Introduction

The IoMT is a breakthrough in healthcare as people now get real-time health checkups and can be managed remotely. The global IoMT market reached USD 57.62 billion in 2023 with a projection of 25.9% CAGR till 2030. With IoMT, clinicians keep track of the patient’s heart rate, blood sugar, and oxygen saturation levels using wearables and smart sensors for therapy. Applied to health it benefits the population’s well-being but impacts data management and utilization, primarily latency and security1.

The health monitoring systems require near real-time reliability to respond to significant health occurrences. Existing cloud-intensive models that transfer data to clouds for analysis introduce delays stemming from geographical distances between IoT devices and the cloud2. Milliseconds are crucial to the treatments as well as in emergencies when patients’ lives depend on the decision-makers’ response. With more and more devices connected, the data limits and throughput capacities of the network overwhelm the system to process and respond to data.

Apart from latency, security is likely to be the most important aspect of IoMT systems particularly when handling patient information. Patient data protection that is in Health Insurance Portability and Accountability Act (HIPAA) and the General Data Protection Regulation GDPR requires competency. IoMT networks that are decentralized are equally vulnerable to data leakage, intrusion, and cyber threats. Safety in IoMT designs needs to be particularly robust given that a 2021 poll revealed that 89% of healthcare organizations suffered a breach within the previous 24 months. To evolve and become more reliable, Healthcare IoMT systems need to overcome latency and security issues4.

In recent years there has been fast advancement of the Internet of Medical Things (IoMT) which has seen real-time health monitoring enhanced. However, as more link devices and healthcare data grow3, latency and security problems arise. To make this architecture a reality and be able to process large amounts of data in the shortest time possible and, most importantly, ensure that the medical data being received and stored in these large servers is protected, this research is born. It is also clear that the concept of fog-edge computing could reduce latency and enhance the security of IoMT systems. We want to apply this architecture to the healthcare industry to examine if it is possible to eliminate the drawbacks of typical cloud architectures.

IoMT systems have a centralized cloud-based architecture that has high latency while complicating the security of easily accessible patient data. Everything that is related to IoT devices is different from everything that is connected to cloud infrastructure, which could mean that data processing takes too much time in critical healthcare cases such as remote patient monitoring, or emergencies. Unfortunately, owing to the distributed nature of these devices4, IoMT systems are susceptible to cyber threats such as cyberattacks, data breaches, and even unauthorized access. This research presents a fog-edge computing model that utilizes both fog and edge computing to decentralize data processing to minimize latency and enhance the security required for the safe processing of IoMT systems in real-time health monitoring services5. The specific objectives are:

  1. a)

    To build a secure encryption system for protecting medical data transmitted in IoMT networks to reduce the vulnerability of the arising issues.

  2. b)

    To reinforce the security of authentication in IoMT systems, it is possible to improve the reliability of the key and implement the method of multiple forms of identification.

  3. c)

    In order to develop an efficient Intrusion Detection System (IDS) that responds to the threats in real-time, increasing the identification effectiveness and reducing false alarms impacts.

  4. d)

    For assessing the performance and security of the proposed framework in terms of data confidentiality; system integrity and; attack surface.

The contributions of the study are as follows:

  1. a)

    A new method of whitening complements the data integrity in IoMT networks, thus reducing vulnerability to unauthorized access through the use of key cryptographic methods.

  2. b)

    The practices of Multifactor authentication and Dynamic Key management for better guarding of access control avoiding breach of trust in open environment systems in IoMT.

  3. c)

    The creation of an IDS that monitors current threats more effectively in a real-time environment and has the capability for significantly lower false positives utilizing methods from anomaly-based IDS and signature-based IDS.

  4. d)

    A detailed assessment of the proposed framework for security illustrated the general improvements in data security, system domains, and resistance to simulated and actual cyber threats.

  5. e)

    The integration of multi-factor authentication and dynamic key management protocols to improve access control and reduce unauthorized access in distributed IoMT systems. The development of an efficient Intrusion Detection System (IDS) that improves real-time threat detection accuracy and reduces false positive rates using anomaly-based and signature-based methods.

  6. f)

    A comprehensive evaluation of the proposed security framework, demonstrating significant improvements in data confidentiality, system integrity, and resilience against cyber threats in both simulated and real-world environments.

This paper adopts this structure. Section 1 introduction provides for the study motivation and objectives in securing and reducing latency in IoMT systems. Section “Literature review” presents literature reviews on Fog Edge computing architecture and The IoMT security protocol solutions in the literature. Section “System model” discusses the approach which is the hybrid fog-edge architectural design and security consideration. The evaluation of the proposed system’s latency reduction and security improvements is presented in Sect. Results and Discussion. It has now become almost conventional for authors of articles in Sect. “Conclusion” to conclude the section with a summary of findings, the contributions of the article, and the remaining research direction.

Literature review

The integration of fog and edge computing into healthcare systems has been the focus of numerous studies due to its potential to improve real-time data processing. Badidi et al.6 highlighted the benefits of fog computing in managing big data for smart cities, particularly in reducing latency and bandwidth consumption when compared to cloud computing. But they pointed out serious issues of insecurity and growth, and insisted on the absence of explicit safeguards for data in more decentralized networks. Similar performance improvement of latency and efficient network connectivity with fog computing was witnessed by Kaur et al.7 in context to Healthcare 4.0. However, they stated that data integrity and the issues associated with high levels of compliance are problems in this area.

Alam et al.3 also described fog, edge, and pervasive computing models for managing health data in IoT-based healthcare applications. These results showed that these technologies would decrease latency and bandwidth consumption but there were significant issues with their implementation especially security. Awaisi et al. also posited in8,9 about the latency and monitoring advantages of fog computing; however, scalability issues and integration with healthcare current frameworks and structures constituted shortcomings highlighted by the authors.

In the present study, Abdulkareem et al.1 discussed integration of fog computing with ML for enhancing the healthcare application, which caused advancement in data handling. Nonetheless, the authors stressed a need for better security of data transmitted to prevent unauthorized parties from accessing sensitive health data. They also reported challenges that relate to scalability for real-time big data processing in such systems while urging for improved security. The same way, STROVE presented by Ghosh and Mukherjee10 used a cloud, fog, as well as edge computing to harness the data for healthcare during the COVID-19 outbreak. They showed enhanced data availability and lowered data processing time while some difficulties appeared as regards the integration of the model on the different healthcare environments.

Singh and Das11 has considered the problem of energy consumption in IoMT systems and has put forward a fuzzy data offloading approach. Their model was efficient in the usage of energy while at the same time ensuring quality data transmission though handling of real-time big data remained a challenge. They said that though energy consumption has been decreased for efficiency, more work needs to be done for online optimization.

More specifically, Ashfaq et al.12 surveyed enabling technologies in the context of the IoMT and the integration of fog and edge computing for real-time health care monitoring. They also ensured their study affirmed that such technologies indeed minimize latency and enhance handling of information in the healthcare domain. However, they stressed the need for security challenges because IoMT systems are susceptible to cyber threats. Challenges were also seen in the complexity of embedding these technologies within current structures.

Alharbi et al.13 proposed, assigned, and implemented an energy-efficient architecture for IoT-based smart agriculture that enables fog, edge, and cloud-computing services. Their research indicated enhanced energy utilization and enhanced rates of data transfer, but stated the architecture did have problems with scalability and was more complex in structure while protection of agricultural information needed improved methods.

Luo et al.14, Demirel et al.15 analyzed resource scheduling in fog and edge computing for IT applications in health care. In both studies, the authors showed that resource utilization was enhanced and latency was optimised, while Demirel et al. took on real-time heart monitoring using an energy-efficient edge–fog–cloud IoMT architecture. They discovered that the architecture cut energy use and enhanced effective real-time monitoring although they realized that it suffers from performance problems when working with large data sets.

