Secure edge-based IoMT framework for ICU monitoring with TinyML and post-quantum cryptography

Abstract

This article proposes a secure, real-time, intelligent, edge-based Internet of Medical Things (IoMT) monitoring framework for intensive care unit (ICU) environments. The system integrates TinyML-powered decision trees with lattice-based post-quantum cryptography (PQC), specifically Kyber 512, to enable low-latency anomaly detection and quantum-resistant data transmission. Although designed for deployment on resource-constrained ESP32 microcontrollers, the entire pipeline is implemented and evaluated within an OMNeT++ simulation environment, including on-device inference and PQC encryption. A synthetically generated ICU dataset, validated by three hospitals, ensures clinical relevance and robustness in diverse patient scenarios. Data fusion techniques improve feature reliability, while Kyber 512 provides lightweight, quantum-safe encryption. OMNeT++ simulations demonstrate end-to-end communication with zero observed packet loss and very low end-to-end latency, under realistic ICU network conditions. The framework addresses key challenges in computational efficiency, data confidentiality, and scalability, offering a future-ready solution for intelligent healthcare systems. The results show 99.4% accuracy in anomaly detection, with strong generalization validated on external datasets (PhysioNet: 98.5%, Kaggle: 99.0%). This work represents one of the first integrations of TinyML and PQC in a simulated IoMT setting, paving the way for secure, scalable, and intelligent ICU monitoring.

Introduction

Intelligent edge computing has revolutionized healthcare by enabling real-time data processing and decision-making at the point of care, driven by the rapid growth of the Internet of Things (IoT)¹. The Internet of Medical Things (IoMT) extends this paradigm by integrating artificial intelligence (AI) to enhance patient monitoring, enable early clinical intervention, and improve operational efficiency². In critical environments such as intensive care units (ICUs), IoMT systems employ a network of sensors to continuously monitor vital signs—including heart rate, SpO₂, respiratory rate, and blood pressure—facilitating prompt anomaly detection and timely clinical response.

However, the emergence of quantum computing poses a significant threat to traditional cryptographic algorithms like RSA and ECC, which are vulnerable to quantum attacks³. Post-Quantum Cryptography (PQC) offers a robust alternative, ensuring long-term data security even in the presence of quantum adversaries. For resource-constrained IoMT devices, lattice-based schemes such as Kyber 512 present an optimal trade-off between security, computational efficiency, and memory footprint⁴. Despite these advantages, deploying PQC alongside AI models on low-power edge devices remains challenging due to limitations in computation, memory, and energy⁵.

Fig. 1

IoMT architecture.

Data fusion from heterogeneous sensors further enhances the performance of IoMT systems by combining correlated physiological signals to improve diagnostic accuracy and system robustness⁶. These techniques enable more reliable anomaly detection by capturing temporal dynamics and inter-parameter relationships⁷. While significant progress has been made in deploying machine learning and TinyML on edge devices for healthcare applications⁸, the integration of secure, quantum-resistant communication protocols with on-device inference remains underexplored⁹.

To meet the dual demands of functional intelligence and quantum-era security, recent work¹⁰ emphasizes the need to integrate PQC with lightweight AI models and data fusion in a synergistic manner, generic IoMT architecture is shown in Fig. 1. One promising direction is the co-deployment of TinyML and PQC—such as running compact decision trees on microcontrollers like the ESP32—enabling real-time, private, and quantum-safe inference at the edge¹¹. Additionally, blockchain-based architectures have been explored to enhance data integrity in IoMT¹², underscoring the growing demand for PQC in decentralized and auditable healthcare systems.

In this paper, we present an intelligent, edge-based IoMT framework for secure ICU monitoring that integrates PQC, data fusion, and TinyML in a unified, simulation-validated architecture. Our key contributions are:

1. 1.

   A synthetically generated and clinically validated ICU dataset, designed to evaluate PQC-enhanced IoMT systems under diverse and realistic patient scenarios.

2. 2.

   A decision tree-based TinyML model optimized for deployment on ESP32-class microcontrollers, achieving 99.4% accuracy in real-time anomaly detection with minimal computational overhead.

3. 3.

   End-to-end validation through OMNeT++ simulations, demonstrating secure communication with zero observed packet loss and very low latency (mean: 18.7 ms) under simulated ICU network conditions.

