Workshop on Systems Challenges in Reliable and Secure Federated Learning

Co-located with ACM SOSP 2021

October 25, 2021

In Virtual Land


Saurabh Bagchi, Purdue University
Kevin Chan, US Army Research Lab
Christof Fetzer, Technische Universität Dresden
Tom Jacobs, Adobe Research
Suman Jana, Columbia University
Prateek Mittal, Princeton University

New happenings


The workshop will focus on the systems challenges raised by the area of federated (machine) learning, or more generally, distributed learning. In particular, we will focus on how to achieve reliable and secure learning considering that federated learning relies on a distributed set of nodes, often geographically distributed, not physically secured, heterogeneous, and with varying levels of resource constraints. The workshop will lead to a first-of-its-kind vision paper that will synthesize the progress we have made, the overarching technical problems we have to solve, and the 5 most compelling usage scenarios. We will plan on holding this workshop annually, rotating among security and systems venues.

Workshop Format

The workshop will have three types of activities:

  1. Invited talks: To be recorded and disseminated, but not included in the proceedings
  2. Poster papers and presentations at the workshop: See the Call for Papers. These 2-page papers will be included in the proceedings. The submissions must be anonymized.
  3. Panel: A heated panel on a hot topic.

So far the flourishing work in federated learning in the ML community hints at important systems challenges, which have neither been carefully articulated in a systems forum nor seen concerted solution efforts. Some representative topics for the workshop are (all in the context of federated learning) trusted execution environments, resilience to attacks, intermittent or low bandwidth network connectivity, asynchronous vs synchronous network models, and heterogeneity (devices, data, models). The event will draw academics, government lab scientists, and industrial practitioners.

The key question is can this learning be done reliably and securely so that we can trust our private and critical interactions to such systems.

This pendulum of moving from centralized infrastructure to a distributed infrastructure at the edge has swung at least twice in our living memories and of course, no single point in the spectrum will be the universal solution. The systems community has had a major role in shaping the movement in this arc. This workshop will start the effort to keep the community engaged with an emerging point in the spectrum. The point in the spectrum represented by federated learning seems particularly timely as it leverages two dominant trends in our world:

  1. Large amounts of data being generated at the edges of our systems, the deployment contexts becoming more dynamic, and the consequent necessity of learning and re-learning from this data. Obviously not all of the data can be brought back to the backend for enabling such learning. Hence the need for distributed and federated learning.
  2. As this paradigm catches strength, we expect that there will be deployments in application contexts where we care about the integrity of the results. Hence the need for reliability and security. The modalities that make this challenging are the insecure deployments of the nodes as well as the hardware and software constraints of the nodes.