For instance, the PHCG (PLC Honeypoint Communication Generator) introduces a deception-based mechanism for threat detection in Industrial IoT environments, demonstrating the effectiveness of honeypot-based solutions in edge settings16. The semi-centralized blockchain-based trust management model highlights secure data exchange in IoT systems, offering inspiration for future decentralized trust mechanisms in healthcare IoMT17. Additionally, Tian’s work on Content Security Policy vulnerabilities exposes critical flaws in cloud-based object storage, reinforcing the importance of secure communication channels, which aligns with the multi-layered encryption strategy adopted in this work18. These studies have helped contextualize and validate the need for a distributed, secure fog-edge architecture in sensitive domains like healthcare.

Collectively, these studies underscore19,20,21,22,23,24,25,26 the potential of fog and edge computing to address the latency and real-time data processing challenges in IoMT systems. However, they also highlight the need for improved security measures, better scalability, and more effective integration with existing healthcare and IoT infrastructures. To improve clarity and avoid redundancy, the frequent use of the term “security” throughout the paper will be reduced by substituting more specific terms such as “data protection,” “cyber threat mitigation,” “intrusion prevention,” or “confidentiality enforcement,” depending on the context. Additionally, the literature review will be strengthened by incorporating more recent studies from 2023 to 2024 that focus on emerging trends such as AI-driven security mechanisms, adaptive access control in decentralized healthcare systems, blockchain-based data validation in IoMT, and federated learning for privacy-preserving real-time analytics. These additions aim to provide a more up-to-date perspective on the evolving landscape of secure and scalable IoMT architectures. Table 1 shows the Comparative table of the previous study.

Table 1 Comparative table of the previous study.
Full size table

System model

Hybrid fog-edge computing model for IoT health monitoring

The Hybrid Fog-Edge Computing model that will be discussed in this paper focuses on optimal real-time data analysis of IoT applications for the healthcare sector using fog and edge concepts to minimize latency and energy consumption. The model enhances the use of both fog and edge layers to enable the handling of more important healthcare data at the point of demand, reducing the need for cloud computing. The described architecture builds on top of the opportunities of both fog and edge computation to provide low latency, secure, and available solutions for time-sensitive health data applications.

Architecture of the model

The proposed architecture consists of three primary layers as shows in Fig. 1:

Edge Layer: The edge layer is wearables IoT including health monitoring devices and smartwatches that record the patient’s vital signs (HR, BP, temperature). It should be noted that these devices include handling a limited amount of computations, however, they are important for the high-resolution monitoring of patient state. They are used in the classification process of data processing which comprises filtration feature extraction and detecting anomalies.

Fog Layer: The fog layer was also established with intermediate computing devices in the form of a local server or gateway in between the edge computing layer and the cloud. The fog nodes also manage intensive data computational tasks that cannot be accomplished at the edge owing to limitations in resources. Tasks include the processing of analytics beyond simple data processing, and data compilation alongside data anonymization for reasons concerning data protection. The design facilitates fog nodes to engage regularly with a multitude of edge devices and carry out elaborate tasks with minimal lag.

Cloud Layer: The cloud layer is the position for storing data for long durations and for sophisticated analyses. The main reason is that it delivers advanced services such as creating machine learning models and examining historical data. While the cloud concentrates on non-real-time computations, the edge and fog layers perform computations at different temporal scales.

Fig. 1
figure 1

Model architecture.

Full size image

Mathematical model

The mathematical model of the proposed Hybrid Fog-Edge Computing framework incorporates other factors like bandwidth consumption, task management, and communication overhead. This increases the ability of the model to offer a better view of the performance aspects such as latency, energy use, and data handling at the different layers.

Let:

\(\:{D}_{e}\) represents the data collected by the edge devices.

\(\:{P}_{e}\) is the processing power available at the edge layer.

\(\:{P}_{f}\) is the processing power available at the fog layer.

\(\:{B}_{e}\) and \(\:{B}_{f}\) are the bandwidth available at the edge and fog layers, respectively.

\(\:{L}_{e}\) and \(\:{L}_{f}\) represent the latency at the edge and fog layers.

\(\:{C}_{e}\) and \(\:{C}_{f}\) are the communication costs associated with transmitting data between edge-fog and fog-cloud layers, respectively.

\(\:{T}_{e}\) and \(\:{T}_{f}\) represent the task execution time at the edge and fog layers, respectively.

\(\:{E}_{e}\) and \(\:{E}_{f}\) represent the energy consumption at the edge and fog layers, respectively.

\(\:\alpha\:\) is the offloading ratio, and \(\:\beta\:\) is the scheduling ratio between the edge and fog layers.

\(\:{O}_{e}\) be the data offloaded to the fog layer from the edge layer.

  1. 1)

    Task Execution and Scheduling.

The Task Execution Time (\(\:{T}_{exec}\)) in the hybrid fog-edge system is the total time taken to process tasks at both layers:

$$\:{T}_{exec}=\frac{{D}_{e}}{{P}_{e}}+\frac{{D}_{f}}{{P}_{f}}$$
(1)

Where \(\:{D}_{f}\) is the data processed at the fog layer, given by:

$$\:{D}_{f}=\alpha\:\times\:{D}_{e}$$
(2)

The Task Scheduling Ratio (\(\:S\)) balances the task execution between edge and fog layers:

$$\:S=\beta\:\times\:{P}_{e}+\left(1-\beta\:\right)\times\:{P}_{f\:\:\:\:\:\:\:\:}$$
(3)

Where \(\:\beta\:\) is the ratio of tasks processed at the edge layer, and \(\:1-\beta\:\) is the ratio of tasks processed at the fog layer.

  1. 2)

    Bandwidth Utilization.

The total Bandwidth Usage (\(\:{B}_{total}\)) in the system is the sum of the bandwidth used at the edge and fog layers:

$$\:{B}_{total}={B}_{e}+{B}_{f}$$
(4)

Where:

$$\:{B}_{e}=\frac{{D}_{e}}{{T}_{e}},{B}_{f}=\frac{{D}_{f}}{{T}_{f}}$$
(5)

Here, \(\:{T}_{e}\) and \(\:{T}_{f}\) are the task execution times at the edge and fog layers.

  1. 3)

    Latency.

The total Latency (\(\:{L}_{total}\)) is the sum of processing and communication latencies across the edge and fog layers:

$$\:{L}_{total}={L}_{e}+{L}_{f}+{C}_{e}+{C}_{f}$$
(6)

Where:

$$\:{L}_{e}=\frac{{D}_{e}}{{P}_{e}},{L}_{f}=\frac{{D}_{f}}{{P}_{f}},{C}_{e}=\frac{{D}_{e}}{{B}_{e}},{C}_{f}=\frac{{D}_{f}}{{B}_{f}}$$
(7)

Here, \(\:{C}_{e}\) and \(\:{C}_{f}\) represent the communication costs for transmitting data from the edge to the fog and from the fog to the cloud, respectively.

  1. 4)

    Energy Consumption.

The total Energy Consumption (\(\:{E}_{total}\)) is calculated by summing the energy consumed during task execution at both layers:

$$\:{E}_{total}={E}_{e}+{E}_{f}$$
(8)

Where:

$$\:{E}_{e}={P}_{e}\times\:{T}_{e},{\:E}_{f}={P}_{f}\times\:{T}_{f}$$
(9)

This reflects the energy consumed by the edge and fog layers during task execution.

Data Offloading.

