Trust Assessment in 32 KiB of RAM: Multi-application Trust-based Task Offloading for Resource-constrained IoT Nodes

Matthew Bradbury, Arshad Jhumka, and Tim Watson. Trust Assessment in 32 KiB of RAM: Multi-application Trust-based Task Offloading for Resource-constrained IoT Nodes. In The 36th ACM/SIGAPP Symposium on Applied Computing, SAC’21, 1–10. Virtual Event, Republic of Korea, 22–26 March 2021. ACM. doi:10.1145/3412841.3441898.

[ bibtex] [ file] [ presentation] [ dataset] [ project]

There is increasing interest in using highly resource-constrained IoT devices to perform complex tasks. These resource might include limited processing power (e.g., 32MHz CPU), RAM (e.g., 32 KiB to 256 KiB), ROM (512 KiB), and potentially no stable storage. However, because of the limited resources an IoT device may need to offload expensive tasks to resource-rich devices. These might be a Cloud server or an Edge node if the latency of task responses is important. In order to address this issue, in this work we developed a middleware to facilitate task offloading using a measure of behavioural trust.


The key importance of this work is to understand exactly how much of the limited resources needs to be used to implement the middleware. This is because trust models that are used to assess which resource-rich device to offload a task to are typically very large. There is an assumption that “more information” equals “a better trust model”, but the limited resources mean that there is not much space available to store a behavioural trust model. Our implementation investigated the required design decisions to fit such a system on these IoT devices.


During this research we identified the challenges with using certain protocols. For example, MQTT uses TCP which requires a large amount of RAM in order to support the guarantees that TCP provides. MQTT-SN uses UDP, but was not implemented by the Contiki-NG IoT operating system we used.

We also needed to understand the cost of securing the messages sent in this system. Due to issues identified in DTLS implementations we chose to investigate OSCORE to protect messages. This standard conveniently uses the hardware accelleration of the Zolertia RE-Mote devices we performed a deployment with. However, we had to minimise the use of Elliptic Curve operations due to the computational cost (even with hardware acceleration) that meant about 1 signature could be verified per second.

Finally, future deployments of such a system will also need to design an appropriate trust model that fits within the limited memory remaining after implementing the task offloading middleware. Our use of the Beta Reputation System proved effective due to its small size.

Extended By

An extended version of the article has been published, so should be referred to instead:
Matthew Bradbury, Arshad Jhumka, Tim Watson, Denys Flores, Jonathan Burton, and Matthew Butler. Threat-Modeling-Guided Trust-Based Task Offloading for Resource-Constrained Internet of Things. ACM Transactions on Sensor Networks, 18(2):41, 2022. doi:10.1145/3510424.