Physically Unclonable Functions for Secure IoT Authentication and Hardware-Anchored AI Model Integrity

TL;DR

This survey analyzes hardware-rooted trust mechanisms for AI-enabled IoT systems, emphasizing PUFs and hybrid solutions for enhanced security in resource-constrained and adversarial environments.

Contribution

It systematically compares trust anchor mechanisms, highlighting the strengths of PUFs and hybrid approaches for scalable, secure IoT deployments.

Findings

Hardware-rooted solutions offer stronger physical security than software-only methods.

PUF-based and hybrid trust anchors balance security, scalability, and cost effectively.

Software-only approaches are inadequate in physically exposed, adversarial settings.

Abstract

The rapid integration of artificial intelligence (AI) into Internet of Things (IoT) and edge computing systems has intensified the need for robust, hardware-rooted trust mechanisms capable of ensuring device authenticity and AI model integrity under strict resource and security constraints. This survey reviews and synthesizes existing literature on hardware-rooted trust mechanisms for AI-enabled IoT systems. It systematically examines and compares representative trust anchor mechanisms, including Trusted Platform Module (TPM)-based measurement and attestation, silicon and FPGA-based Physical Unclonable Functions (PUFs), hybrid container-aware hardware roots of trust, and software-only security approaches. The analysis highlights how hardware-rooted solutions generally provide stronger protection against physical tampering and device cloning compared to software-only approaches, particularly in adversarial and physically exposed environments, while hybrid designs extend hardware trust into runtime and containerized environments commonly used in modern edge deployments. By evaluating trade-offs among security strength, scalability, cost, and deployment complexity, the study shows that PUF-based and hybrid trust anchors offer a promising balance for large-scale, AI-enabled IoT systems, whereas software-only trust mechanisms remain insufficient in adversarial and physically exposed settings. The presented comparison aims to clarify current design challenges and guide future development of trustworthy AI-enabled IoT platforms.