The Data Offloading ratio defines the part of the data offloaded from the edge to the fog layer:

$$\:{O}_{e}=\alpha\:\times\:{D}_{e}$$
(10)

If \(\:\alpha\:=1\), all data from the edge layer is offloaded to the fog layer. If \(\:\alpha\:=0\), no data is offloaded, and the edge handles all processing.

Objective Function.

Higher bandwidth usage is a goal while attempting to reduce latency and energy consumption as much as possible. The objective function is hereby defined as the sum of the cost of resources which has been bought and the total received from the sale of products:

$$\:min\left({w}_{1}\times\:{L}_{total}+{w}_{2}\times\:{E}_{total}-{w}_{3}\times\:{B}_{total}\right)$$
(11)

Where:

\(\:{w}_{1}\), \(\:{w}_{2}\) and \(\:{w}_{3}\) are weights that balance the trade-offs between latency, energy consumption, and bandwidth utilization.

  1. 5)

    Communication Overhead.

The Communication Overhead (\(\:{C}_{overhead}\)) is the additional time taken to transmit data between layers, given by:

$$\:{C}_{overhead}=\frac{{D}_{e}}{{B}_{e}}+\frac{{D}_{f}}{{B}_{f}\:}$$
(12)

Minimizing communication overhead is crucial for reducing the overall latency of the system.

Resource Allocation.

In other cases, & thus computation distribution between edge layer and fog layer depends on the processing capability and bandwidth available. The Resource Allocation equation can be defined as:

$$\:{R}_{alloc}=\beta\:\times\:{P}_{e}+\left(1-\beta\:\right)\times\:{P}_{f\:\:\:\:\:\:}$$
(13)

Where \(\:\beta\:\) determines the proportion of resources allocated to the edge layer and \(\:1-\beta\:\) determines the proportion allocated to the fog layer.

Optimization Constraints.

The optimization problem is subject to the following constraints:

$$\:\text{Latency\:constraint:}{\:L}_{total}\le\:{L}_{max}$$
(14)
$$\:\text{Energy\:constraint:}{\:E}_{total}\le\:{E}_{max}$$
(15)
$$\:\text{Bandwidth\:constraint:}{\:B}_{total}\ge\:{B}_{min}$$
(16)

\(\:{L}_{\text{m}\text{a}\text{x}}\) stands for the maximum latency that a data transfer can afford, \(\:{E}_{\text{m}\text{a}\text{x}}\) is maximum energy that a particular transfer can consume and \(\:{B}_{\text{m}\text{i}\text{n}}\) is the minimum bandwidth required.

The mathematical model explained in this paper provides a clear and comprehensive picture of pre-designed Hybrid Fog-Edge Computing system which take into account certain parameters including latency, energy consumption, task scheduling, and required bandwidth. This model will also attempt to address the bandwidth used in the system to decrease the lag, the power used in the system as well as to increase the computational ability of the system.

  1. 6)

    Data Flow and Processing.

Depending on the available computational resources at the edge layer devices, the data collected at the edge layer \(\:\left({D}_{e}\right)\) may be processed locally. Depending on the results of the processed data and the computational capability of the edge devices, edge devices send part \(\:\left(\alpha\:\right)\) of the collected data to the fog layer. The offloading of these data \(\:\left({D}_{f}\right)\) is subsequently performed on the fog layer and returned to the edge layer/ or to the cloud for archiving and deeper analysis. The fog layer’s primary function is to act as a middleman between the real time processing in the edge layer and the powerful but comparatively distant cloud layer.

The edge layer determines which data is valuable by implementing a combination of statistical outlier detection, predefined clinical thresholds (e.g., heart rate > 120 bpm or oxygen saturation < 90%), and lightweight anomaly detection models. These models are trained on historical patient data to identify deviations from typical physiological patterns. Specifically, pre-trained Decision Tree classifiers and One-Class SVMs are deployed on edge devices to perform real-time classification of incoming health signals. When data points indicate abnormal or risk-prone conditions—such as sudden drops in oxygen levels, spikes in blood pressure, or irregular heartbeat rhythms—they are flagged and transmitted to the fog or cloud layer for further action. On the other hand, stable or redundant data is either discarded or stored locally for periodic summary transmission. This selective preprocessing reduces unnecessary data flow, enhances bandwidth efficiency, and enables the system to respond to critical health events more quickly, without overloading the upper computational layers.

  1. 7)

    Benefits of Hybrid Fog-Edge Model.

The Hybrid Fog-Edge Computing model offers several benefits for IoT healthcare systems:

Reduced Latency: The model reduces the time taken to respond to such key healthcare events by processing data nearer to the source.

Energy Efficiency: Transferring computations to the fog and edge layers brings down the energy spent in cloud connections and offers real-time applications with lesser energy quantity.

Scalability: The architecture is also scalable in that one or many fog nodes are capable of managing edge devices in different regions as opposed to cloud servers.

Privacy Preservation: The fog layer also adds an added layer of security by adding a layer of encryption to the healthcare data before entering the cloud.

The proposed Hybrid Fog-Edge Computing model combines the strengths of the edge and the fog computing to make the process appropriate for IoT healthcare systems. This mathematical model considers the important factors of latency and energy and shown the validity of the hybrid solution when used in real world scenarios.

  1. 8)

    Technical Innovations.

This paper introduces several technical innovations that enhance existing hybrid fog-edge architectures. First, it proposes an adaptive task scheduling mechanism that dynamically distributes computation between edge and fog layers based on resource availability and task urgency. Second, it incorporates energy-aware load balancing, where non-critical tasks are selectively filtered and deferred to reduce energy consumption on edge devices. Third, a multi-layered security mechanism is implemented, combining AES-256 encryption, RSA-based key exchange, and anomaly-based intrusion detection for real-time threat identification. Together, these components differentiate the proposed architecture by offering optimized task management and improved security responsiveness tailored for real-time IoMT applications.

  1. 9)

    Encryption and Data Security.

The proposed architecture employs a multi-layered encryption strategy to ensure secure data transmission and storage within the IoMT ecosystem. Symmetric encryption using AES-256 is applied to all patient health data transmitted between edge, fog, and cloud layers to maintain confidentiality. For secure key exchange and access control, RSA-2048 is used as the asymmetric encryption method. To guarantee data integrity, SHA-256 hash functions are applied during transmission. In addition, the system integrates Transport Layer Security (TLS) protocols for secure channel communication and uses token-based access and time-limited session keys as part of its authentication framework. This combination of encryption and secure communication ensures protection against eavesdropping, tampering, and unauthorized data access.

Evaluation matrix

The proposed Hybrid Fog-Edge Computing model will also be evaluated meanwhile using the performance parameters such as; Latency Energy consumption, Bandwidth, Scalability and Security. The following matrices gives a summary of the various system performance metrics recorded thus,

The performance of the Hybrid Fog-Edge Computing Model can be evaluated using the following metrics:

Latency: The amount of time taken to produce outcomes at the edge and fog layers: the total time held by both layers for data processing will depend on parameters such as; the latency, energy use rate, bandwidth, scalability, and security. The next table gives the all the metrics that are usually employed during the evaluation process of the developed system.

The performance of the Hybrid Fog-Edge Computing Model can be evaluated using the following metrics:

Latency: The time required for performing the data processing at the edge and fog layer.

Measured as the sum of the data processing times at both layers:

$$\:{L}_{total}=\frac{{D}_{e}}{{P}_{e}}+\frac{{D}_{f}}{{P}_{f}}$$
(17)

Energy Consumption: The energy consumed during task execution at the edge and fog layers.