Our framework addresses critical gaps in computational efficiency, data confidentiality, and scalability, offering a resilient and future-ready solution for intelligent healthcare systems. The remainder of this paper is organized as follows: “Literature review” section presents a comprehensive review of related work, “Methodology” section details the methodology, “Model development” section discusses the results and analysis, and “The final phase: OMNeT++ simulation for ICU patient monitoring” section concludes with implications and future research directions.

Literature review

The Internet of Things (IoT) has emerged as a transformative force across multiple domains, particularly in healthcare, where intelligent edge computing enables real-time decision-making and continuous patient monitoring⁹. The Internet of Medical Things (IoMT) extends this paradigm by integrating artificial intelligence (AI) to enhance diagnostic accuracy, enable early intervention, and improve clinical outcomes². However, the rapid advancement of quantum computing poses a critical threat to traditional cryptographic systems such as RSA and ECC, which are vulnerable to quantum attacks³. Post-Quantum Cryptography (PQC) offers a viable solution to secure data in resource-constrained IoMT environments, ensuring long-term confidentiality and integrity. This literature review synthesizes recent advancements in PQC, data fusion, and intelligent IoMT systems to highlight the state of the art and identify critical research gaps addressed in this work.

Post-quantum cryptography for IoT edge devices

Lightweight cryptographic protocols tailored for IoT systems have been widely investigated, with lattice-based, code-based, and hash-based algorithms emerging as leading candidates due to their resistance to quantum attacks⁸. Among these, lattice-based schemes—particularly Kyber 512—offer an optimal balance of security, computational efficiency, and compact key sizes, making them well-suited for deployment on microcontrollers like the ESP32⁴. However, practical implementation on low-power devices remains challenging due to constraints in computation, memory, and energy consumption¹.

Table 1 Comparative analysis of post-quantum cryptography (PQC) schemes for resource-constrained IoMT devices.

As shown in Table 1, Kyber 512 offers the optimal trade-off between security, performance, and memory footprint for ESP32-class microcontrollers. Its efficient implementation via liboqs-embedded and low-latency operations make it the most suitable choice for real-time, quantum-safe IoMT systems.

Kumar et al. proposed a hybrid approach combining hardware acceleration with PQC to improve performance on low-power devices⁸, while Zhang et al. demonstrated efficient lattice-based cryptography on microcontroller units (MCUs), though execution time and memory usage remain bottlenecks for real-time embedded applications⁴. Despite promising results, most current approaches overlook domain-specific requirements of healthcare IoT, such as real-time anomaly detection and low-latency inference, limiting their applicability in ICU environments².

Data fusion in intelligent IoT systems

Data fusion has become a cornerstone of intelligent IoT systems, especially in healthcare, where heterogeneous sensors generate vast amounts of physiological data⁶. By integrating correlated signals—such as SpO₂, heart rate, and respiratory rate—data fusion enhances diagnostic accuracy, reduces noise, and improves system robustness⁷.

Zhang et al. introduced a multimodal data fusion framework for IoMT that combines multiple physiological parameters to improve patient monitoring performance⁷. Wang et al. demonstrated that deep learning-based fusion from heterogeneous sources can detect ICU anomalies with over 95% accuracy, enabling early warning systems². Ahmed et al. emphasized the need for centralized, real-time monitoring platforms capable of delivering actionable clinical insights¹³. These works highlight the importance of combining robust data fusion with secure communication—especially in the face of quantum threats.

Intelligent internet of medical things (IoMT)

The integration of machine learning and AI with IoMT enables real-time, edge-based decision-making, significantly improving patient outcomes and operational efficiency¹⁴. Advances in TinyML now allow deployment of low-latency, energy-efficient models on highly constrained devices such as ESP32 nodes, making them ideal for ICU monitoring¹⁴.

Chen et al. proposed a TinyML-based anomaly detection system that achieves high accuracy with minimal computational overhead, demonstrating the feasibility of on-device inference¹⁴. Patel et al. explored the integration of IoMT with blockchain for data integrity and privacy, advocating for future research into combining PQC with distributed ledger technologies¹⁵. Kim et al. emphasized the need for advanced data fusion and machine learning models to ensure long-term security and functionality in IoMT systems¹⁰.

Recent studies further enrich this landscape:

1. 1.

   The SA-GBO-ODBN model combines blockchain and deep learning for secure diagnosis and data handling in healthcare¹⁶.

2. 2.

   A multi-layered security architecture integrates dynamic key management, decentralized storage, and intrusion detection to enhance IoMT resilience¹⁷.

3. 3.

