechanisms implemented through data masking, pseudonymization, generalization, perturbation, synthetic, etc.

Data masking: Data masking is a technique of concealing data by creating faux versions of sensitive user data by modifying private information. The process involves modification techniques like shuffling, modest word or character substitution, encryption, or masking data. Common types of data masking are static, dynamic, and on-the-fly data masking.

Certain limitations and disadvantages of data anonymization techniques exist, as they reduce the granularity and accuracy of the data. This may damage the relationships between the data points, which is critical for artificial intelligence algorithms or any other data science process. Also, data anonymization techniques can be reverse-engineered by gaining access to external or pseudonym databases.

3.4. Intrusion Detection System

An intrusion detection system (IDS) is a software or hardware-based system, able to detect malicious activity in an IoT network [178]. Also, IDS can track down any violations in the established network protocols or anomalies. Upon threat detection, IDS has two possible responses [179]:

Issue alerts: This class of responses comes from passive IDS systems that issue security alerts via email or text messages. Also, a notification is issued to the security information and event management (SIEM) system, which helps security teams detect user behavior anomalies and apply AI for threat detection and incident response.

A typical IDS system has three significant units that monitor the network traffic, detect any suspicious activity, and trigger an alert. An IDS can be active, also known as an Intrusion Prevention System (IPS), or passive. An IPS monitors the activities at the system or network level and issues real-time countermeasures in case of threat detection. On the other hand, a passive IDS detects suspicious activity and just alerts the administrators without taking any corrective actions [180]. Traditional IDSs were originally designed for conventional networks but struggled to adapt to the diverse and complex IoT ecosystems. These legacy IDSs proved insufficient in addressing security threats posed by advanced and constantly evolving attacks, such as zero-day exploits. The vast amount of data generated within IoT environments, coupled with highly variable traffic patterns, makes it challenging for IDSs to accurately distinguish between legitimate and malicious activities, increasing the likelihood of errors [181].

In contrast, machine learning (ML)-based IDSs provide more adaptable, scalable, and intelligent solutions to tackle the dynamic nature of IoT security threats. Linear Support Vector Machines (LSVMs), a type of ML algorithm, are commonly used for classification tasks, including intrusion detection, due to their effectiveness in identifying patterns and anomalies [182]. A classification of IDS based on four main characteristics, i.e., detection method, source of collected data, type of architecture, and response type, is shown in Figure 13. Host-based IDS (HIDS) sits on the host computer and detects malicious behaviors for a single host only. HIDS attempts to detect the presence of unwanted applications in a computing system by analyzing the local data, application registers, log access, and system calls. On the contrary, network-based IDS (NIDS) focuses on detecting malicious patterns in network traffic [183,184]. IDSs normally use one or both of the two primary threat detection methods: signature-based or anomaly-based detection [185].

3.4.1. Signature-Based Intrusion Detection System (SIDS)

SIDS, also known as knowledge-based detection or misuse detection, works on a pattern matching technique to find similar known attacks in the past. An intrusion signature is matched with a database of previously known signatures, and an alarm is raised in the event of a match. In SIDS, host’s logs are compared to identify sequences of commands or actions which have previously been identified as malware [178]. Techniques used for generating signatures for SIDS include state machines, formal language string patterns, or semantic conditions. Traditional SIDSs match network packets against a database of signatures and are unable to identify attacks that span over numerous packets. Also, “zero-day” attacks have left SIDS techniques less effective, as there is no prior signature for such attack types. Also, polymorphic malware frequently changes its identifiable characteristics and undermines the adequacy of the SIDS traditional approach [186]. The authors of [187] reported the detection ability of SIDS against web-based Uniform Resource Identifier (URI) attacks. Three open-source SIDS, i.e., Snort, ModSecurity, and Nemesida, were tested against seven attack datasets using predefined rulesets. The results revealed that untuned SIDSs with the least sensitive configurations were able to detect only 6–8% of attacks, while the most sensitive ones achieved 73–83% with a much lower precision rate of 0.015, thus generating impractical alert volumes.

The researchers have deployed classification models using supervised ML techniques and used a Naive Bayes algorithm-based characterization approach in the probability estimation using network data traffic characteristics. The Naive Bayes algorithm can detect DDoS, DoS, and Code injection attacks on KDD CUP 1999+NSL, UNSW-NB15 datasets. Decision trees are implemented on CICIDS 2017, BOT-IoT, KDDS99, NSL-KDD datasets in identifying attacks such as Sybil, flooding, and spyware threats. SVM utilizes UNSWNB15, KDDCUP99, NSL-KDD, and NOT-IoT datasets in the detection of man-in-the-middle attacks, DoS, DDoS, and tampering. Also, DL techniques like Deep Neural Networks (DNNs), Convolutional Neural Networks (CNNs), and Recurrent Neural Networks (RNNs) are preferred over ML-based approaches while dealing with larger datasets [188,189].

