Existing empirical evaluations of software-based memory erasure protocols for IoT devices lack rigor, particularly given the widespread absence of secure hardware support in such devices. Method: This paper presents the first systematic evaluation of seven software memory erasure protocols across seven real-world IoT device classes. We design a comprehensive evaluation framework assessing security guarantees, erasure assurance, and multidimensional performance—including latency, bandwidth consumption, and computational overhead—and quantify protocol behavior across heterogeneous devices using multiple hash implementations. Results: Protocol performance is strongly influenced by device computational capability, network bandwidth, and protocol-specific hidden constants. No single protocol dominates all dimensions; optimal selection requires trade-offs between security assurance levels and deployment constraints. Notably, several protocols achieve full memory erasure and generate verifiable proofs within seconds. This work establishes the first empirical benchmark and practical selection guidelines for deploying software-based memory erasure protocols in industrial IoT settings.

Software-based memory-erasure protocols are two-party communication protocols where a verifier instructs a computational device to erase its memory and send a proof of erasure. They aim at guaranteeing that low-cost IoT devices are free of malware by putting them back into a safe state without requiring secure hardware or physical manipulation of the device. Several software-based memory-erasure protocols have been introduced and theoretically analysed. Yet, many of them have not been tested for their feasibility, performance and security on real devices, which hinders their industry adoption. This article reports on the first empirical analysis of software-based memory-erasure protocols with respect to their security, erasure guarantees, and performance. The experimental setup consists of 3 modern IoT devices with different computational capabilities, 7 protocols, 6 hash-function implementations, and various performance and security criteria. Our results indicate that existing software-based memory-erasure protocols are feasible, although slow devices may take several seconds to erase their memory and generate a proof of erasure. We found that no protocol dominates across all empirical settings, defined by the computational power and memory size of the device, the network speed, and the required level of security. Interestingly, network speed and hidden constants within the protocol specification played a more prominent role in the performance of these protocols than anticipated based on the related literature. We provide an evaluation framework that, given a desired level of security, determines which protocols offer the best trade-off between performance and erasure guarantees.