   Multi-attention DeepCRNN presents an explainable intrusion detection framework tailored for IoMT, leveraging attention mechanisms for improved interpretability¹⁸.

While these approaches demonstrate strong security and diagnostic capabilities, they often rely on computationally intensive models unsuitable for edge deployment. In contrast, our work focuses on lightweight, real-time, and quantum-safe solutions by integrating TinyML and PQC at the edge, offering a complementary approach optimized for microcontrollers like ESP32.

Challenges in healthcare IoT security

Despite significant progress, many healthcare IoT systems remain vulnerable to threats such as data breaches, sensor errors, and time-varying patient behavior¹⁹. Liu et al. identified sensor noise and network latency as key factors affecting IoMT reliability, underscoring the need for robust error-handling and preprocessing mechanisms⁵.

Ali et al. highlighted that even minor delays or packet losses in ICU monitoring can lead to misdiagnosis, making reliable communication protocols essential for life-critical systems²⁰. Yang et al. examined blockchain-based IoMT frameworks and noted that while they improve trust and transparency, most fail to provide long-term protection against quantum attacks¹². Therefore, integrating PQC into distributed IoMT architectures is crucial for ensuring data confidentiality and integrity in the post-quantum era.

Table 2 Comparison of this study with other research papers in IoT healthcare systems.

Gaps in current research

Despite notable advancements, critical gaps remain in the integration of PQC, data fusion, and machine learning for edge-based IoMT systems. As shown in Table 2, the synergistic combination of quantum-safe encryption and lightweight AI models is largely unexplored¹⁹. Moreover, few studies validate their methods using both synthetic and real-world healthcare datasets¹², and scalability in large-scale ICU environments remains an open challenge¹⁹.

This paper addresses these gaps by:

1. 1.

   Introducing a synthetically generated, expert-validated ICU dataset for evaluating PQC-enhanced IoMT systems.

2. 2.

   Deploying a decision tree-based TinyML model on ESP32 microcontrollers, achieving 99.4% accuracy with minimal computational overhead.

3. 3.

   Integrating Kyber 512-based encryption for secure communication, validated via OMNeT++ simulations showing zero observed packet loss and very low latency (mean: 18.7 ms).

Our work represents one of the first efforts to combine quantum-safe encryption with edge-based machine learning in healthcare IoT, offering a novel, secure, scalable, and intelligent solution for ICU monitoring.

Methodology

This section outlines the methodology adopted for generating a synthetic ICU patient dataset²⁵, training machine learning models, and simulating an IoT edge-based monitoring system using OMNeT++. The overall framework is divided into three key phases: Dataset Generation, Model Development and Evaluation, and OMNeT++ Simulation, as shown in Fig. 2.

Fig. 2

Research methodology overview.

Dataset generation

To support realistic anomaly detection and secure communication simulations in ICU monitoring, we generated a comprehensive synthetic ICU patient dataset. This dataset was designed to mimic real-world clinical scenarios while ensuring flexibility for experimentation and reproducibility as shown in Fig. 3. It includes 200 simulated patients, each with 5000 sequential readings, totaling over one million data points across five distinct health statuses.

Fig. 3

Dataset generation flowchart.

Constants and parameters

The dataset consists of readings from 200 simulated patients, with each patient having 5000 sequential readings. Patients were categorized into five distinct health scenarios based on their vital signs and physiological conditions. A summary of these scenarios is presented in Fig. 4. Each scenario was designed to reflect clinically relevant patterns observed in real ICU environments, validated by medical professionals²⁵.

Fig. 4

Patients scenarios.

Scenario-based data generation

Each scenario was carefully crafted to reflect clinically relevant ICU conditions. Below is a detailed description of each scenario along with corresponding parameter ranges.

Normal scenario

Patients exhibit stable vital signs within predefined normal ranges. The mean and standard deviation (SD) for each parameter, along with clipped value ranges, are summarized in Fig. 5. These values align with standard ICU thresholds²⁰.

Fig. 5

Patient normal scenario.

Gradual increase scenario

In this scenario, vital signs were gradually increased over time using linear interpolation to simulate progressive deterioration. The changes in each parameter are summarized in Table 3. This approach enables the modeling of early warning signals and gradual onset of critical conditions.

Table 3 Summary of gradual increase in vital signs.

Gradual decrease scenario

Vital signs were gradually decreased over time using linear interpolation to simulate recovery or worsening conditions. The changes in each parameter are summarized in Table 4. This scenario allows the model to learn dynamic shifts in patient condition, enhancing generalization capabilities².