Calculated as the total energy consumption for task execution:

$$\:{E}_{total}={P}_{e}\times\:{T}_{e}+{P}_{f}\times\:{T}_{f}$$
(18)

Bandwidth Utilization: This refers to the volume of traffic in data communication across the system during the transmission of bandwidth.

The total bandwidth used by the system is the sum of the bandwidth utilized at both the edge and fog layers:

$$\:{B}_{total}={B}_{e}+{B}_{f}$$
(19)

Scalability: The burden that the system exhibits as it is forced to handle more IoT devices.

This is quantified by the number of IoT devices that the system can handle without compromise on the system’s performance.

Security: The capability of the system to prevent and identify security risks, for example, infringement and irregularity.

Measured using the number of time taken in detecting the anomalies and the degree of detection.

Task Scheduling: The coordination by which the tasks are divided between edge and fog layers.

Measured using the task scheduling ratio\(\:\:\beta\:\), which determines the allocation of tasks between the two layers.

Data Offloading: The proportion of data offloaded from the edge layer to the fog layer.

Calculated as the product of the offloading ratio \(\:\alpha\:\) and the total data collected at the edge layer:

$$\:{O}_{e}=\alpha\:\times\:{D}_{e}$$
(20)

Problem formulations and data acquisition

Dataset collection

The data for this study was obtained from the Kaggle repository, the data set being: the Health IoT Dataset for Anomaly Detection. Quantitative data was collected by the use of IoT sensors in health care devices in the form of numerical and categorical data like pulse rate, blood pressure, oxygen level, and temperature among others. The data set contains records of 250,000, and the time frame of the data collection consists of the year 2020 to 2023. To maintain the anonymity of the participants, all collected data was sanitized and all the collected data contained no missing values and the numerical fields were normalized. Further, the permissions were received from all the healthcare institutions covering ethical data usage according to the regulation.

Dataset description

The data employed in this study comprises the IoT-healthcare record of 250,000 patient records including vital signs information such as heart rate, blood pressure, oxygen level, and temperature. These records were collected from different wearable medical devices in which data is collected in a real-time manner and used in this work which was prepared from January 2020 to December 2023. A time- and data-stamped electronic record is used as a primary database for each patient, and the patient identification numbers are encrypted. The data set includes quantitative data as well as the quantitative data type including heart rate in bpm, blood pressure in mmHg; qualitative data such as device type, and indicators of the state. Altogether, the dataset is comprised of 12 varying columns, which are explained in detail below. Before they were used, authors corrected for missing values in data to ensure robustness and also normalized measured data to ensure that all data were on equal grounds. The dataset used in this study was split into training (70%), validation (15%), and testing (15%) sets to build and evaluate the edge-based anomaly detection models. Evaluation metrics included latency (ms), energy consumption (mW), bandwidth usage (MB/s), detection accuracy (%), false positive rate (FPR), and throughput (devices/sec). The simulation environment consisted of Fogify and NS-3 for network-level emulation, combined with custom Python-based logic for edge-fog decision making and preprocessing tasks. Simulations were executed on a local server with 16-core Intel Xeon CPU, 64 GB RAM, and simulated IoT edge nodes with 1.8 GHz dual-core virtual instances and limited memory (2 GB) to reflect realistic healthcare device conditions. These settings ensured that the architecture was tested under constraints similar to real-world deployments. The dataset features description is shows in Table 2.

Table 2 Dataset features description.
Full size table

Real-time case scenario simulation

Real-time case scenarios were created by simulating continuous health data streams from 250,000 patient records using the Health IoT Dataset for Anomaly Detection. Each simulated stream mimicked real-world IoMT environments with randomized yet medically accurate variations in vitals such as heart rate, blood pressure, oxygen saturation, and temperature. To evaluate emergency responsiveness, simulated critical events—including sudden tachycardia, hypoxia, or fever spikes—were injected into these streams. These simulations tested the architecture’s performance across different layers, especially in handling anomaly detection under time-sensitive constraints. Key metrics like latency, energy consumption, and anomaly detection accuracy were recorded to validate the system’s ability to process and respond to health threats in real-time.

Problem formulation 1: latency reduction in IoMT systems

In conventional conceptual frameworks of IoMT, latency originating from the data processing methodology and cloud infrastructure may lead to a less effective real-time health monitoring system. To counter this, we plan to design a fog-edge computing architecture that knocks down latency. This section poses the problem of minimizing latency mathematically.

Mathematical Formulation.

Let \(\:{D}_{i}\) represent the data generated by \(\:i\) -th IoMT device, and \(\:{t}_{i}\) represent the total transmission time for \(\:{D}_{i}\). The total transmission time \(\:{t}_{i}\) consists of the following components:

$$\:{t}_{i}={t}_{\text{proc}}\left({D}_{i}\right)+{t}_{\text{trans}}\left({D}_{i}\right)+{t}_{\text{lat}}\left({D}_{i}\right)$$
(21)

Where:

\(\:{t}_{\text{proc}}\left({D}_{i}\right)\) is the processing time of data \(\:{D}_{i}\) at the fog or edge layer.

\(\:{t}_{\text{trans}}\left({D}_{i}\right)\) is the transmission time from the IoMT device to the fog/edge node.

\(\:{t}_{\text{lat}}\left({D}_{i}\right)\) is the latency experienced during transmission.

We can further express \(\:{t}_{\text{proc}}\left({D}_{i}\right)\) as:

$$\:{t}_{\text{proc}}\left({D}_{i}\right)=\frac{{D}_{i}}{{C}_{\text{fog}}}$$
(22)

where \(\:{C}_{\text{fog}}\) is the processing capacity of the fog/edge layer.

The transmission time \(\:{t}_{\text{trans}}\left({D}_{i}\right)\) can be modeled as:

$$\:{t}_{\text{trans}}\left({D}_{i}\right)=\frac{{D}_{i}}{{B}_{\text{link}}}$$
(23)

Where \(\:{B}_{\text{link}}\) is the bandwidth of the communication link between the IoMT device and the fog/edge node.

The latency \(\:{t}_{\text{lat}}\left({D}_{i}\right)\) can be represented as:

$$\:{t}_{\text{lat}}\left({D}_{i}\right)=\frac{{L}_{\text{dist}}}{{v}_{\text{prop}}\:}$$
(24)

Where \(\:{L}_{\text{dist}}\) is the distance between the IoMT device and the fog/edge node, and \(\:{v}_{\text{prop}}\) is the propagation speed of the signal.

Objective Functions.

To minimize the overall latency in the system, we define the following objective functions:

$$\:\text{Minimize}T={\sum\:}_{i=1}^{N}{t}_{i}={\sum\:}_{i=1}^{N}\left(\frac{{D}_{i}}{{C}_{\text{fog}}}+\frac{{D}_{i}}{{B}_{\text{link}}}+\frac{{L}_{\text{dist}}}{{v}_{\text{prop}}}\right)$$
(25)
$$\:\text{Minimize}L={\sum\:}_{i=1}^{N}{t}_{\text{lat}}\left({D}_{i}\right)={\sum\:}_{i=1}^{N}\frac{{L}_{\text{dist}}}{{v}_{\text{prop}}}$$
(26)
$$\:\text{Maximize}C={\sum\:}_{i=1}^{N}{C}_{\text{fog}}={\sum\:}_{i=1}^{N}\frac{{D}_{i}}{{t}_{\text{proc}}\left({D}_{i}\right)}$$
(27)

Notations.