3.4.2. Anomaly-Based Intrusion Detection System (AIDS)

A statistical or knowledge-based ML model is developed in AIDS to detect any significant deviation from the normal behavior, also known as an anomaly. AIDS can be further classified under statistical-based, knowledge-based, and ML-based technique groups based on specific training methods, as shown in Figure 14. A statistical model of normal user behavior is developed from the datasets collected in a statistics-based approach. A knowledge-based method detects desired actions using available system data, such as protocol details and network traffic samples, while an ML approach develops advanced pattern recognition abilities from its training data. There are numerous techniques proposed in the past to model malicious behavior. One of the simplest approaches is based on statistical methods like threshold crossings. However, currently used methods tend to improve traditional detection rates by exploiting the AI capabilities, in particular ML algorithms with an accuracy beyond 95% and much lower false-negative rates [190].

Statistical AIDS: A distribution model of a normal behavior profile is created, and events with lower probabilities are singled out as potential threats. Thus, individual packets are monitored to estimate their statistical metrics, such as the median, mean, mode, and standard deviation, to detect deviations from established normal behavior. A univariate class focuses on a single variable analysis, while multivariate models establish the relationships between two or more variables. In a time series model, the observations are made at set time intervals, and any new or different observation is considered dubious if its probability of occurrence at that given time is too low.

Physical Unclonable Function (PUF) is an alternative authentication scheme without any cryptographic assets burdening the resource-scarce IoT devices.

4. Hardware Security

Edge devices are highly distributed and exposed to numerous threats, including physical tampering, data breaches, and remote cyberattacks. These devices lack standard security practices, deploy heterogeneous communication technologies, and have scalability issues [193]. Thus, strong security measures are required at the hardware level to secure sensitive data and to restrict unauthorized access [194]. Hardware security threats can infiltrate edge devices at any stage of the semiconductor lifecycle, from specification and fabrication to recycling. These threats may arise from unintended design flaws, system side effects, or deliberate malicious modifications during the design process [195]. Both hardware- and software-based mitigation techniques are used to reduce or randomize the vulnerable signal footprints [196]. A widely used authentication technique for edge devices is challenge–response protocols, mostly based on cryptographic primitives and secret keys. However, implementing these protocols on resource-constrained IoT devices remains a challenge, and the probability of physical threats like direct probing and side-channel attacks is high. Subsequently, a new security primitive, known as PUFs, arrived that offers secure key storage and lightweight authentication [197].

Hardware attacks can be placed into two distinct categories: non-invasive and invasive attacks, based on the level of physical impact on the device [198]. Common hardware security protocols utilize encryption techniques like the Advanced Encryption Standard (AES) and Elliptic Curve Cryptography (ECC) that can be placed under private and public-key encryption. A Hardware Trojan (HT) is a malicious alteration during the chip fabrication stage that might compromise its functionality or spy on encryption keys and forward sensitive chip data to unauthorized devices. HT detection techniques are placed under destructive or non-destructive approaches. Destructive detection includes reverse engineering techniques, such as dismantling IC architecture with Chemical Mechanical Polishing (CMP) and Scanning Electron Microscopy (SEM). However, non-destructive methods analyze IC during the pre-silicon or post-silicon stages. Pre-silicon analysis benchmarks the IC against a fully defined model, while post-silicon analysis includes logic testing and side-channel analysis [199]. The IC supply chain faces security challenges in addition to HT at various stages, including IP piracy, IC cloning, hardware backdoors, and counterfeit chips. On-chip aging sensors can pick counterfeit chips while split manufacturing mitigates IC overproduction and IP piracy issues [200].