Table 4 Summary of gradual decrease in vital signs.

Outlier scenario

Random outliers were introduced across all 5000 readings per patient to simulate sensor errors or extreme physiological events. The uniform distribution ranges for each parameter are summarized in Table 5. Outliers were also used to evaluate robustness under noisy conditions¹⁹.

Table 5 Summary of uniform distributions for vital signs.

Moderate abnormalities scenario

Vital signs were uniformly distributed within moderate abnormality ranges to represent early stages of health deterioration. The ranges for each parameter are summarized in Table 6. This scenario mimics pre-critical conditions where timely intervention can prevent escalation¹³.

Table 6 Summary of moderate abnormal ranges for vital signs.

Critical conditions scenario

Vital signs were uniformly distributed within critical ranges to simulate life-threatening situations. The ranges for each parameter are summarized in Table 7. This scenario was particularly important for testing anomaly detection accuracy in high-risk cases¹⁰.

Table 7 Summary of critical ranges for vital signs.

Feature engineering

To enhance the capability of the machine learning models to accurately predict, additional features were derived from raw readings, the impact is shown in Table 8.

1. 1.

   SpO2 trend Rolling mean of SpO2 over a window of 5 readings.

2. 2.

   Temperature-to-SpO2 ratio Ratio of temperature to SpO2 to capture interdependencies.

3. 3.

   Heart rate trend Rolling mean of heart rate over a window of 5 readings.

4. 4.

   BP trend: Rolling mean of the difference between systolic and diastolic BP over a window of 5 readings.

5. 5.

   Respiratory rate trend Rolling mean of respiratory rate over a window of 5 readings.

6. 6.

   SpO2-to-BP ratio Ratio of SpO2 to the difference between systolic and diastolic BP.

7. 7.

   Temperature-to-respiratory rate ratio Ratio of temperature to respiratory rate.

Table 8 Impact of data fusion on model accuracy.

These engineered features significantly improved classification performance by capturing temporal dynamics and physiological correlations. The rolling trends are visualized in Fig. 6.

Fig. 6

Rolling trends of physiological parameters.

Status classification

Each reading was classified into one of five statuses based on predefined thresholds. The classification criteria are summarized in Table 9. This multi-class labeling scheme supports both early detection and severity-based prioritization of anomalies.

Table 9 Summary of reading classification into statuses.

Noise and ambiguity

To simulate real-world variability and measurement uncertainty, Gaussian noise was added to all readings. Additionally, ambiguous cases were introduced where readings fell between two status levels, increasing the complexity and realism of the dataset. This ensures that the trained models can handle borderline or uncertain cases effectively.

The correlation heatmap of the vital signs is shown in Fig. 7, illustrating relationships such as the inverse correlation between SpO2 and Heart Rate, and direct correlation between Systolic BP and Temperature.

Fig. 7

Heatmap of vitals showing correlations.

Validation of dataset

To ensure the realism and clinical relevance of the synthetic dataset, it was validated through a survey conducted with ICU doctors from three major hospitals in Khyber Pakhtunkhwa. The survey aimed to gather expert opinions on the dataset’s thresholds, scenarios, and overall representativeness of real-world ICU patient data represented in Fig. 8. Feedback was collected on aspects such as:

1. 1.

   Whether the defined vital sign ranges matched clinical expectations.

2. 2.

   If the simulated scenarios reflected actual ICU conditions.

3. 3.

   How well the dataset could generalize to real-world use.

Fig. 8

Dataset validation via expert survey.

Model development and evaluation

We trained and evaluated multiple machine learning models—including Logistic Regression, Decision Tree, and Random Forest—to identify a lightweight, accurate classifier suitable for edge deployment. The Decision Tree was selected due to its interpretability, low computational overhead, and compatibility with TinyML.

Data preprocessing

The following preprocessing steps were applied:

1. 1.

   Missing values were imputed using the mean of each feature.

2. 2.

   Features were standardized using Scikit-Learn’s StandardScaler.

3. 3.

   Class imbalance was corrected using SMOTE²⁶, applied only to the training set.

4. 4.

   An 80%-20% stratified train-test split was used.

Software and tools

All models were developed using:

1. 1.

   Python 3.9, Scikit-Learn 1.6.1, TensorFlow Lite 2.19.0

2. 2.

