Beyond Model Accuracy: Building Trustworthy Federated Learning Systems

This PhD thesis is the result of an exploration into making Federated Learning (FL) systems more trustworthy. Specifically, I developed and evaluated new techniques that extend FL’s trustworthiness across three key dimensions: preserving user privacy, mitigating bias, and interpreting model decisions. The first phase of the research tackled the tradeoff between Differential Privacy and model utility in FL Usually, introducing DP into the training process comes with a cost in model utility. To address this, I proposed a novel hybrid FL architecture that combines peer-to-peer (P2P) and server-based FL training, allowing more sensitive data to be protected with DP while retaining strong model utility. Building on that, I turned my attention to the interplay between fairness, privacy, and utility in FL. This is a less explored direction in literature, where fairness and privacy are usually addressed in isolation. The result of this investigation is PUFFLE. PUFFLE is a self-adaptive system that allows practitioners to specify fairness level and privacy budgets as training constraints, and then dynamically tunes training accordingly. Building on top of PUFFLE, I co-evaluated the client-level fairness and benefits of federated participation. I co-conducted an analysis simulating clients with conflicting fairness goals to understand in which cases it was worth being involved in the federation. The final component of trustworthiness I addressed was explainability. Federated Learning restricts data sharing, which complicates the use of post-hoc explainers like SHAP or LIME that often require access to raw data or centralized models. Moreover, applying explainers can inadvertently leak sensitive information, defeating the purpose of using FL in the first place. To solve this, I co-developed FastSHAP++, a privacy-preserving federated version of the SHAP explainer. FastSHAP++ enables the training of SHAP explainers without ever accessing raw data, and applies DP not only to the model training but also to the explanation process itself. Through this work, I have shown that trustworthiness in FL is not a binary property, but a tradeoff between multiple objectives, often with competing requirements.