Abstract
<jats:p>This paper is devoted to ensuring the cyber resilience of Internet of Things (IoT) ecosystems in the context of the large-scale deployment of heterogeneous devices and the emergence of complex multi-vector cyber threats. Based on the analysis of vulnerabilities across different layers of IoT architecture, the limitations of traditional perimeter-based security models are demonstrated, and the necessity of transitioning to a cyber resilience paradigm is substantiated. A conceptual model of a cyber-resilient IoT architecture is developed, incorporating the use of a hardware root of trust to ensure reliable device identification and secure boot, as well as the implementation of micro-segmentation principles and policy-based access control within a Zero Trust Architecture. In addition, a hierarchical system for intelligent threat detection is proposed, featuring the distribution of analytical functions across device, gateway, and cloud layers, which enables reduced incident detection time and improved detection accuracy. The integration of hardware, cryptographic, and intelligent mechanisms allows for reducing the attack surface, limiting threat propagation, and enhancing system recoverability. The proposed approach can be applied in the design of next-generation secure IoT systems. Key words: anomaly detection, cyber resilience, edge computing, Internet of Things, hardware root of trust, physically unclonable functions, post-quantum cryptography, Zero Trust Architecture.</jats:p>