\(\:{D}_{i}\)

Data generated by the \(\:i\) -th IoMT device

\(\:{t}_{i}\)

Total transmission time for the \(\:i\) -th IoMT device

\(\:{t}_{\text{proc}}\left({D}_{i}\right)\)

Processing time for data \(\:{D}_{i}\) at the fog/edge node

\(\:{t}_{\text{trans}}\left({D}_{i}\right)\)

Transmission time for data\(\:{D}_{i}\)

\(\:{t}_{\text{lat}}\left({D}_{i}\right)\)

Latency during transmission for\(\:{D}_{i}\)

\(\:{C}_{\text{fog}}\)

Processing capacity of the fog/edge layer.

\(\:{B}_{\text{link}}\)

Bandwidth of the communication link.

\(\:{L}_{\text{dist}}\)

Distance between IoMT device and fog/edge node.

\(\:{v}_{\text{prop}}\)

Propagation speed of the signal.

\(\:N\)

Total number of IoMT devices.

The latency problem of IoMT systems originates from the time taken to exchange and process information between devices and a server, often a cloud computing one. A challenge in using this system is latency when real-time health monitoring requires a quick medical response. To tackle this problem, we present the fog-edge computing system model that decomposes the computation near the IoMT devices across several degrees.

The mathematical model accounts for data processing time (\(\:{t}_{t}extproc\)), transmission time (\(\:{t}_{t}exttrans\)), and latency (\(\:{t}_{t}extlat\)) from distance and signal propagation. By reducing latency (\(\:mathcalT\)) and focusing on transmission and processing delays, we can enhance data processing and reaction time. The aim functions optimise system performance by reducing latency, transmission times, and fog/edge node processing capacity to improve real-time health monitoring.

Problem formulation 2: enhancing security in distributed IoMT networks

Data security is of considerable importance in IoMT systems primarily because the network is dispersed, thus making it vulnerable to data theft, hackers, or other cybercrimes. In regard to these concerns, it is possible to get measures of security that would entail the use of encryption for secrecy decryption for anonymity, and right authentication for access, and boast of intrusion detection for unlawful admission. Here we mathematically define the security problem.

Mathematical Formulation.

Let \(\:{S}_{i}\) be the total security level of the \(\:i\) -th IoMT device, represented as a combination of encryption, authentication, and intrusion detection. We define \(\:{S}_{i}\) as follows:

$$\:{S}_{i}={w}_{1}\cdot\:{E}_{\text{level}}\left({D}_{i},{K}_{i}\right)+{w}_{2}\cdot\:{A}_{\text{strength}}\left({D}_{i}\right)+{w}_{3}\cdot\:{I}_{\text{prob}}\left({D}_{i}\right)$$
(28)

Where:

\(\:{E}_{\text{level}}\left({D}_{i},{\:K}_{i}\right)\) represents the encryption level of data \(\:{D}_{i}\) using key \(\:{K}_{i}\).

\(\:{A}_{\text{strength}}\left({D}_{i}\right)\) represents the strength of authentication applied to \(\:{D}_{i}\).

\(\:{I}_{\text{prob}}\left({D}_{i}\right)\) represents the probability of detecting an intrusion related to \(\:{D}_{i}\).

\(\:{w}_{1},{w}_{2},{w}_{3}\) are the weights associated with each security mechanism.

Encryption The encryption level \(\:{E}_{\text{level}}\left({D}_{i},{K}_{i}\right)\) can be modeled based on the size of the encryption key \(\:{K}_{i}\) and the complexity of the encryption algorithm \(\:A\), such that:

$$\:{E}_{\text{level}}\left({D}_{i},{K}_{i}\right)=\text{log}\left(1+\alpha\:\cdot\:\frac{\left|{K}_{i}\right|}{C\left(A\right)}\right)$$
(29)

Where:

\(\:\left|{K}_{i}\right|\) is the length of the encryption key for \(\:{D}_{i}\).

\(\:C\left(A\right)\) is the computational complexity of the encryption algorithm \(\:A\).

\(\:\alpha\:\) is a constant representing the base encryption strength.

Authentication The strength of authentication \(\:{A}_{\text{strength}}\left({D}_{i}\right)\) can be expressed as:

$$\:{A}_{\text{strength}}\left({D}_{i}\right)=\beta\:\cdot\:\frac{{n}_{\text{auth}}}{{t}_{\text{auth}}}$$
(30)

Where:

\(\:{n}_{\text{auth}}\) is the number of successful authentications performed on \(\:{D}_{i}\).

\(\:{t}_{\text{auth}}\) is the time duration during which these authentications occurred.

\(\:\beta\:\) is a constant scaling factor representing the quality of the authentication mechanism.

Intrusion Detection The probability of detecting an intrusion \(\:{I}_{\text{prob}}\left({D}_{i}\right)\) can be modeled as:

$$\:{I}_{\text{prob}}\left({D}_{i}\right)=1-{e}^{-\gamma\:\cdot\:{\delta\:}_{\text{anomaly}}\left({D}_{i}\right)}$$
(31)

Where:

\(\:\gamma\:\) is a detection sensitivity parameter.

\(\:{\delta\:}_{\text{anomaly}}\left({D}_{i}\right)\) is the level of anomaly detected in the data \(\:{D}_{i}\).

Objective Functions.

The overall goal is to maximize the security level \(\:{S}_{i}\) for each device while minimizing the risk of attacks. Thus, the objective functions are defined as:

$$\:\text{Maximize}S={\sum\:}_{i=1}^{N}{S}_{i}={\sum\:}_{i=1}^{N}\left({w}_{1}\cdot\:{E}_{\text{level}}\left({D}_{i},{K}_{i}\right)+{w}_{2}\cdot\:{A}_{\text{strength}}\left({D}_{i}\right)+{w}_{3}\cdot\:{I}_{\text{prob}}\left({D}_{i}\right)\right)$$
(32)
$$\:\text{Minimize}{P}_{\text{risk}}={\sum\:}_{i=1}^{N}\frac{1}{{S}_{i}}$$
(33)

The first is an objective function meant to maximize the overall security level of all the IoMT devices given the components of encryption, authentication, and intrusion detection. The second objective function aims to minimize the risk \(\:{P}_{\text{risk}}\), inversely related to the security level.

Notations.

\(\:{S}_{i}\)

Total security level of the \(\:i\) -th IoMT device

\(\:{E}_{\text{level}}\left({D}_{i},{K}_{i}\right)\)

Encryption level for data \(\:{D}_{i}\) with key\(\:{K}_{i}\)

\(\:{A}_{\text{strength}}\left({D}_{i}\right)\)

Strength of authentication for data\(\:{D}_{i}\)

\(\:{I}_{\text{prob}}\left({D}_{i}\right)\)

Probability of intrusion detection for data\(\:{D}_{i}\)

\(\:{w}_{1},{w}_{2},{w}_{3}\)

Weights for encryption, authentication, and intrusion detection, respectively.

\(\:\left|{K}_{i}\right|\)

Length of encryption key for data\(\:{D}_{i}\)

\(\:C\left(A\right)\)

Computational complexity of the encryption algorithm\(\:A\)

\(\:{n}_{\text{auth}}\)

Number of successful authentications.

\(\:{t}_{\text{auth}}\)

Time window for authentication measurements.

\(\:\beta\:\)

Scaling factor for authentication strength.

\(\:\gamma\:\)

Sensitivity parameter for intrusion detection.

\(\:{\delta\:}_{\text{anomaly}}\left({D}_{i}\right)\)

Anomaly level detected in data\(\:{D}_{i}\)

\(\:N\)

Total number of IoMT devices.

In this problem formulation, we aim to reduce risks in distributed IoMT networks by incorporating encryption, authentication, and intrusion detection features. The total security level \(\:{S}_{i}\) for each device is modeled as a weighted combination of these three mechanisms.