Figure 15 lists a broad classification of hardware security threats and corresponding countermeasures available. Reverse engineering (RE) analyzes and decomposes edge devices’ design and behavior by extracting confidential data or intellectual property [201]. RE is accomplished by examining various design formats, such as RTL, netlist, layout (GDS-II), mask, or fabricated ICs [195]. It is viable to reverse-trace and refabricate the design, which can be further reused or enhanced [202]. To restrict RE in IC design, hardware obfuscation is the preferred technique that conceals its functionality by placing the logic elements in a random fashion, irregular routing, varying doping concentrations, manipulating dielectric properties, and more [203]. Camouflaging is another option that enables two functional modules to appear identical at the layout level [204]. The adversaries do not physically damage the IoT devices in Side-Channel Attacks (SCAs) nor intervene with or modify the system’s operation. SCAs passively monitor specific parameters from sensors or networks, like power consumption, the timing of cryptographic operations, electromagnetic emissions, or acoustic signals [205]. The mitigation techniques against passive SCAs are classified into two groups: hiding and masking. Hiding methods are used for breaking the relation between the processed data and the side-channel leakage, while masking methods disconnect the actual data from the processed data [206]. Counterfeiting is the duplication of hardware devices by cloning or altering the designs without the approval from its creator. It may lead to functional failures in systems and processes but also negatively impact the sales and profits of the businesses involved. The broader consequences of piracy acts extend to public health, safety, and security [207]. The detection of counterfeit devices is difficult as their response against test inputs remain undisputed even in extensive functional testing. However, these counterfeit devices might have hidden malicious characteristics with intentional malfunctions like “back door” for accessing sensitive data [208]. Hardware metering and auditing is a key defense mechanism against hardware counterfeiting, involving tracking of devices. Certain properties of ICs, like negative temperature bias instability (NBTI), hot carrier injection, and electromigration can be monitored by sensors to identify counterfeit or previously used ICs [209]. PUFs are becoming an integral part in security applications, including chip identification and authentication, secure key generation for lightweight encryption, prevention of hardware piracy and counterfeiting, hardware metering, and intellectual property protection [203].

4.1. Physical Unclonable Functions (PUFs)

Authentication, authorization, and privacy are three essential requirements in an IoT network. Physical Unclonable Functions (PUFs) exploit the inherent randomness created during manufacturing to offer a unique “digital fingerprint” for authentication and secret key storage. Each chip has its fingerprint like those in humans, which is created during the fabrication processes. PUF circuits are triggered by a sequence of input bits known as challenges ($C_x$) and respond with a sequence of output bits called responses ($R_x$). No two chips generate identical responses for a common challenge. The combination of an input challenge and its corresponding response is known as a challenge–response pair (CRP) [212]. The process variations during the manufacturing processes of the PUF circuit have a unique silicon fingerprint. Thus, even common input challenges as shown in Figure 16 result in unique challenge–response pairs (CRPs) for the edge devices [213].

PUF carries out an authentication process for an unknown device in two stages, i.e., enrollment and verification. The PUF module receives the challenge bits from the server and the corresponding response bits are stored back into the server by the PUF circuit during the authentication phase. During the verification stage, the server sends the previously stored challenge bits to the IoT device, and the PUF circuit embedded into the device generates response bits. The generated response bits are compared and matched with the CRP look-up table entries for the authentication of the IoT devices. Also, the response bits are used to extract the secret key to ensure confidentiality during data exchanges [214].

Uniqueness of challenge–response pair (CRP) [215].

[Figure omitted. See PDF]

PUFs are classified based on their security capabilities, fabrication methodology, physical characteristics, and delay characteristics. Many researchers have presented a taxonomy of PUF under categories like fabrication process and security as illustrated in Figure 17. PUFs are categorized into two types, strong PUFs (SPUFs) and weak PUFs (WPUFs), depending on the number of CRPs. The number of CRPs in SPUFs scales exponentially and linearly in WPUFs with increasing PUF cells. WPUFs are used in storing secret keys or serve as a seed in a random sequence generator [216], while SPUFs can be used for authentication, ID, or key generation [217]. Arbiter PUFs fall under SPUFs, whereas SRAM PUF and butterfly PUF are WPUFs [218]. However, the responses of SPUFs are inherently correlated and highly susceptible to ML attacks, including modeling techniques like Logistic Regression (LR), support vector machines (SVMs), artificial neural networks (ANNs), and ANN-based approximation attacks [219]. The variations in the manufacturing process result in silicon and non-silicon PUF types. The fundamental physical properties of silicon PUFs give rise to three types: analog electronic PUFs, memory-based PUFs, and delay-based PUFs [220]. Non-silicon PUFs create unique characteristics by extracting keys from light beams or lasers, as well as magnetic field strength and radio frequencies, while avoiding the use of electronic signals [221,222].

