Edge computing devices—from wearable health monitors to industrial sensors—face a critical security challenge: how to protect sensitive data while maintaining efficient on-device processing. Recent incidents have demonstrated how attackers could remotely manipulate insulin pump dosages or exploit vulnerabilities in hundreds of thousands of cardiac devices, highlighting the urgent need for intrinsically secure solutions in resource-constrained scenarios where every milliwatt of power and square millimeter of silicon matters.
Existing solutions face a fundamental challenge: they generally separate security from analysis modules and memory from computation units, creating significant hardware and energy overheads that are prohibitive for edge devices with limited resources.
Now, a cross-institutional research team led by Professor Ngai WONG and Dr. Zhengwu LIU from the Department of Electrical and Electronic Engineering (EEE) at The University of Hong Kong (HKU), in collaboration with Tsinghua University (THU) and Southern University of Science and Technology (SUSTech), has developed a solution that eliminates this trade-off. Their CLAP (Co-Located Authentication and Processing) system integrates authentication and processing functions within a unified memristor-based platform.
The key innovation lies in using memristors—emerging electronic components that can both store data and perform calculations in the same place, unlike conventional computers where memory and processing are separated. Beyond this compute-in-memory advantage, memristors also possess inherent physical randomness—tiny, unavoidable variations between individual devices.
“We exploit both characteristics simultaneously”, explained Dr. Zhengwu LIU. “The compute-in-memory capability enables efficient data analysis, while the physical randomness serves as unique security identifiers for device authentication. This hardware-level integration maintains both authentication reliability and computational accuracy without the traditional overhead”.
The team demonstrated CLAP’s versatility across diverse information processing tasks, including discrete wavelet transform, discrete Fourier transform, compressed sensing, and multi-layer perceptron neural networks. As a proof-of-concept, the researchers showcased secure electrocardiogram (ECG) data collection in healthcare monitoring, achieving device authentication with an area under the curve of 99.46% and efficient signal compression with 18.67% percentage root-mean-squared difference.
“The results are remarkable: 146-fold energy efficiency gain and nearly 18-fold area reduction compared to conventional implementations”, noted Professor Ngai WONG. “These improvements are critical for any resource-constrained application, from medical implants to industrial IoT sensors. We’re moving toward a future where security is not an add-on module but an intrinsic property of the computing hardware itself”.
The technology represents a significant milestone in secure edge computing and highlights HKU EEE’s leadership in cross-domain research that unites device physics, circuit design, and machine learning systems.
The research was led by Professor Ngai WONG and Dr. Zhengwu LIU from HKU EEE, and Professor Huaqiang WU from THU. Other team members include Dr. Zhongrui WANG from SUSTech; Mr. Chenchen DING from HKU; Dr. Bohan LIN, Professor Jianshi TANG, and Professor Bin GAO from THU.
The project received support from the National Natural Science Foundation of China, the General Research Fund and the Theme-based Research Scheme from the Research Grants Council of Hong Kong SAR, the AVNET-HKU Emerging Microelectronics and Ubiquitous Systems (EMUS) Lab, and ACCESS – AI Chip Center for Emerging Smart Systems, supported by the InnoHK initiative of the Innovation and Technology Commission.
Their study, titled “Privacy-preserving data analysis using a memristor chip with co-located authentication and processing”, was published in Science Advances.
Link to the paper: https://www.science.org/doi/10.1126/sciadv.ady5485
Fig. 1. Comparison between CMOS-based and memristor-based approaches (CLAP).
Fig. 2. CLAP system performance in the ECG data collection task.
(Chinese version)
邊緣計算裝置 —— 從穿戴式健康監測儀到工業感測器 —— 正面臨一項關鍵安全挑戰:如何在維持高效在裝置端處理的同時,保護敏感數據。近期多起事件顯示,攻擊者可遠端操控胰島素幫浦劑量,或利用數十萬台心臟裝置的漏洞發動攻擊,凸顯在資源受限場景中,亟須具備內生安全性的解決方案 —— 此類場景對每毫瓦功耗、每平方毫米晶片面積都極為講究。
現有解決方案存在根本性難題:這類方案普遍將安全模組與分析模組分離、儲存單元與運算單元分離,造成巨大硬體與能耗開銷,對資源有限的邊緣裝置而言難以負荷。
如今,由香港大學電機電子工程系黃毅教授和劉正午博士團隊牽頭,聯合清華大學與南方科技大學共同研發出一款解決方案,徹底打破這一兩難困境。該團隊研發的 CLAP(共位認證與處理,Co-Located Authentication and Processing)系統,將認證與運算功能整合於同一基於憶阻器的統一平台。
此技術的核心創新點在於採用憶阻器 —— 這是一種新興電子元件,不同於傳統電腦將儲存與運算分離的架構,憶阻器可在同一位置同時實現數據儲存與運算。除具備儲存內運算的優勢外,憶阻器還擁有內生物理隨機性 —— 即個體元件間存在微小且不可避免的差異特性。
劉博士解釋道:「我們同時利用這兩項特性,儲存內運算能力確保高效數據分析,而物理隨機性則可作為裝置認證的獨特安全識別標誌。這種硬體層級的整合,既能保障認證可靠性與運算精準度,又不會產生傳統方案的額外開銷。」
團隊已驗證 CLAP 系統在多類資訊處理任務中的通用性,包括離散小波變換、離散傅立葉變換、壓縮感知及多層感知器神經網路。在概念驗證環節,研究人員展示其在健康監測領域實現安全心電圖(ECG)數據採集,不僅達到 99.46% 的認證曲線下面積,還能以 18.67% 的均方根誤差百分比實現高效訊號壓縮。
黃教授表示:「成果十分亮眼,相較傳統實現方案,能耗效率提升 146 倍,晶片面積縮減近 18 倍。這些優化對所有資源受限場景至關重要,無論是醫用植入裝置還是工業物聯網感測器均適用。我們正推動行業邁向新未來 —— 安全不再是附加模組,而是計算硬體本身的內生屬性。」
該技術標誌著安全邊緣計算領域的重大里程碑,也彰顯港大電機電子工程系在跨領域研究的領先地位,其研究範疇融合裝置物理、電路設計與機器學習系統三大領域。
該研究由港大電機電子工程系黃毅教授和劉正午博士,以及清華大學吳華強教授共同領導。其他團隊成員包括南方科技大學王中銳教授;港大博士生丁辰辰;清華大學博士畢業生林博瀚、唐建石教授和高濱教授。
該項目獲得多項資金支持,包括國家自然科學基金、香港特區研究資助局一般研究基金與主題研究計劃、安富利 — 香港大學新興微電子與泛在系統實驗室,以及由香港創新科技署創新香港研發平台資助的香港人工智能晶片研發中心。
相關研究論文題為《基於共位認證與處理憶阻器晶片的隱私保護數據分析》(Privacy-preserving data analysis using a memristor chip with co-located authentication and processing),已發表於《科學・進展》(Science Advances)期刊。
論文鏈接:https://www.science.org/doi/10.1126/sciadv.ady5485
圖 1:基於互補式金屬氧化物半導體(CMOS)與基於憶阻器方案(CLAP)對比
圖 2:CLAP 系統在心電圖數據採集任務中的效能表現