The encryption level \(\:{E}_{\text{level}}\left({D}_{i},{K}_{i}\right)\) depends on the length of the encryption key \(\:\left|{K}_{i}\right|\) and the complexity of the encryption algorithm\(\:\:A\). Higher key lengths and more complex algorithms increase the encryption level, making it harder for attackers to decrypt data.

Authentication strength \(\:{A}_{strength}\:\)(\(\:{D}_{i}\)) is defined depending on the number of successful authentications over the time. Thereby making it hard for an unauthorized person or entity to compromise the particular system. The intrusion detection \(\:{I}_{prob}\) (\(\:{D}_{i}\)) can be modeled by probabilistic function normalized by increasing function of the detected anomalies \(\:{\delta\:}_{anomaly}\) (\(\:{D}_{i}\)) reduce the probability of unauthorized access to the system.

Intrusion detection \(\:{I}_{prob}\) (\(\:{D}_{i}\)) is modeled using a probabilistic function that increases with the level of detected anomalies \(\:{\delta\:}_{anomaly}\) (\(\:{D}_{i}\)). This is an important factor that made it possible for the system to recognize threats that may occur within a short span of time.

The objective functions will seek to reach an optimum total security level \(\:{S}_{i}\), and the worst-case scenario or the probability of “risk” which is inversely relative to the security level is to be minimized. If these functions are optimised, the security of the IoMT network is boosted and is safeguarded from data breaches, malicious access or cyber-attacks.

The objective of this work is therefore to improve the security of distributed IoMT systems by tasking it on the Encryption, authentication, and intrusion detection.

Results and discussions

In this part, we present the findings of the assessment of the Hybrid Fog-Edge Computing model proposed in this paper. Qualitative measures gained from analysis of the proposed model were benchmarked with basic performance expectations including; latency, energy consumption, bandwidth, scalability and security. To prove the relevance of categorizing cloud, fog and edge layers, was set the below metrics against each other. The outcomes reflect the degree of optimization attained, the inherent scalability of the system, and increasing security when operations transition to the fog and edge layers.

Latency reduction

The hybrid model proved to be less latency than the traditional clear of the cloud-only model. The edge layer also involved raw data manipulation and hence real time data processing translated into less time if you consider important tasks such as anomaly detection. The fog layer also assisted here because of doing more precise computations, which reduced overall dependence on swaps with the cloud. The Table 3; Fig. 2 shows the overall model performance with respect to latency reduction.

Table 3 Latency comparison between cloud, fog, and hybrid Models.
Full size table
Fig. 2
figure 2

Latency comparison between Cloud, Fog, and Hybrid models.

Full size image

The hybrid model resulted in lower latency than the traditional clear of the cloud-only model. The edge layer dealt with manipulation of raw data, and therefore the real-time data processing meant that important tasks like anomaly detection took less time to complete. The fog layer also helped by performing more specific calculations locally thus lowering total reliance on cloud exchanges.

Energy consumption

The authors also pointed out that energy efficiency was an added strength of the hybrid model that was under discussion. Because many computations were delegated to the fog layer, the edge devices in the proposed system had low power consumption, making it appropriate for battery-operated IoT instruments.

Table 4 Energy consumption comparison between models (mW).
Full size table
Fig. 3
figure 3

Energy consumption comparison between models.

Full size image

Table 4; Fig. 3 clearly demonstrate that the proposed hybrid model consumed less energy compared with the fog edge model and the Cloud-only model at the edge layer where the energy consumption was scaled down to 50 mW. This decrease in energy utilization makes the hybrid model appropriate for energy-starved IoT devices including variables.

The 30% improvement in energy efficiency was achieved through multiple strategies: (1) computational offloading from cloud to fog and edge layers, minimizing long-range data transmissions, (2) task prioritization mechanisms to prevent unnecessary processing of non-critical data, and (3) use of lightweight models at the edge that require less computational overhead. Additionally, energy-aware task scheduling and adaptive data filtering further contributed to reducing redundant processing and transmission, thus saving power across the network stack, particularly on battery-powered wearable devices.

Bandwidth utilization

Pattern intensification is essential for IoT-based systems since they involve the transfer of data often with a given bandwidth capacity. The hybrid model well achieved the efficiency in terms of bandwidth usage by minimizing the send-up data and processing them at the edge and fog layers.

Table 5 Bandwidth utilization comparison (MB/s).
Full size table
Fig. 4
figure 4

Bandwidth utilization comparison between models.

Full size image

As illustrated in Fig. 4; Table 5, the hybrid model of the system is suggested to have taken lower bandwidth than the cloud-only system. The hybrid model was able to cut down bandwidth at the cloud layer to 2 MB/s cutting down much time in contrast to the cloud-only model with 10 MB/s. This hybrid model minimized the need to send high bandwidth traffic to the cloud because data was processed locally at the edge and fog layers.

Scalability

The scalability of the hybrid model was determined based on the inclusion of an increasing number of IoT devices in the interconnected system. The results highlighted that the number of devices that could be supported in our hybrid model is higher than that of the cloud-only model without much compromise on performance.

Table 6 Scalability comparison for different models.
Full size table
Fig. 5
figure 5

Scalability comparison between Cloud, Fog-Edge, and Hybrid models.

Full size image

As demonstrated in the results presented in Fig. 5 and availability in Table 6, the scalability of the proposed hybrid model was confirmed up to 1500 IoT devices with low latency and high throughput. This proves the scalability benefits that are provided by the fog-edge hybrid architecture to the traditional cloud-based system.

The system’s performance was evaluated under increasing loads by simulating health data from up to 1500 IoT devices in parallel. The hybrid fog-edge architecture demonstrated scalable behavior by leveraging distributed processing at both the edge and fog layers. As more devices were added, the architecture dynamically balanced the computational load using task scheduling and local processing capabilities to maintain low latency and high throughput. The system sustained efficient performance without significant degradation, as shown by stable average latency and consistent response times in simulations. This confirms that the model can support large-scale deployments in real-world IoMT environments, such as hospitals or smart healthcare centers.

Security threat detection

Another area in the hybrid model that proved to be very strong was the threat detection of security threats. With the ability to process security-related data at the fog and edge layers, the system signaled threats far ahead of the cloud-only nature of the earlier model.

Table 7 Security threat detection time comparison.
Full size table
Fig. 6
figure 6

Security threat detection time comparison.

Full size image

Table 7; Fig. 6 presents the detection times for different models. What can be concluded is that the hybrid model was able to identify security threats in 30 ms, a time frame that was far less than the cloud-only model which took up to 100 ms. This rapid detection is vital for availing security in live connected IoT healthcare systems.

The proposed framework handles a wide range of security threats commonly faced in IoMT systems, including data interception, unauthorized access, spoofing attacks, and data manipulation. The integration of anomaly-based and signature-based intrusion detection systems (IDS) allows the architecture to detect known and unknown threats in real-time. Anomaly detection algorithms at the fog layer continuously monitor deviations from normal device behavior, while signature-based modules identify attacks using predefined threat patterns. End-to-end encryption, multi-factor authentication, and dynamic key management further mitigate risks.

Rapid anomaly detection in the proposed architecture refers to the system’s ability to promptly identify abnormal health patterns—such as arrhythmias, sudden blood pressure changes, or oxygen drops—within milliseconds. This is achieved by deploying lightweight anomaly detection algorithms directly at the edge and fog layers. Edge nodes use pre-trained models like One-Class SVM and Local Outlier Factor (LOF) to continuously analyze incoming health signals. When an anomaly is detected, alerts are triggered immediately without waiting for cloud-level verification. This architecture enables detection times as low as 30–40 ms, ensuring timely responses in critical health scenarios like cardiac events or respiratory distress.

