A Survey of Foundation Models for IoT: Taxonomy and Criteria-Based Analysis

TL;DR

This survey reframes foundation-models for IoT around four shared performance criteria—Efficiency, Context-awareness, Safety, and Security & Privacy—and contrasts three core FM paradigms (prompt-based, agent-based, training-based). It emphasizes cross-domain comparability, comprehensive evaluation strategies, and practical method selection guidance to enable robust, generalizable FM solutions across IoT tasks. The authors also identify gaps such as insufficient cross-domain and real-world evaluations and advocate for advanced techniques (e.g., large reasoning models, multi-agent systems, and human preference alignment) to push the field forward. Overall, the work provides a structured lens and concrete directions for designing, evaluating, and deploying FM-based IoT systems with attention to efficiency, safety, and privacy.

Abstract

Foundation models have gained growing interest in the IoT domain due to their reduced reliance on labeled data and strong generalizability across tasks, which address key limitations of traditional machine learning approaches. However, most existing foundation model based methods are developed for specific IoT tasks, making it difficult to compare approaches across IoT domains and limiting guidance for applying them to new tasks. This survey aims to bridge this gap by providing a comprehensive overview of current methodologies and organizing them around four shared performance objectives by different domains: efficiency, context-awareness, safety, and security & privacy. For each objective, we review representative works, summarize commonly-used techniques and evaluation metrics. This objective-centric organization enables meaningful cross-domain comparisons and offers practical insights for selecting and designing foundation model based solutions for new IoT tasks. We conclude with key directions for future research to guide both practitioners and researchers in advancing the use of foundation models in IoT applications.

Figures (4)

• Figure 1: Taxonomy of Foundation Models for IoT. The structure of this paper is as follows: Section \ref{['sec:related_work']} reviews and compares our survey with existing related work. Section \ref{['sec:fm_iot_foundations']} introduces three fundamental paradigms and frameworks for applying foundation models to IoT tasks, providing essential background for readers new to the field. Sections \ref{['sec:efficiency']} through \ref{['sec:security_privacy']} examine the four key performance criteria along with commonly used approaches to improve each. Section \ref{['sec:evaluation']} reviews the evaluation metrics used in the current literature for each criterion and discusses the strategies employed to assess FM-based solutions in IoT applications. Finally, Section \ref{['sec:discussion']} discusses existing research limitations and outlines future directions.
• Figure 2: Illustration of data summarization methods for enhancing the efficiency of foundation models in IoT tasks, exemplified by an LLM-based Just-in-Time Adaptive Intervention (JITAI) system in mobile health nahum2016just.
• Figure 3: Illustrative example of five safety-enhancing methods introduced in this paper for applying LLMs to IoT tasks, demonstrated through an autonomous driving scenario.
• Figure 4: Method selection decision tree. The decision tree considers the three most commonly used frameworks for applying foundation models to IoT tasks: prompt-based methods, agent-based methods, and training-based methods, as well as traditional supervised learning methods. The selection is guided by six key dimensions introduced in Section \ref{['sec:method_comparison']} computation requirement (CR), error rate on specific tasks (ER), task specificity (TS), development time (DT), labeled data requirement (LDR), and unlabeled data requirement (UDR). While the decision tree provides general guidance, practitioners and researchers should adapt it to specific scenarios, particularly when additional constraints such as security and privacy are involved.