Federated Repair of Deep Neural Networks

As DNNs are embedded in more and more critical systems, it is essential to ensure that they perform well on specific inputs. DNN repair has shown good results in fixing specific misclassifications in already trained models using additional data, even surpassing additional training. In safety-critical applications, such as autonomous driving, collaboration between industrial actors would lead to more representative datasets for repair, that would enable to obtain more robust models and thus safer systems. However, these companies are reluctant to share their data, to both protect their intellectual property and the privacy of their users. Federated Learning is an approach that allows for collaborative, privacy-preserving training of DNNs. Inspired by this technique, this work proposes Federated Repair in order to collaboratively repair a DNN model without the need for sharing any raw data. We implemented Federated Repair based on a state-of-the-art DNN repair technique, and applied it to three DNN models, with federation size from 2 to 10. Results show that Federated Repair can achieve the same repair efficiency as non-federated DNN repair using the pooled data, despite the presence of rounding errors when aggregating clients' results.