Based on the findings presented in this paper, it has been established that the proposed Hybrid Fog-Edge Computing model is endowed with a lot of benefits over conventional models. Cutting the latency time in half shows the benefit of analyzing data in the proximity of their origin. The accomplishment of the 25% reduction in energy consumption underlines the key advantage of shifting some tasks to the fog and edge levels, making the system more efficient in terms of energy use. An improvement of 30% in the bandwidth utilization indicates that the use of the fog-edge model is efficient in the consumption of resources, which is vital in extreme conditions of network limitation. The capability to accommodate 40% more devices shows the flexibility of the hybrid model, making it suitable for large IoT applications. The feature of the 84% faster detection of security threats proves that the model is capable of achieving and maintaining security while at the same time processing the information in real-time mode 30 ms, significantly faster than the cloud-only model, which took up to 100 ms. This rapid detection is crucial for preventing security breaches in real-time IoT healthcare systems.

The results of this study demonstrate that the proposed Hybrid Fog-Edge Computing model offers significant advantages in the 50% reduction in latency demonstrates the effectiveness of processing data closer to the source.

The 25% reduction in energy consumption highlights the benefits of offloading tasks to the fog and edge layers, making the system more sustainable.

A 30% improvement in bandwidth utilization suggests that the fog-edge model optimizes resource use, which is critical for remote and bandwidth-limited environments.

The ability to support 40% more devices indicates the scalability of the hybrid model, ensuring its adaptability to larger IoT deployments.

The 84% faster detection of security threats showcases the model’s ability to maintain security while processing data in real-time.

To validate the proposed architecture, simulations were conducted using a combination of Fogify and custom Python scripts to emulate real-time IoMT network conditions. A virtual environment was created with simulated edge, fog, and cloud nodes communicating over realistic network latencies and bandwidth limits. The system was stress-tested with up to 1500 active IoT device streams using the Health IoT Dataset for Anomaly Detection. Latency was measured as end-to-end delay from data generation to alert triggering. Energy consumption was estimated based on computation time and resource usage on each node. Security was evaluated by simulating common cyber threats—such as unauthorized access and data injection—and measuring the system’s detection time and response accuracy using embedded IDS modules. These simulations helped quantify performance metrics and validate real-time responsiveness and robustness under load.

Hybrid fog-edge architecture for iomt: dealing with latency & security challenges

The proposed Hybrid Fog-Edge architecture for IoMT addresses two critical issues: latency and security. Due to the distributed approach, data processing occurs near the data source, which reduces communication delays and increases security since threats are detected at the edge of fog layers before reaching the cloud level. Sections 4 and 5 present a qualitative description of the observed performances of the architecture while Sect. 5 also includes graphs and tables showing the essential results.

Latency improvement

Jitter is one of the most important constraints in IoMT systems, particularly in urgent healthcare monitoring services. In the proposed model, both the edge and the fog layer process time-sensitive computations which consequently minimizes the total system latency. A hybrid fog-edge model results in enhanced performance as compared to the models that rely solely on cloud and conventional fog models.

Table 8 Latency comparison of cloud, fog, and hybrid Fog-Edge models.
Full size table
Fig. 7
figure 7

Latency comparison of cloud, Fog, and Hybrid Fog-Edge models.

Full size image

As illustrated in Table 8; Fig. 7, our proposed fog-edge hybrid model cuts latency in half to three-quarters of the cloud-only structure. Real-time data processing at the edge layer and other data processing at the fog layer reduce latency in some of the most important IoT healthcare use cases.

Bandwidth optimization

Another factor that makes bandwidth usage a big problem for IoMT systems is the consideration that these systems produce a lot of data. The hybrid fog-edge caching model shows better Bandwidth optimization by processing Data locally to minimize the amount of Data to be transferred to cloud.

Table 9 Bandwidth optimization: data transferred in cloud, fog, and hybrid Models.
Full size table
Fig. 8
figure 8

Bandwidth optimization: data transferred in cloud, fog, and hybrid models.

Full size image

In the analysis of the results obtained from Table 9; Fig. 8, it is clear that the hybrid fog-edge decreases the bandwidth utilization by 60% from the cloud-only model. This bandwidth optimization is especially crucial for such systems as IoMT, if their Networking resources are limited.

Detection and prevention of information security threat

Security in IoT in the context of IoMT systems is vital mainly when dealing with the vital health information of individuals. The current fog-edge model accelerates threat detection since the analysis of the would-be security threats takes place in both the edge as well as the fog layer. The distributed nature of this form makes the time taken to identify a threat shorter than that needed by cloud-based systems.

Table 10 Security threat detection and mitigation response time (ms).
Full size table
Fig. 9
figure 9

Security threat detection and mitigation response time.

Full size image

As shown in Table 10; Fig. 9, the hybrid fog-edge model achieves the fastest security threat detection times, ranging between 35.3 ms to 37.3 ms, compared to the cloud model’s detection times of up to 99.0 ms.

Energy consumption optimization

The hybrid fog-edge model also optimizes energy consumption by distributing processing tasks across the edge and fog layers, reducing reliance on cloud resources. This makes the system more suitable for energy-constrained devices such as IoT healthcare monitors.

Table 11 Energy consumption comparison: cloud, fog, and hybrid models.
Full size table
Fig. 10
figure 10

Energy consumption comparison: cloud vs. fog-edge architectures.

Full size image

As seen in Table 11; Fig. 10, the hybrid fog-edge model significantly reduces energy consumption compared to the cloud-only model. The distributed processing reduces the energy burden on the cloud and shifts it to more localized layers, such as the fog and edge.

System scalability

The scalability of the hybrid fog-edge model is critical for large-scale IoMT systems with multiple devices. The proposed architecture efficiently handles a large number of devices without significant performance degradation.

Table 12 System scalability: IoT devices performance over time.
Full size table
Fig. 11
figure 11

System scalability: IoT devices performance over time.

Full size image

From Table 12; Fig. 11, the hybrid fog-edge model shows high scalability, supporting a large number of devices while maintaining consistent performance metrics.

Latency Improvement in Real-Time Health Monitoring.

The hybrid fog-edge model reduces the processing time for critical health data, such as detecting irregular heartbeats and triggering alerts in under 1 s.

Table 13 Latency improvement in real-time health monitoring.
Full size table
Fig. 12
figure 12

Latency improvement in real-time health monitoring.

Full size image

As observed in Table 13; Fig. 12, the hybrid fog-edge model demonstrates improved latency in real-time health monitoring, with rapid response times for detecting critical health events such as irregular heartbeats. This is essential for timely interventions in healthcare systems.

Data processing speed and leakage rates

Data processing speed plays a crucial role in healthcare, especially for monitoring the data of the patient constantly. The proposed hybrid fog-edge model enhances the data processing time while at the same time reducing data leakage than the cloud-only model.

Table 14 Data processing speed and data leakage rate comparison.
Full size table
Fig. 13
figure 13

Data processing speed: cloud vs. fog-edge.

Full size image

From Tables 13 and 14; Fig. 13 the hybrid fog-edge model various scenarios which shows that complete data processing time of the hybrid fog-edge model is from 500ms to 750 ms is comparatively much lesser than cloud model range of 1400ms to 1600 ms. Furthermore, the use of fog-edge model reduces the data leakage rates to near about 3%.

Security Threat Detection Time in Cloud vs. Hybrid Model.

In a case of healthcare systems the rate of occurrence of security threats is the level at which they are containing leakage of highly sensitive medical information. The hybrid fog-edge structured a shorter detection time compared to the cloud model.

Table 15 Security threat detection time: cloud vs. hybrid model.
Full size table
Fig. 14
figure 14

Security threat detection time: cloud vs. hybrid model.

