Embedded Face Recognition Access Control System

Edge AI access control system with on-device face recognition on STM32

Overview

This project implements a lightweight edge AI access control system on an STM32 microcontroller. The system performs face recognition locally on an embedded device, makes access-control decisions at the edge, and connects to a mobile management application through an IoT communication module.

The project was designed as a complete edge perception-decision-communication pipeline, integrating:

  • on-device face recognition;
  • embedded access-control logic;
  • lightweight model compression;
  • Wi-Fi based IoT communication;
  • Android-based remote management.

Unlike cloud-based access systems, this prototype keeps identity verification on the device. This reduces network dependence, lowers response latency, and improves privacy because raw face images do not need to be uploaded for every access attempt.

The project helped me understand how machine learning models must be redesigned when deployed under strict memory, compute, and power constraints.

Project Thumbnail

Embedded face recognition access control system thumbnail

This thumbnail summarizes the complete edge AI access control pipeline: face images are processed locally on the STM32-based device, lightweight face recognition produces an access decision, ESP8266 provides IoT connectivity, and an Android application supports remote user management and monitoring.

Motivation

Many AI applications are easy to prototype on desktop GPUs but difficult to deploy on small embedded devices. A microcontroller has limited SRAM, flash storage, compute throughput, and power budget. This makes edge AI a system-level challenge rather than a pure model-design problem.

The project focuses on three questions:

  1. How can face recognition be compressed enough to run on an STM32-class device?
  2. How can the system make reliable access decisions locally while remaining manageable remotely?
  3. How can embedded inference, firmware control, IoT communication, and mobile software work together as one product-like system?

The final design uses local inference for the time-critical access decision and cloud/mobile communication for management, synchronization, and logging.

System Architecture

The system consists of three core components:

  1. Edge AI Inference Module (STM32)
  2. Wireless Communication Module (ESP8266)
  3. Android Remote Management Application

Runtime pipeline:

  1. capture face image at the access terminal;
  2. detect and preprocess the face region;
  3. extract a compact face embedding on-device;
  4. compare the embedding with enrolled identities;
  5. trigger access control, such as unlock or deny;
  6. upload event logs and device status;
  7. support user management through the mobile application.

This forms a complete edge perception–decision–communication loop.

Edge AI Face Recognition

Lightweight Model Design

The recognition module is based on a lightweight face embedding network inspired by MobileFaceNet. The model produces a compact feature vector for each face, and identity verification is performed by comparing the extracted embedding with registered user embeddings.

Pipeline:

  • face capture and preprocessing;
  • face region detection or alignment;
  • embedding extraction;
  • cosine similarity matching;
  • threshold-based access decision.

Cosine similarity is used to compare embeddings:

[ \mathrm{sim}(u,v)=\frac{u^T v}{|u||v|} ]

If the similarity exceeds the verification threshold, the identity is accepted; otherwise, the request is rejected.

TinyML Optimization

To deploy on resource-constrained STM32 hardware:

  • model pruning reduces redundant channels and parameters;
  • INT8 quantization compresses weights and activations;
  • TensorFlow Lite Micro provides a microcontroller-friendly inference runtime;
  • fixed-point computation reduces floating-point overhead;
  • memory planning ensures intermediate tensors fit the available SRAM.

These optimizations enabled:

  • real-time inference;
  • low memory footprint;
  • stable embedded deployment;
  • lower energy consumption compared with cloud-only recognition.

The main engineering challenge was balancing model size and recognition robustness. Too much compression reduces accuracy, while too little compression makes deployment unstable on the target hardware.

Edge–Cloud Communication

The system integrates an ESP8266 Wi-Fi module for IoT connectivity. The embedded access terminal remains responsible for real-time decisions, while the network module supports management and logging.

Key features:

  • real-time upload of recognition events;
  • remote synchronization of user data;
  • device status monitoring;
  • access log retrieval;
  • remote control commands when authorized.

Communication is implemented using:

  • MQTT for lightweight publish/subscribe messaging;
  • Baidu Cloud IoT for device management and data routing.

The system separates time-critical local decisions from non-time-critical remote management. This design makes the access-control loop more robust to temporary network instability.

Mobile Application

An Android application was developed for remote system control.

Features include:

  • user registration and face enrollment;
  • identity database management;
  • remote door control;
  • real-time device monitoring;
  • event logging and history tracking.

This enables a full edge–cloud–mobile interaction loop.

Key Engineering Challenges

Resource Constraints

  • limited RAM and flash storage on STM32;
  • constrained compute throughput;
  • need for aggressive model compression and memory planning.

Real-Time Inference

  • optimized preprocessing and inference path for low latency;
  • reduced unnecessary memory copies;
  • tuned model complexity to fit embedded runtime limits.

System Integration

  • integrated embedded firmware, AI inference, networking, and mobile app;
  • handled communication between STM32, ESP8266, cloud platform, and Android client;
  • designed logs and states for debugging and remote monitoring.

The most valuable part of the project was learning how small failures across modules can affect the whole system: a delayed message, an unstable threshold, or a memory overflow can all break the user experience.

Technical Stack

Hardware

  • STM32 microcontroller;
  • ESP8266 Wi-Fi module;
  • camera module;
  • access-control actuator.

AI / Embedded

  • MobileFaceNet-style lightweight embedding network;
  • TensorFlow Lite Micro;
  • model pruning;
  • INT8 quantization;
  • fixed-point inference.

Communication

  • MQTT protocol;
  • Baidu Cloud IoT;
  • event and status synchronization.

Mobile

  • Android application;
  • remote user management;
  • event log interface.

Outcome

The system demonstrates a complete edge AI deployment pipeline, achieving:

  • real-time face recognition on microcontroller-class hardware;
  • low-latency and privacy-preserving local decisions;
  • remote monitoring and user management through IoT;
  • an end-to-end prototype spanning AI, embedded firmware, networking, and mobile software.

Key Takeaways

  • Gained hands-on experience with TinyML and embedded AI deployment.
  • Built a complete edge AI system that combines AI, firmware, IoT, and mobile development.
  • Learned how compression, quantization, and runtime constraints affect model behavior.
  • Developed an engineering mindset for designing intelligent systems under strict resource limits.

This project laid the foundation for my later research interests in efficient perception systems, communication-constrained learning, and deployable intelligent agents.