This work addresses the security challenges facing IoT microcontroller unit (MCU) firmware, where conventional runtime attestation relies on external verifiers and struggles to balance privacy, efficiency, and decentralized trust. To overcome these limitations, the authors propose LiteAtt—the first lightweight framework integrating TinyML with self-attestation—enabling rapid, local evaluation of SRAM-based firmware states directly within an Arm TrustZone trusted execution environment, without storing firmware replicas or requiring remote verification. LiteAtt employs a two-device collaborative training scheme to preserve memory privacy and incorporates a lightweight secure protocol. Experimental results on real-world devices demonstrate that LiteAtt achieves 98.7% accuracy and a 99.33% F1 score, with only 1.29 ms verification latency, 42.79 μJ energy consumption, and ≤32 KB memory overhead, making it suitable for resource-constrained platforms such as Cortex-M MCUs.

As the Internet of Things (IoT) becomes an integral part of critical infrastructure, smart cities, and consumer networks, there has been an increase in the number of software attacks on the microcontrollers (MCUs) that constitute such networks. Runtime firmware attestation, i.e., the verification of a firmware's integrity, has become instrumental, and prior work focuses on lightweight IoT MCUs, offloading the verification task to capable remote verifiers. However, modern IoT devices feature large flash and volatile memory, on-device TinyML inference, and Trusted Execution Environments (TEE). Leveraging these capabilities, this paper presents a verifier-less, hybrid Self-Attestation (SA) framework called LiteAtt, which is based on TinyML execution in the Arm TrustZone of an IoT MCU for quick, on-device evaluation of the IoT firmware's SRAM footprint. LiteAtt takes a step towards ubiquitous intelligence and decentralized trust in IoT networks. It eliminates the need for firmware copies for attestation, and protects the privacy of user SRAM data by leveraging twin devices to train the TinyML models. The proposed framework achieves an average accuracy of 98.7%, F1 score of 99.33%, TPR of 98.72%, and TNR of 97.45% on SRAM attestation datasets collected from real devices. LiteAtt operates with a latency of 1.29ms, an energy consumption of 42.79uJ, and a runtime memory overhead of up to 32KB, which is suitable for battery-operated Arm Cortex-M devices. A security analysis is provided for the protocol regarding mutual authentication, confidentiality, integrity, SRAM privacy, and defense against replay and impersonation attacks. Practical deployment scenarios and future works are also discussed.