An arbiter PUF is a delay-based strong PUF that belongs to silicon PUFs. Figure 18 illustrates an N-stage arbiter PUF made up of n pairs of 2-to-1 multiplexers, with each pair in a stage controlled by identical challenge bits. The output, referred to as the “Response”, is determined by the differences in path delays. In a standard N-stage arbiter PUF, a rising edge signal travels through one of the $2^N$ possible paths, guided by the N-bit “Challenge” inputs. An arbiter generates the final response, typically implemented with a D-latch, which decides the output based on the first signal to arrive [223,224]. Optical PUFs have an edge over other PUF types as they are less noise-sensitive and leverage light diffraction complexity, making them stable and difficult to duplicate [225]. Light acts as the challenge input and generates a unique random pattern as the response [226]. Normally optical structures are not compatible with solid-state integration. However, a recently proposed CMOS imager PUF uses photodiode responsivity under uniform ambient light and dark current variations to generate unique identifiers for camera authentication [227].

4.1.1. Strong Versus Weak PUFs

The security and performance characteristics of edge devices in a distributed and uncontrolled environment with limited resources vary significantly with the choice of PUF types. Choosing between weak and strong PUFs in an EC ecosystem depends on numerous factors such as resource requirements, security against threat types, authentication capabilities, reliability, and robustness against physical attacks. Environmental factors like temperature and voltage variations are detrimental to both types of PUFs. The simple and efficient weak PUFs, e.g., SRAM PUFs, are suitable for key generation in secure boot or communication. In contrast, strong PUFs like APUFS are used in devices that require frequent authentication or cryptographic security. Table 6 compares various tradeoff factors of weak and strong PUFs.

4.1.2. Application of PUFs

Physical unclonable functions (PUFs) are used for authentication and secret key storage without needing secure EEPROMs and other expensive hardware. Wang et al. have proposed a Lattice PUF against ML attacks that leverages the Learning With Errors (LWE) cryptographic problem. The designers proposed to build a pseudo-random number generator that integrates a Physically Obfuscated Key (POK) with a LWE decryption function and a linear-feedback shift register (LFSR) [234]. ML capabilities are utilized in the screening of stable challenges to strong PUFs. Initially, randomly generated challenges tested for stability are chosen as the input and output of the ML model for extracting a stable challenge dataset [235]. Wu et al. have proposed a lightweight feedback-based anti-ML-attack Physically Unclonable Function (FLAM-PUF) that integrates an arbiter PUF, a Galois LFSR, and basic logic gates [236]. The design employs a 1-bit feedback mechanism to disrupt the training data, increasing complexity and randomness in the CRP set. This obfuscation reduces the CRP correlation and strengthens resistance to ML attacks by introducing non-linear relationships. The researchers reported a 50% prediction accuracy against various ML algorithms, including Support Vector Machines (SVMs), Logistic Regression, and Deep Neural Networks (DNNs). A comparable design approach utilizing an LFSR and an Arbiter PUF (APUF) is introduced in [237]. A delay difference quantization strategy for Arbiter PUF (DDQ-APUF) is proposed in [238], which employs multiple configurable delay units ($\mathsf{\Delta }$) along two symmetrical signal transmission paths. The design measures and quantifies the delay difference between these two paths. A configurable delay is introduced along the signal path and gradually increases until the output response of the APUF flips. This quantified delay difference is then used as the PUF response, providing robustness against environmental variations. This design follows the Strict Avalanche Criterion (SAC), ensuring that even a minor alteration in the challenge inputs results in significant and random response changes. Wang et al. have proposed a dynamically configured hybrid (DCH) PUF by combining the Self-XOR (SX) PUF with a Modified Feed-Forward (MFF) PUF. An LFSR is used as a configuration generator, independent of the input challenge. DCH PUF has proven its resilience against diverse ML attacks, including Deep Neural Networks (DNNs), Logistic Regression (LR), and covariance matrix adaptation evolution strategy (CMA-ES) [239]. Zhou et al. have proposed to mitigate ML attacks by reducing linear correlation between the CRPs through a matrix encryption technique called Bagua matrices [240]. This technique is implemented on numerous PUF architectures, including APUF, XOR-APUF, and Multiplexer PUF (MPUF). The prediction accuracy of ML attacks almost reduces to 50% through matrix encryptions, like random guessing, and subsequently improving data security and privacy [241]. The method proposed in [242] combines PUF with Paillier homomorphic encryption or ElGamal encryption to secure data exchanges. Encrypting CRPs during transmission ensures that adversaries cannot intercept or decode sensitive information. Homomorphic encryption enables data verification without decryption, further safeguarding against attacks [242]. A CMOS-based PUF is proposed for device authentication integrated with Elliptic Curve Cryptography (ECC). Elliptic Curve Digital Signature Algorithm (ECDSA) is used in message signing, which enables devices to authenticate themselves without a need for error correction or storage of redundant data [243]. Although APUFs are strong, lightweight, and capable of generating a large number of challenge–response pairs (CRPs), they are susceptible to machine learning (ML) attacks. To counter this vulnerability, researchers in [244] have developed a protocol that authenticates both devices and servers by incorporating an APUF in the device and a PUF model on the server. A zero-transistor interface between the device and server generates “ghost bits” that obscure the challenge bits, making it more difficult for attackers to model the PUF accurately. Another research on cryptography methods for improving strong PUF security and functionality utilizes erasable PUFs, which delete specific challenge-response pairs (CRPs) after their usage [245]. A Configurable Dual State (CDS) PUF, featuring a Feedback Obfuscation Mechanism (FOM), is proposed to enhance hardware efficiency and defend against machine learning-based modeling attacks. The CDS PUF is configured as either a Ring Oscillator (RO) PUF or a Transient Effect Ring Oscillator (TERO) PUF based on the parity of the Hamming weight of the challenge bits. The feedback obfuscation mechanism leverages a stable count value from the RO as a dynamic mask to obscure the input challenge, effectively concealing the relationship between CRPs [246]. A Cyclic Redundancy Check (CRC) PUF alters the seed challenges and transforms the response generation by changing the CRC generator polynomial to mitigate ML-based modeling attacks [247].

