As the Internet of Things (IoT) continues to expand, data security has become
increasingly important for ensuring privacy and safety, especially given the
sensitive and, sometimes, critical nature of the data handled by IoT devices.
There exist hardware-based trusted execution environments used to protect data,
but they are not compatible with low-cost devices that lack hardware-assisted
security features. The research in this paper presents software-based
protection and encryption mechanisms explicitly designed for embedded devices.
The proposed architecture is designed to work with low-cost, low-end devices
without requiring the usual changes on the underlying hardware. It protects
against hardware attacks and supports runtime updates, enabling devices to
write data in protected memory. The proposed solution is an alternative data
security approach for low-cost IoT devices without compromising performance or
functionality. Our work underscores the importance of developing secure and
cost-effective solutions for protecting data in the context of IoT.