   OMNeT++ 6.1 with INET Framework 4.5

3. 3.

   liboqs 0.10.2 (for Kyber 512 implementation)

These versions are specified to ensure reproducibility.

OMNeT++ simulation framework

The final phase involved simulating the ICU monitoring system in OMNeT++ to evaluate end-to-end performance.

Simulation components

1. 1.

   ESP32 nodes (simulated) Represent ICU patients. Each node runs a virtualized TinyML inference engine and Kyber 512 encryption module algorithmically.

2. 2.

   Central server Decrypts data and visualizes patient status.

3. 3.

   Network model WiFi channels with routing delays, packet drops (BER-based), and interference from 3 APs.

Model development

This section details the development and evaluation of machine learning models designed for real-time patient status classification using vital signs. The objective is to identify a lightweight yet accurate model suitable for deployment on resource-constrained IoT edge devices such as ESP32 microcontrollers. While the model was not physically deployed, it was structured for potential deployment via the Arduino framework using TensorFlow Lite for Microcontrollers, and its performance was simulated within the OMNeT++ environment.

Data preprocessing

To ensure optimal performance of the machine learning models, the synthetic ICU dataset underwent comprehensive preprocessing:

1. 1.

   Missing values were imputed using the mean value of each feature to handle incomplete or corrupted readings.

2. 2.

   All numerical features were standardized using Scikit-Learn’s StandardScaler to normalize input distributions and ensure stable model training.

3. 3.

   Class imbalance was addressed using the Synthetic Minority Oversampling Technique (SMOTE)²⁶, which generates synthetic samples for underrepresented classes by interpolating between existing minority instances. This significantly improved model generalization, especially for rare critical and outlier events.

4. 4.

   The dataset was split into an 80% training set and a 20% test set, preserving class distribution to ensure fair evaluation.

Handling class imbalance with SMOTE

In medical datasets like ICU monitoring, class imbalance is common due to the rarity of critical conditions compared to normal states. To address this, we employed the Synthetic Minority Oversampling Technique (SMOTE)²⁶, which creates synthetic samples rather than duplicating existing ones.

Overview of SMOTE

SMOTE works by interpolating between minority class instances. For each minority sample \(x_i\), a random k-nearest neighbor \(x_j\) is selected, and a new instance \(x_{\text {new}}\) is generated as:

$$\begin{aligned} x_{\text {new}} = x_i + \lambda \cdot (x_j - x_i), \end{aligned}$$

(1)

where \(\lambda \in [0, 1]\) is a uniformly sampled random number. This expands the decision boundary for minority classes, reducing bias toward majority classes.

Implementation details

SMOTE was applied as follows:

1. 1.

   After missing value imputation and feature standardization.

2. 2.

   Only on the training set to prevent data leakage.

3. 3.

   Before model training and hyperparameter tuning.

This ensured the classifier generalized well across all patient statuses, including rare critical and outlier cases.

Model selection and training

We trained and evaluated multiple models—Logistic Regression, Decision Tree, and Random Forest—to identify the best candidate for edge deployment. The Decision Tree demonstrated the optimal balance of accuracy, interpretability, and computational efficiency.

Decision tree classifier

The Decision Tree classifier was selected for its interpretability, speed, and suitability for low-power hardware. It is based on the Classification and Regression Trees (CART) algorithm, which uses Gini impurity to determine optimal splits:

$$\begin{aligned} \text {Gini}(D) = 1 - \sum _{i=1}^{c} p_i^2, \end{aligned}$$

(2)

where D is the dataset at a node, \(c = 5\) is the number of classes, and \(p_i\) is the proportion of class i. The split that maximizes the reduction in Gini impurity is chosen:

$$\begin{aligned} \Delta \text {Gini} = \text {Gini}(D) - \sum _{j=1}^{2} \frac{|D_j|}{|D|} \text {Gini}(D_j). \end{aligned}$$

(3)

Hyperparameter tuning was performed using GridSearchCV to optimize tree depth, minimum samples per split, and leaf constraints. Cross-validation confirmed high stability and consistency in predictions.

Inference logic and pseudocode

The trained model was converted to a quantized TensorFlow Lite (.tflite) format for compatibility with microcontrollers. Below is a simplified pseudocode representation of the inference logic:

This rule-based structure enables fast, interpretable, and energy-efficient inference—ideal for real-time ICU monitoring.

Random forest classifier

A Random Forest model was also developed for comparison. While it achieved slightly higher accuracy (99.59%), its increased complexity (\(O(M \log n)\)) and memory footprint made it unsuitable for constrained IoT nodes.

