← Back to stories Detailed image of a disassembled lock cylinder and its metal components on a colored surface.
Photo by Nic Wood on Pexels
凤凰科技 2026-04-15

Haiguang (海光) pushes hardware “confidential computing” as AI safety fix

Haiguang Information Technology Co., Ltd. (海光信息技术股份有限公司) argued that the next frontier of AI security is below the software stack, not above it. Ying Zhiwei (应志伟), vice‑president of Haiguang, told attendees at the World Internet Conference Asia‑Pacific Summit’s AI Safety Governance forum that software protections can be dumped, debugged or tampered with, but hardware offers a new, immutable defensive line. The message was blunt: if AI safety depends on resilient models and private data, the chip itself must be designed to keep secrets during computation.

What confidential computing means in practice

Unlike conventional encryption that protects data at rest or in transit, confidential computing encrypts data while it is being processed. Ying said that Haiguang’s CPUs embed confidential‑computing capabilities so that memory and computations remain cryptographically protected during execution, reducing the risk that an attacker with physical or memory access could extract model parameters or user inputs. He also asserted that this can be done without large performance penalties — a critical point for production AI services that must balance speed and security.

Deployments, adoption and geopolitical context

It has been reported that Haiguang’s chip‑level security features are already being trialed or deployed in high‑security settings: government data platforms, JD.com (京东), Guotai Haitong Securities (国泰海通证券) and China Merchants Bank (招商银行), among others. Reportedly, these rollouts signal a broader shift in China’s AI governance from a software arms race toward trusted hardware and full‑lifecycle protection. That shift also sits against a backdrop of export controls and broader tech decoupling, where domestic chip capability and supply‑chain autonomy are now strategic priorities.

Will hardware alone be enough to harden AI systems? Haiguang’s proposal reframes the debate: build the trusted computing base into silicon and you change the attack surface. But engineers and policymakers will still need standards, independent verification and cross‑industry cooperation to ensure confidential computing lives up to its promise.

AIFinTech
View original source →