A switched-capacitor PUF (SC-PUF) capable of generating stable cryptographic keys leverages metal blocks and capacitive sensing mechanisms. The proposed mechanism protects against invasive physical attacks like focused ion beam (FIB) and probing methods, with a much lower bit error rate (BER) of ${10}^{-4}$ [248]. A low-cost resistor–capacitor (RC) PUF is proposed to sense voltage differences caused by the charging and discharging of RC circuits. The experimental results with RC-PUFs have shown 49% uniqueness while achieving over 98% reliability [249]. Cross-PUF attacks exploit power intake measurements from one PUF instance to compromise another, assuming both PUFs originate from the same design file and manufacturing batch. To defend against these attacks, the DRILL method, introduced in [233], integrates Dual-Rail Logic (DRL) with Random Initialization Logic (RIL). This combination reduces the signal-to-noise ratio (SNR) in the power rails and balances power consumption during the transmission of “0” and “1”, making it more difficult for attackers to distinguish between the two states. A fuzzy extraction technique is proposed to authenticate biometric data within a lightweight authentication protocol that utilizes blockchains and PUFs [250]. This protocol addresses privacy and security risks, offering protection against threats such as man-in-the-middle attacks, replay attacks, and impersonation attempts. Similarly, a hybrid approach that integrates blockchain and PUFs is used for device authentication and data integrity that uses PUFs to generate unique device fingerprints [251].

Applications of PUFs include [252,253]

Identification is an act of claiming identity with a set of attributes, both physical and perceptual, that uniquely define a specific entity. Similar to a biometric identification scheme, PUF response identification can be used to identify the ICs uniquely. A large range of CRPs is stored in the database along with the device ID implemented with the PUF during enrollment. The verifier chooses a CRP from the CRP database. The identification is considered successful if the obtained response and the CRP database output for a specific input are identical.

4.1.3. PUF Performance Indicators

The quality of a PUF is evaluated by metrics like uniqueness, reliability, randomness, correctness, strict avalanche condition (SAC), etc., that verify its applicability to a specific application. PUF metrics are measured by collecting response bits against a set of challenges to the PUF. A specific application has unique sets of requirements; hence, all metrics are not equally important [254,255].

Uniqueness: It is a PUF characteristic representing its ability to generate a unique response against a similar set of challenges subjected to each die in a lot [256]. Uniqueness is the average inter-chip Hamming Distance (HD) of the responses collected from a group of chips. The uniqueness value of an ideal PUF is about 50%, meaning half of the bits in the responses of the PUFs should be different [254]. For example, in an FPGA-based k n-bit, PUF responses are $P_1$, $P_2$, · · ·, $P_k$, then the average Hamming distance given by Equation (2), is the measure of uniqueness [78],

(2)$u={\displaystyle \frac{2}{k(k-1)}}\sum _{i=1}^{k-1}\sum _{j=i+1}^k{\displaystyle \frac{HD\left(P_i,P_j\right)}{n}}\times 100\%$

Reliability: The PUF and CRP under noisy and variable environmental conditions are measured by their reliability, i.e., the PUF outputs the same response under variable operating conditions. However, numerous environmental conditions like temperature, voltage, and aging of the devices are responsible for variations in the PUF signatures. The ideal value for reliability is 100% and it can be estimated using Equation (3).