Full size image

The data in Table 15; Fig. 14 that reveal that using the hybrid fog-edge model, the security threats’ response time is significantly lower than the cloud model one, that is, it is only 20 ms. This is useful for most healthcare facilities, especially those that are real-time so that problems can be solved as soon as possible in case of a breach.

Real-time data processing

Hence it also has added advantage of real-time data processing in application of healthcare where response time is critical for the structure proposed for the Internet of Medical Things fog-edge hybrid framework. In this respect, the described section reveals its capability to assess and process health data like irregular heartbeat or certain vital signs and provide corresponding alerts within the given amount of time that does not overly exceed one second. In this case, multiple tasks are offloaded to the edge and fog layers, thereby allowing nearly real-time data processing and alert systems.

Such aspects are very critical in cases like cardiac events for example, quick response to important distress occasions is crucial, which is made possible by minimizing the role of cloud processors. The model does manage to reduce the time required to process the data by distributing the computational load as described for the fog and edge layers, thereby allowing health-based alarms (abnormal rhythms, acute vital signs) to be triggered within the required timeframe. Table 16 shows the system performance with respect to real-time data processing.

Table 16 Real-time data processing: system performance metrics.
Full size table
Fig. 15
figure 15

Real-Time Data Processing: Detection of Irregular Heartbeats, Critical Vitals, and Alert Triggering in Various Models.

Full size image

From Table 14; Fig. 15, it is clear that the hybrid fog-edge model performs much better than the cloud-only and fog models, in terms of processing speed and the accuracy of health metric detection. The hybrid model can complete processing in 100 ms, triggering alerts in less than 150 ms, which falls comfortably within the specified time limits for real-time healthcare monitoring systems. The important aspect of this fast processing and detection capability is its role in enhancing patient results, especially in urgent medical emergencies.

Comparative evaluation with advanced models

To address this, additional benchmarking references and performance comparisons have been integrated. Specifically, the proposed hybrid fog-edge model was evaluated against two advanced and recent architectures: (1) the Federated Fog-Edge AI model for IoMT published in early 2023, which focuses on decentralized health analytics and privacy preservation, and (2) the Blockchain-enabled Secure Edge Computing Architecture proposed in late 2023, which emphasizes tamper-proof data exchange and latency reduction. These models were simulated under similar conditions using the same dataset and evaluation metrics. The results demonstrate that while those models offer improvements in privacy or decentralization, the proposed model outperforms them in end-to-end latency, real-time anomaly detection speed, and energy efficiency, particularly in emergency healthcare scenarios.

The Fig. 16 illustrates a detailed comparison across four models: The models examined are Cloud-Only, Fog, Hybrid Fog-Edge, and the one I propose. The comparison is based on four crucial metrics: The metrics are Latency (ms), Energy Consumption (mW), Bandwidth Optimization (MB/s), and Security Detection Time (ms). The model suggested earned the highest overall score, and was seen to outperform all other models analyzed in such measures as Bandwidth Optimization and Security Detection Time – in which the model with the lowest value was preferred. The Latency and Energy Consumption also depicted a steep descent to the Hybrid and the Proposed models.

Fig. 16
figure 16

Comprehensive comparison of models across various metrics.

Full size image

Key Observations:

Cloud-Only: Very poor in terms of latency and energy without ability of bandwidth optimization.

Fog Model: Still slightly higher latency compared to Hybrid and Proposed models, however, latency is significantly reduced here. Energy leverage expanded and edged down a bit but still was considered high.

Hybrid Fog-Edge: Important gains in the latency, power use rate and in time required to detect security threats.

Proposed Model: Further analysis shows that the proposed algorithm has the best performance across all considered metrics, especially for bandwidth optimization and security detection.

The table recalls the performance measure of every model. The model suggested in this paper obtained the lowest values on latency and energy, while increasing bandwidth consumption. It also defined the role of delivering the fastest time to detect security threats. From this broad comparison, we establish that the proposed architecture excels in others in sparse IoT healthcare systems.

New advancements highlighted by the Hybrid Fog-Edge Computing framework for IoMT are latency, energy, bandwidth, scalability, speed, and security threat advancements. The decentralized architecture minimizes delays that accrue in passes, and optimizes the utilization of assets, making it suitable for real time use in healthcare. The hybrid model outperforms the cloud only model and traditional fog models in terms of latency and security issues while addressing scalability for vast IoMT systems.

Discussion

The evaluation of the proposed Hybrid Fog-Edge Computing architecture demonstrates significant enhancements in the critical QoS parameters such as latency, energy consumption and bandwidth usage, and scale and security threats. The hybrid model often had higher response rates than those received by traditional cloud-only and fog models. Approximately, the latency was improved up to 70%, because the fog and edge layers processed critical data closer to the source, which allowed increasing the application response rate for monitoring the health condition in real time. The hybrid model is particularly fitting for energy-limited IoT devices because it has cut energy utilization by 30%. Data transmitted to the cloud was reduced by 60%; this made the bandwidth to be improved because most of the computation was in the edge and the fog layers. However, the scalability of the proposed hybrid architecture was also confirmed, and a network with up to 1500 IoT devices has better throughout and less latency. The hybrid model achieved better threat detection rates at 30ms and that is pivotal for the protection of sensitive health information. These results suggest that the proposed fog-edge hybrid architecture is very effective and efficient IoMT alternative; however, it has exceptionally high ability to provide real-time data processing and security as well as low energy consumption.

However, despite its advantages, implementing the proposed hybrid fog-edge architecture in real-world healthcare settings comes with notable limitations. High infrastructure costs are a significant concern, particularly when deploying fog and edge nodes across widespread or under-resourced regions. Maintaining consistent network connectivity and performing routine updates or retraining of ML models at the edge layer also require technical support and maintenance, which may not be feasible everywhere. Interoperability with legacy Electronic Health Record (EHR) systems poses another challenge, as existing hospital infrastructure often lacks standardized integration protocols. Moreover, regulatory frameworks like HIPAA and GDPR introduce compliance complexities when handling sensitive patient data across distributed nodes, necessitating strict governance and security enforcement mechanisms.

Conclusion

Some of the features that are tailored in the Hybrid Fog-Edge Computing architecture for IoMT systems include; Low latency, energy efficiency, bandwidth, scalability, and security which are vital in Real-time health monitoring. By the help of the model and its design, latency was reduced by 70% while energy consumption improved by 30%, and at the same time cloud bandwidth usage reduced by 60% which will be appreciable for resource-constrained limited IoT devices. Several important conclusions relate to the work and focus on the model’s ability to easily scale and accommodate up to 1500 IoT devices while having little to no impact on the overall performance. Hybrid model achieved the goal of anticipating security threats efficiently: the response time to an anomaly was 30 ms, proving that the model is beneficial for real-time protection of health data. However, it has its drawbacks: the potential for excessive costs related to the management of distributed fog and edge layers, as well as the fact that the functioning of the system depends on stable local computations. As a result, it might be beneficial for subsequent studies to evaluate how deeper incorporation of edge AI will eventually alleviate reliance on cloud by incorporating superior, predictive models at the edge in decision making mechanisms. Moreover, the support of the system might be expanded to the more detailed health monitoring tasks such as chronic diseases prediction. The future trend should concern possible issues connected with the data consistency across distributed layers and the improvement of the system’s fault tolerance in case of failure at the hardware or the network level. More specifically, the choice of the Hybrid Fog-Edge Computing architecture enables a robust and scalable design for IoMT systems that presents significant improvements concerning performance, security, and energy consumption, which are critical assets in real-time health monitoring.