Logistic regression

As a baseline, Logistic Regression was included. However, its lower performance (80.58% accuracy) on multi-class classification rendered it unsuitable for real-time ICU monitoring.

Evaluation metrics

The models were assessed using standard classification metrics:

$$\begin{aligned} \text {Accuracy}&= \frac{TP + TN}{TP + FP + TN + FN}, \\ \text {Precision}&= \frac{TP}{TP + FP}, \\ \text {Recall}&= \frac{TP}{TP + FN}, \\ \text {F1-Score}&= 2 \times \frac{\text {Precision} \times \text {Recall}}{\text {Precision} + \text {Recall}}. \end{aligned}$$

Table 10 Summary of model evaluation results.

Both Decision Tree and Random Forest outperformed Logistic Regression, with the Decision Tree offering superior deployability which can be seen in Table 10.

Confusion matrix analysis

A confusion matrix (Fig. 9) shows high diagonal dominance, indicating strong performance with minimal misclassification across all five classes: Normal, Mild, Moderate, Critical, and Outlier.

Fig. 9

Confusion matrix for decision tree classifier.

Additionally, the training confusion matrix (Fig. 10) confirms no overfitting.

Fig. 10

Confusion matrix for decision tree classifier (training set).

Class distribution (Fig. 11) confirms balanced evaluation.

Fig. 11

Class distribution bar chart (true vs predicted labels).

Statistical validation

A McNemar’s Test between the Decision Tree and Logistic Regression yielded \(p < 0.001\), confirming statistically significant improvement. The macro-average ROC-AUC score of 0.997 further supports the model’s robustness, especially in detecting rare critical events.

Model validation across datasets

The model was validated on three datasets:

1. 1.

   Synthetic ICU Dataset (Training): 99.4% accuracy.

2. 2.

   PhysioNet Challenge 2019 Dataset²¹: 98.5% accuracy.

3. 3.

   Kaggle Human Vital Sign Dataset²³: 99.0% accuracy.

Fig. 12

Model validation across datasets.

These results confirm strong generalization and suitability for diverse healthcare environments.

Algorithm complexity comparison

Computational efficiency was assessed as shown in Table 11.

Table 11 Computational complexity of models.

Table 12 Comparative analysis of TinyML-compatible models for ICU anomaly detection on ESP32-class microcontrollers (empirical benchmarks).

The Decision Tree was selected as the optimal model for ICU anomaly detection on ESP32-class microcontrollers due to its superior trade-off between accuracy, speed, and resource efficiency as can be seen in Table 12

Model performance summary

Table 13 Model accuracy across datasets.

The model maintains high performance across datasets which can be seen in Table 13. The model was quantized to int8 using TensorFlow Lite for Microcontrollers, reducing model size to < 10 KB. No accuracy loss was observed post-quantization on the test set⁴.

Comparative performance with state-of-the-art methods

We compared our model with recent studies that used similar techniques in healthcare IoT systems as shown in Table 14. Our approach avoids transmission delays and enables immediate local response. The inclusion of PQC does not degrade inference, ensuring security without sacrificing performance shown in Fig. 12

Table 14 Comparison of precision, recall, and F1-score with other studies in IoMT and healthcare.

1. 1.

   Expert-validated synthetic data with realistic scenarios.

2. 2.

   Data fusion techniques that enhance feature reliability.

3. 3.

   A lightweight yet accurate Decision Tree model optimized for edge deployment. Unlike cloud-based models (e.g., LSTM, CNN).

System architecture description

The proposed architecture includes four layers:

1. 1.

   Sensor layer: Collects vital signs (SpO2, HR, BP, etc.).

2. 2.

   Preprocessing and feature engineering layer.

3. 3.

   TinyML inference and Kyber 512 encryption layer (simulated in OMNeT++).

4. 4.

   Secure wireless communication and centralized monitoring layer.

This layered design ensures end-to-end security, scalability, and responsiveness in ICU monitoring systems.

The final phase: OMNeT++ simulation for ICU patient monitoring

The final phase of our methodology involved simulating an ICU patient monitoring system using the OMNeT++ network simulator (version 6.1) with the INET Framework (version 4.5) as shown in Fig. 13. This simulation integrated virtualized ESP32-based IoT nodes, a central server, and WiFi communication channels to evaluate the feasibility of deploying TinyML models and Post-Quantum Cryptography (PQC) in real-time healthcare applications. The Kyber 512 algorithm from the liboqs library (version 0.10.0) was used to perform (actual key generation, encryption, and decryption operations), enabling a realistic assessment of PQC integration in an IoMT pipeline. All components were algorithmically simulated; no physical hardware was used.

