Always On Trust for Remote Cardiac Monitoring: Quantum Safe Authentication With One Time PUFs and Edge Anomaly Screening

Remote cardiac monitoring is moving from occasional clinic visits to continuous observation at home. In a typical Intelligent Internet of Medical Things workflow a wearable ECG sensor sends readings through an edge gateway to a clinical platform for storage and review. That convenience also widens the attack surface. If a cloned device is admitted or telemetry is altered clinicians may rely on false signals and patient privacy may be exposed. A longer horizon problem is also emerging. Adversaries can store encrypted medical traffic today and target it later with stronger quantum tools. At the same time many lightweight schemes still rely on static Physical Unclonable Functions whose challenge response behavior may be learned from repeated observations. We address both concerns with a compact authentication fabric for real time cardiac monitoring. The design uses a reconfigurable One Time Physical Unclonable Function so each successful session refreshes response behavior and weakens modeling attacks. It also combines ML-KEM-768 for key establishment with ML-DSA-65 for device authentication. An Isolation Forest ensemble at the gateway then screens behavioral drift that may indicate misuse or compromise. Our prototype completes authentication in 14.7 ms with about 4.6 kB per session and reaches 94.5% precision with a 2.3% false positive rate.