(3)$u={\displaystyle \frac{1}{x}}\sum _{y=1}^x{\displaystyle \frac{HD\left(R_i,R_i,y\right)}{n}}\times 100\%$

Randomness: It is a measure of the PUF’s ability to generate 0 or 1 in its response bits with equal probabilities. The randomness of a PUF should be 100% in an ideal case. PUF-based authentication protocols rely heavily on random physical imperfections that occur during the semiconductor manufacturing process, thus creating static randomness. However, the identification (ID) extraction from the PUF becomes corrupted due to dynamic randomness sources like noise which reduces the PUF’s reliability [257].

(4)$Randomness=1-\left|P_r(ID=0)-P_r(ID=1)\right|$

For $2^M$ challenges, the probabilities to obtain an ID at 0 and 1 can be given as

(5)$Randomness=1-\left|erf\left({\displaystyle \frac{E\left(D_R\right)}{\sigma \sqrt{2·M}}}\right)\right|$

(6)$\sum _{i=1}^M{d}_{c_i}^i$

For a variance of $M{\sigma }^2$, the randomness expression Equation (7) is given by [258]

(7)$\begin{array}{c}{P}_R(ID=0)=1-P_R(ID=1)\\ =P_r\left(\sum _{i=1}^M{d}_{c_i}^i<0\right)\end{array}$

Correctness, Bit Aliasing, Uniformity, and Steadiness are additional PUF performance metrics discussed in the literature [78,254,256].

Table 7 presents a comparison of PUF performance metrics mentioned in the previous section. It is inferred from the table that the Uniqueness and Uniformity performance metrics of Lattice PUF remain closer to ideal values whereas RC-PUF is the lowest-performing one.

4.1.4. PUFs as a Root of Trust

A layered defense model, as shown in Figure 19, is preferred for a secure system with outermost layers managing the regular operations of the device and acting as protection barriers for inner layers. RoTs act as a fundamental source for various secure schemes enforcing access to cryptographic modules as well as security resources at the hardware level. The software security built on top of hardware-based RoT provides extra layers of flexibility and protection. These hardware-based RoTs build a trusted execution environment (TEE) for running privileged software, perform cryptographic operations, and offering constant tamper protection. This design approach minimizes the attack surface area and makes inner layers easier to secure because they have fewer, highly controlled tasks. The trust–validation sequence continues moving towards inner layers up to the system core, known as the Root of Trust (RoT) [259]. Edge devices leverage RoTs in establishing a protected environment for cryptographic processes needed for data encryption and authenticating devices connected to backend systems [260]. RoT applies various code validation mechanisms before executing the code on secured CPUs and shields against physical attacks to a certain extent. Thus, a Chain of Trust is established when each component in this chain trusts the codes it runs as they are validated by the previous link, creating an unbroken line of trust back to the Root of Trust [261,262]. The hardware RoT secures EC operations by providing the cryptographic keys in the booting process. Hardware-based RoT is typically a small, dedicated chip embedded within an IoT device leveraging upon intrinsic hardware characteristics [263]. PUFs are ideal for hardware-based RoT that hosts cryptographic functions, such as private and public key encryption [264]. The unique keys generated from the edge device’s PUF and the secure boot process ensure that only authorized firmware or updates are loaded, preventing trojan or malware attacks.

Rojas et al. proposed a hardware Root of Trust (RoT) architecture utilizing a Zynq-7000 SoC FPGA (Xilinx Inc., San Jose, CA, USA) and integrating various cryptographic components. These components include PUFs for device authentication, the Advanced Encryption Standard (AES) for data encryption, Secure Hash Algorithms (SHA-2 and SHA-3) for ensuring data integrity, and the Edwards-curve Digital Signature Algorithm (EdDSA) for digital signature verification [265]. A hardware RoT is proposed in [266], leveraging Quantum Tunneling PUFs to identify ICs digitally. In contrast to SRAM PUFs, Quantum Tunneling PUFs operate without the need for error correction. The software-based PUF (SW-PUF) combines physical chip variations with delays in software instructions to generate unique IDs within a secure Root of Trust (RoT). This approach supports secure boot and remote attestation, ensuring that only authenticated, tamper-free software is executed [267]. A secured IoT architecture proposed in [268] combines PUF with Trusted Platform Module (TPM), and Tangle Distributed Ledger Technology (DLT acts as a RoT, establishing a unique digital identity for each device. The proposed architecture implements a Security-by-Design (SbD) approach at the hardware level, strengthens attack resistance, and defends device and data integrity. Quantum channels are vulnerable to diverse noise sources, which include environmental interactions and eavesdropping attempts. A key reconciliation protocol is proposed in [269], allowing transmission of a bit stream through insecure and noisy quantum channels. Also, the researchers claim that the proposed protocol can reconcile two PUF responses obtained from the same challenge but at a different time. Also, minor noise levels in the PUF responses are mitigated through the application of a fuzzy extractor, designed to produce stable cryptographic keys from marginally erratic PUF responses [270].