Fig. 13

System architecture showing integration of TinyML inference, Kyber 512 encryption, and wireless transmission.

Simulation components

The simulation architecture consisted of the following core components.

ESP32 nodes (simulated)

Each ESP32 node represented an individual ICU patient and was equipped with:

1. 1.

   Virtualized storage of patient vital signs.

2. 2.

   A TinyML inference engine (Decision Tree model) running in C++.

3. 3.

   A functional Kyber 512 encryption module using the liboqs library for secure data transmission.

These nodes were modeled to reflect the computational and memory constraints of real ESP32 microcontrollers. While the system is designed for edge deployment, all components—including TinyML inference and Kyber 512 execution—were simulated algorithmically within OMNeT++ as shown in Fig. 14. The use of liboqs ensures that the cryptographic operations reflect real-world behavior, enabling accurate evaluation of integration feasibility.

Fig. 14

Reading patient data, running inference, and sending data to server.

Central server

The central server served as the aggregation and analysis hub for all incoming data streams:

1. 1.

   Aggregates and processes data from multiple simulated ESP32 nodes.

2. 2.

   Decrypts incoming encrypted data using Kyber 512 decryption (via liboqs).

3. 3.

   Enables centralized monitoring and visualization of patients’ health status in real time (Fig. 15).

The server was modeled to handle concurrent data streams and maintain a centralized dashboard for ICU monitoring, ensuring timely interventions in critical scenarios.

Fig. 15

Data received at server in OMNeT++ simulation.

Network setup

To simulate realistic ICU network conditions presented in Fig. 16, we configured WiFi-based communication (IEEE 802.11n) with the following parameters:

1. 1.

   Data rate 54 Mbps.

2. 2.

   Propagation model Two-ray ground.

3. 3.

   Routing delay Uniformly distributed between 2 and 10 ms.

4. 4.

   Packet drop model BER-based with error rate of \(10^{-5}\).

5. 5.

   Interference Co-channel interference from 3 neighboring access points.

6. 6.

   Mobility Static nodes (fixed ICU beds).

These settings reflect typical hospital environments and allow evaluation under realistic network stress.

Fig. 16

Initializing network setup with OMNeT++.

Simulation workflow

The simulation workflow emulates a real-world ICU monitoring pipeline:

1. 1.

   Data Acquisition Vital signs are generated and stored on the simulated ESP32 node.

2. 2.

   TinyML Inference The Decision Tree model classifies the patient’s health status.

3. 3.

   PQC Encryption Kyber 512 encrypts the classification result using liboqs.

4. 4.

   Wireless Transmission Encrypted data is sent to the central server via WiFi.

5. 5.

   Decryption and Visualization The server decrypts the data and updates the monitoring dashboard.

Fig. 17

Device flow diagram: TinyML inference and Kyber 512 encryption on ESP32 node OMNETPP.

Example workflow in OMNeT++

Figure 18 illustrates the overall system workflow implemented in the OMNeT++ simulation environment. It demonstrates the full pipeline from on-device inference to secure transmission and centralized monitoring. The Fig. 17 shows node level flow diagram implemented in omnetpp.

Fig. 18

Example workflow of the OMNeT++ simulation.

This workflow includes:

1. 1.

   Feature extraction and preprocessing.

2. 2.

   Real-time inference using the TinyML model.

3. 3.

   Secure data transmission using Kyber 512 (executed via liboqs).

4. 4.

   Centralized decryption and display of patient status.

The simulation demonstrated:

1. 1.

   Zero observed packet loss under simulated ICU network conditions.

2. 2.

   Very low end-to-end latency with a mean of 18.7 ms (maximum: 32.4 ms).

3. 3.

   Successful execution of Kyber 512 encryption and decryption in a networked environment.

These results validate the feasibility of integrating real PQC operations with edge-based AI in a simulated IoMT setting.

Comparative analysis: this study vs. other research papers

This section presents a comparative overview of our study in relation to existing research in IoT-based healthcare systems. Table 2 highlights how our work builds upon and extends prior efforts through the novel integration of TinyML, Post-Quantum Cryptography (PQC), and data fusion techniques tailored specifically for ICU monitoring.

