The Federated Compute (FC) Server is part of Federated Learning offered by On-Device Personalization.
To better understand the server, it is helpful to first describe the flow of a single round of training. Training consists of data flows between the ODP Federated Compute Client (FC Client) that is a core module in the Android Open Source Project (AOSP). Because it is a core module of Android, the interaction in these flows that occur on the FC Client are on device. The Aggregator is a component built within a Trusted Execution Environment (TEE) available on a public cloud in its current design.
Training consists of the following steps:
- The Federated Compute client on the device downloads a public encryption key from key services.
- The Federated Compute client checks in with the server and gets a training task.
- The Federated Compute client downloads training plan, plus the last version of The model, version N.
- The Federated Compute client trains with the local data and the plan.
- The Federated Compute client encrypts this device’s contributions with the public key obtained in Step 0 and uploads it to the Federated Compute server.
- The Federated Compute client notifies the Federated Compute server that its training has completed.
- The Federated Compute server waits until enough clients have submitted their contributions.
- A round of aggregation is triggered.
- Encrypted contributions are loaded into a Trusted Execution Environment (TEE) by the Aggregator.
- The Aggregator attests itself, following NIST's RFC 9334 Remote ATtestation procedureS (RATS) Architecture, to the coordinators. Upon success attestation, the key services grant it the decryption keys. These keys may be split across multiple key providers in a shamir secret sharing scheme.
- The Aggregator does cross-device aggregation, clips and noises per appropriate Differential Privacy (DP) mechanisms, and outputs the noised results.
- The Aggregator triggers the Model Updater.
- The Model Updater loads the aggregated contribution and applies it to model version N to create model version N + 1. The new model is pushed to the model storage.
This Federated Compute service would be deployed on cloud service(s) which support TEEs and needed security features. As we evaluate cloud providers and underlying technologies, we have focused on a Google Cloud implementation using Confidential Space.
This is a preview version of the On-Device Personalization Federated Compute Server and should be used for testing and evaluation purposes. As such, there are not yet any guarantees about forward/backward source compatibility. It is currently not recommended for use in production settings.
