The swarm attestation methods have been proposed to detect illegitimate modifications in a large network efficiently. However, they do not provide the scalable identification of detected devices, which is critical to keep a swarm network trustworthy in the practical uses. In this paper, we propose a lightweight attestation method with efficient scalable identification of target devices. The proposed approach, called CAMIE (Collective Attestation for Manageable IoT Environments), combines binary-embedded tag generation and regional reports to build the region-based attestation result. During the attestation process, the swarm network generates merged region summaries. An authorized verifier can infer the individual device information from the regional attestation results. In this way, CAMIE can achieve the scalable identification of compromised devices with significantly less overhead. Memory (ROM) and Memory Protection Unit (MPU), to build a minimal hardware trust anchor [14][15][16][17]. The swarm attestation [18][19][20][21][22][23][24][25] is based on this approach. It efficiently checks whether a large number of devices are in good software configurations (without any modifications). The methods for swarm attestation have mainly focused on detection of integrity violation of devices with efficiency [18,19], DoS-attack resiliency [22], verifiable aggregation [21], physical attacks [20,23], execution trace [24] or device property [25].However, in the real-world situations, IoT swarms are being faced with more hostile environments than that assumed in the previous approaches. We have already observed the result of the outbreak of large-scale malware (e.g., Mirai Botnet [2]), where the phenomenon follows the malware-infection epidemic model [26]. It showed that how fast a group of locally connected devices can be infected at the first stage. The previous methods already provide a way to identify compromised devices during attestation process [19,21]. Unfortunately, they are not scalable for such large-scale infections. The overhead caused by indicating compromised devices individually overwhelms the attestation process.In the view of the network operators, the efficient maintenance is a key to keep a swarm network trustworthy. However, the maintenance supports in the attestation process have not yet been paid attention to enough. Outdated devices are dangerous. Unmanaged devices have been the cause of well known attacks [27] and its security vulnerabilities are being unceasingly disclosed [28]. The IoT devices are exposing vulnerabilities from the network stack to the software stack [29]. A dysfunctional device can cause the failure of a whole IoT-based system. Furthermore, although each device has limited capabilities, recent studies [30,31] show that the compromised devices can be organized into a mobile botnet conducting more sophisticated attacks. However, more than 200,000 devices in 2017 still require a software patch against the Heartbleed attack that occurred in 2014 [32]. Therefore, in this paper, we pro...