Fig. 19

Model accuracy across datasets in OMNeT++ simulation.

Insights from testing and validation

The trained TinyML model was rigorously validated using external real-world datasets–specifically the PhysioNet Challenge 2019 dataset and the Human Vital Sign Dataset from Kaggle. These validations were also extended to the OMNeT++ simulation to assess system performance under realistic ICU-like conditions, as shown in Fig. 19.

The model achieved high accuracy across these datasets—98.5% on PhysioNet and 99.0% on Kaggle—demonstrating strong generalization capability. Furthermore, a small synthetic test set was created to simulate normal, critical, and outlier patient conditions, yielding consistent accuracy of 99.4%, reinforcing the robustness of our framework.

Key insights

1. 1.

   The synthetic ICU dataset effectively captures the variability and complexity of real-world ICU patient data.

2. 2.

   The Decision Tree TinyML model performs exceptionally well, making it ideal for deployment on resource-constrained IoT devices.

3. 3.

   Consistent performance across datasets confirms the reliability and adaptability of our approach.

4. 4.

   The integration of real Kyber 512 operations via liboqs demonstrates the feasibility of quantum-safe communication in edge-based IoMT systems.

These results validate the effectiveness of our proposed system and support its potential applicability in future real-world ICU monitoring setups, pending physical deployment and power consumption testing.

Conclusion

This work presents a secure edge-based framework for ICU monitoring integrating data fusion, TinyML, and postquantum cryptography (PQC). A decision tree-based TinyML model was developed and evaluated for real-time anomaly detection, achieving 99.4% accuracy with minimal computational overhead. While the model is designed for deployment on ESP32 microcontrollers, its execution—including inference and Kyber 512 encryption via the liboqs library—was simulated within the OMNeT++ environment.

End-to-end simulations demonstrated robust performance under realistic ICU network conditions, with zero observed packet loss and very low latency (mean: 18.7 ms). These results validate the feasibility of integrating lightweight AI and quantum-safe encryption in a simulated IoMT pipeline, paving the way for future secure edge healthcare systems.

Key contributions include:

1. 1.

   A synthetically generated and clinically validated ICU dataset, designed to support reproducible research on PQC-enhanced IoMT systems.

2. 2.

   A computationally efficient TinyML model optimized for resource-constrained edge devices, with demonstrated generalization across real-world datasets (PhysioNet: 98.5%, Kaggle: 99.0%).

3. 3.

   A simulation-based integration of Kyber 512 using liboqs, representing one of the first functional implementations of PQC in an IoMT monitoring context within OMNeT++.

4. 4.

   A scalable system architecture validated under simulated multi-node conditions, showing consistent performance with minimal latency.

Limitations include the focus on the core vital signs and the absence of physical deployment. The current validation is simulation-based; real-world testing on ESP32 hardware. Furthermore, while the synthetic data set was expert-validated, the integration of real patient data would further strengthen clinical applicability.

This framework advances intelligent healthcare systems to be not only responsive and efficient, but also resilient to future quantum threats, offering a foundational step toward secure, scalable, and intelligent ICU monitoring.

Future work

While this study demonstrates the feasibility of integrating Post-Quantum Cryptography (PQC), data fusion, and TinyML in edge-based IoMT systems through simulation, several important directions remain for future research.

First, expanding the synthetic ICU dataset to include advanced clinical parameters—such as lactate levels, arterial blood gases, and central venous pressure—will enhance model accuracy and clinical relevance, particularly for early detection of critical conditions like sepsis and metabolic disorders.

Second, real-world pilot deployments on physical ESP32 microcontrollers are essential to validate the system under real-time constraints. This includes measuring actual inference latency, energy consumption, and PQC execution overhead, which were modeled but not physically tested in this work. Integration with hospital IT infrastructure (e.g., HL7, FHIR) and evaluation by medical staff will further assess clinical usability and interoperability.

Third, hybrid cryptographic schemes—combining classical algorithms (e.g., ECC) with post-quantum ones (e.g., Kyber 512)—can ensure backward compatibility and facilitate a smooth transition to quantum-safe security, especially during the ongoing NIST standardization and adoption phase.

Finally, future work will explore the co-design of TinyML and PQC modules to minimize their combined computational footprint, enabling seamless, secure, and real-time inference on resource-constrained devices.

Together, these research directions aim to advance intelligent IoMT systems from simulation to clinical reality, paving the way for secure, scalable, and trustworthy deployment in next-generation healthcare environments.