4.1.5. Integration of FPGAs-Based PUFs with Edge AI

Artificial Intelligence (AI) assisted data analytics at the edge, allowing for improved interpretation of raw and unstructured data from the physical world. AI at the edge has the potential to automate complex and advanced tasks while preventing user-sensitive data from being transmitted over the network and into data centers at the same time. Edge AI models human reasoning, thus enabling machines to sense, comprehend, perform intelligent detection, and transmit results to the cloud for long-term storage or big data processing. It is capable of recognizing and fighting back against cyberattacks as well as other cyber threats based on the continuous input of data, identifying patterns, and backtracking the attacks. Data privacy and security breaches need to be taken seriously as they may cause business interruptions, revenue losses, and panic among the public [271]. The human brain comprises nearly 100 billion neurons, and over 100 trillion connections are established to form a network of neurons which in turn significantly influences the brain’s capabilities. The interconnectivity within an FPGA resembles the neural wiring of the human brain, and its programmable logic fabric offers the flexibility of the brain [272].

The dynamically reconfigurable as well as customizable hardware architecture of Field Programmable Gate Arrays (FPGAs) has offered a promising solution in accelerating compute-intensive workloads [37]. FPGA-based edge network accelerators offload intelligence, data processing, analytics, and communication capabilities from the cloud to where the data originates [273]. Cloud computing provides the infrastructure needed for securing users’ data as well as maintaining their integrity and privacy. However, there is no foolproof technique yet that guarantees data protection nor a processor that can isolate the execution of users’ applications from data theft. FPGAs are capable of providing stronger security guarantees as there is no need to involve vulnerable operating systems, drivers, or compilers, nor any other system software [274].

The possibility of incorporating general-purpose processors such as soft cores on FPGAs makes these reconfigurable devices suitable for IoT applications as they can provide solutions with enhanced security, reduced size, energy consumption, and cost [275]. Silicon chip fabricators and designers have integrated FPGA and ARM processor cores for efficient edge AI processing. Also, the benefits of shorter development time make an FPGA-based solution the ideal choice for an intelligent edge device [276]. Integrated chip manufacturers mostly outsource their operations, where intellectual property (IP) theft poses serious concerns. In contrast, FPGA designers do not configure them with sensitive IPs unless the delivery of the product is completed [277]. Cybercriminals can replicate FPGA applications by intercepting their programming bitstream or reading the internal memory. Modern FPGAs have started using advanced encryption key standard (AES) with the battery-backed SRAM 256-bit or 384-bit security key, AES with the eFUSE key, on-chip bitstream keyed-Hash Message Authentication Code (HMAC) algorithm, bitstream authentication, etc., can mitigate the risks, protect intellectual property, and improve the overall safety of FPGA devices.

FPGA-based edge devices exploit AI and ML capabilities for the processing of sensed data and subsequently reduce network bandwidth requirements and dependence on cloud processing. Also, vendors are providing IP cores like OpenVINO, Vitis-AI, etc., to leverage FPGA interfaces for the optimization and deployment of deep learning (DL) models [278]. Open Visual Inference and Neural Network Optimization (OpenVINO) is an open-source toolkit from Intel that facilitates quicker inference of deep learning models on hardware accelerators and easy heterogeneous execution across numerous hardware platforms. Deployment of the OpenVINO toolkit and the Intel FPGA AI Suite in the development of DL-enhanced embedded systems on multiple FPGA-accelerated servers is shown in Figure 20. The OpenVINO toolkit comprises tools and libraries that utilize techniques like pruning, quantization, etc., for the optimization of neural networks. The basic workflow of Intel Distribution of the OpenVINO toolkit is as follows:

Model Optimizer converts models from various frameworks like Caffe, TensorFlow, Open Neural Network Exchange (ONNX), and Kaldi to an intermediate representation format for faster inference.

