This work addresses the challenge of fragmented security architectures in heterogeneous IoT systems, which struggle to simultaneously ensure hardware-rooted trust, zero-trust networking, and application-layer semantic security. To bridge this gap, the paper proposes a layered defense-in-depth architecture that, for the first time, integrates trusted execution environments (TEEs), lightweight cryptography, zero-trust network principles, and semantic-aware middleware across system layers, while leveraging blockchain to provide auditable security guarantees. Implemented on resource-constrained Cortex-M microcontrollers, the architecture achieves low-overhead encryption, high-accuracy anomaly detection, and controllable energy consumption. It effectively balances interoperability and regulatory compliance, thereby meeting the practical requirements for real-world IoT deployment.

The Internet of Things (IoT) security landscape requires the architectural solutions that can address the technical and operational challenges across the heterogeneous environments. The IoT systems operate in different conditions, and security issues continue to increase. This paper presents the comprehensive security framework for IoT that should integrate the Trusted Execution Environments (TEEs) with the semantic middleware and blockchain technologies. The work provides a systematic analysis of the architectural patterns based on more than twenty recent research works and the existing standards, and it proposes a layered security architecture. The architecture includes the hardware rooted trust at peripheral level, the zero trust principles at network level, and the semantic security mechanisms at application level. The framework focuses on practical implementation aspects such as the performance overhead, interoperability requirements, and the compliance with new regulations, which are very important for the real IoT deployments. The paper reports quantitative metrics which include the cryptographic performance on Cortex-M class microcontrollers with the detection accuracy rates and the energy consumption values. The proposed architecture shows that cross-layer security integration can provide defense in depth while it still satisfies the constraints of resource-limited IoT environments. The discussion highlights open challenges and the future research directions for the IoT security architectures that include the post-quantum migration, secure federated model exchange and the automated compliance verification.