Securing Federated Learning in Robot Swarms using Blockchain Technology

TL;DR

This work tackles securing decentralized federated learning within robot swarms by integrating blockchain technology to avoid a central aggregator. It implements a proof-of-concept where each robot runs an Ethereum node, and a smart contract performs FedAvg-based aggregation with a quorum of 7/15, using data-driven token incentives to deter Sybil attacks and enforce participation. Security is addressed via Sybil protection, static outlier rejection, and a ranking-based reward system, evaluated under faulty, malicious, and smart Byzantine behaviors in a 15-robot ARGoS setup; results show robustness to faults and many attacks, though smart Byzantines pose a vulnerability. Practically, the approach enables decentralized, secure model synchronization with tangible trade-offs in storage and bandwidth, illustrating a promising, if nascent, path toward scalable, autonomous swarm intelligence with decentralization guarantees.

Abstract

Federated learning is a new approach to distributed machine learning that offers potential advantages such as reducing communication requirements and distributing the costs of training algorithms. Therefore, it could hold great promise in swarm robotics applications. However, federated learning usually requires a centralized server for the aggregation of the models. In this paper, we present a proof-of-concept implementation of federated learning in a robot swarm that does not compromise decentralization. To do so, we use blockchain technology to enable our robot swarm to securely synchronize a shared model that is the aggregation of the individual models without relying on a central server. We then show that introducing a single malfunctioning robot can, however, heavily disrupt the training process. To prevent such situations, we devise protection mechanisms that are implemented through secure and tamper-proof blockchain smart contracts. Our experiments are conducted in ARGoS, a physics-based simulator for swarm robotics, using the Ethereum blockchain protocol which is executed by each simulated robot.

Figures (6)

• Figure 1: Each line shows the average loss of the aggregated model---5 runs for (a) and 10 runs for (b)---and the shaded areas depict 95 % confidence intervals. (a) Increasing the data expiration time leads to a quicker decrease of the average loss. This is expected, as more data is used for model learning. However, it also shows that for data expiration times of 750 s and higher, the loss curves are similar. For this reason, we select a value of 750 s for all subsequent experiments. (b) A single Byzantine robot is sufficient to prevent the model from converging (with a data expiration time of 750 s).
• Figure 2: (a) As the number of Byzantine robots increases, the number of aggregations that occur within the fixed 5 000 s experiment duration decreases. Indeed, by rejecting outlier models, we can achieve a more robust and faster convergence (in terms of aggregation rounds). However, fewer aggregation rounds occur by the end of the experiment as there are fewer robots producing reliable models and the quorum size is the same (7 robots). (b) As the number of Byzantine robots increases, the non-Byzantine robots gain more tokens.
• Figure 3: Average loss for different numbers of malicious Byzantine robots. Since a large number of models from malicious Byzantine robots are included in the aggregation, we do not observe the steep reduction in the total number of aggregation rounds as before. Even though the ranking mechanism secures the models' convergence, the model convergence becomes slower when the number of Byzantine robots increases.
• Figure 4: With up to 3 malicious Byzantine robots, our ranking mechanism successfully rewards non-Byzantine robots and penalizes Byzantine robots. With 4 Byzantine robots, this is no longer guaranteed, and with 5 or more of them, Byzantine robots will likely gain tokens.
• Figure 5: Average loss for different numbers of smart Byzantine robots. The model convergence speed and number of aggregation rounds does not differ much from the previous experiment shown in Figure \ref{['fig:exp4losscurve']}.