Vitis AI 3.0 (Xilinx Inc., San Jose, CA, USA), is a unified software platform that includes optimized IP, tooling, and libraries to grant users access to AI inference acceleration through adaptable hardware. It consists of a rich set of AI models, optimized deep learning processor unit (DPU) cores, tools, libraries, and example designs for AI at the edge and in the data center. It provides a unified programming model for accelerating Edge, Cloud, and Hybrid computing applications. Vitis AI integrated development environment is presented in Figure 21, with the target platform, i.e., FPGAs, as the base layer. The Xilinx runtime library in the second layer controls the data movement across domains. Also, compilers are used in the layer for mapping the AI model’s optimal instruction set and dataflow model as well as carrying out optimization tasks. There are more than 400 optimized and open-source applications across eight Vitis libraries that are defined in the third layer and offer out-of-the-box acceleration with minimal to zero code changes to your existing applications [279].

5. Open Research Issues

The motivation of this section is to introduce research open challenges and opportunities in the security and privacy issues related to the EC paradigm. The centralized computational approach in data centers and hyperscale clouds is robust against security threats as it “hides” the user’s data behind layers of security defenses, both virtually and physically. However, EC faces many security challenges, and here we present some of the open research challenges as well as the scope for further work [96].

Heterogeneous EC architecture: The users in a traditional cloud computing approach are masked from the hardware in place and how software/application performance depends on hardware resources. EC introduces complexity and a need for multi-layered security schemes because of an assortment of standards and protocols [280]. It introduces the need for unique data propagation management schemes among the heterogeneous edge devices [121]. Data privacy is achievable through encryption techniques, but EC architecture makes the existing encryption schemes too cumbersome for the limited processing resources [281]. Furthermore, research needs to focus on ML algorithms explicitly for IoT forensics, matching the distinct features of diverse IoT devices. The potential of emerging technologies such as blockchain needs to be explored in securing digital networks [282,283].

6. Conclusions

Our current research thoroughly examined and summarized the challenges related to data security and privacy preservation in EC, along with corresponding countermeasures. We also discussed the advantages and limitations of integrated EC and IoT paradigms. Furthermore, we performed an in-depth analysis of security and privacy issues within EC-assisted IoT networks, including a comprehensive survey of potential security attacks and their countermeasures. We researched how state-of-the-art technologies, including PUFs, AI, IoT, and ML, can mitigate security-related challenges in an EC paradigm. Given that resource-limited edge devices may not support traditional cryptographic security solutions, lightweight security primitives like PUFs are an alternative solution for low-cost key generation. Additionally, we conducted a detailed examination of AI/ ML-based security mechanisms, categorizing them extensively. We also provided insights into commercially available toolkits from leading manufacturers and developers utilized in deploying EC services. Finally, we identified open research directions and gaps in data security and privacy issues within EC, outlining areas for future investigation and development.

Footnotes

Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content.

Figure 1 A typical IoT architecture.

Enlarge this image.

Figure 2 IoT attack model.

Enlarge this image.

Figure 3 Edge computing architecture.

Enlarge this image.

Figure 4 Projected edge devices growth.

Enlarge this image.

Figure 5 Security functionalities in a cloud-edge computing architecture.

Enlarge this image.

Figure 6 Percentage share of attacks on edge network.

Enlarge this image.

Figure 7 Security threat classification in EC.

Enlarge this image.

Figure 8 Example of a Blockchain structure.

Enlarge this image.

Figure 9 AI taxonomy.

Enlarge this image.

Figure 10 EC and AI: benefitting each other [154].

Enlarge this image.

Figure 11 (a) Centralized and (b) distributed training approaches.

Enlarge this image.

Figure 12 MEC architecture.

Enlarge this image.

Figure 13 IDS classification.

Enlarge this image.

Figure 14 Types of anomaly IDS.

Enlarge this image.

Figure 15 Hardware security threats and countermeasures [210,211].

Enlarge this image.

Figure 17 Classification of PUFs.

Enlarge this image.

Figure 18 Structure diagram of n-stage APUF.

Enlarge this image.

Figure 19 Layered defense model.

Enlarge this image.

Figure 20 Edge-ready AI toolkits for Intel FPGAs [272].

Enlarge this image.

Figure 21 Xilinx $Viti{s}^{TM}$ AI integrated development environment.

Enlarge this image.