HUGO JONSSON of the FedOps research team shows an image from a test they did using self-driving vehicles in Madison during a Friday presentation. Three teams of students from South Dakota and Sweden schools presented research on projects related to artificial intelligence and machine learning.
Twelve graduate students presented their research on artificial intelligence projects on Friday at Dakota State University.
The students, who were split into three research teams, come from six institutions in South Dakota and Sweden. This Industrial Immersion Exchange Program is a partnership between DSU and AI Sweden.
David Hovstadius, Subash Mahat and Stephanie DeAmelia were part of the team “CAN we secure it,” and their industrial stakeholder was agricultural machinery company Case New Holland.
The three students worked with Controller Area Network (CAN) technology, which is a communication method widely used in the automotive and agriculture industries, including with farm machinery.
While CAN technology is a standard in the industry, it poses a cybersecurity risk, the students said. In their research, the team investigated ways to increase security and detect intrusions, including through machine learning and artificial intelligence. They worked to find ways to identify when intrusions occur and how to protect against different types of cyber attacks.
“We have more and more farming that is more autonomous, more driverless, and in the future we could see entire farming fleets without any drivers or human contact with them. That’s a very big cybersecurity risk behind that, if somebody could just come into your farming equipment and hack it, physically or through wireless communications,” Mahat said. “Our part of the research could be a baseline on how to get started in implementing intrusion detections systems that could alert users about how there’s a cybersecurity risk that’s been acting in your farm.”
The other two teams both researched federated learning. Many people are familiar with machine learning and language models through programs like ChatGPT. With machine learning models like these, data is sent from clients to the server to adjust and train the model. But, federated learning has received increased attention from researchers due to safety and privacy concerns for traditional machine learning.
With federated learning, the data is kept private by training the model within the client itself. Then, the adjusted model is shared with the central server, and the adjusted models from all of the different clients are used to train the new, central model. With federated learning, the data is not shared with the server; only the trained model is.
“Federated learning is really useful when you want to protect your data. Usually for machine learning, you need to send your dataset, but for example, with hospital data and your private data, you don’t want to share it to others. With federated learning, your client doesn’t need to share your dataset, but still you can get the model updated,” said Bitnoori Lee, a member of the FENIX team.
However, federated learning has certain cybersecurity risks. For example, a malicious actor could train their model by making the model answer with an unsafe phone number when asked a question and, when the model is shared with the server, the central model could be “poisoned” with unsafe information.
In another example, a poisoned model could see certain visual inputs from a self-driving car and give the self-driving car a bad route.
The FENIX team, made of Jesper Bergquist, Bitnoori Lee and Juste Lokossou, researched ways to protect a federated learning model from different types of attacks and poisonings. Their industrial partners were Intel and AI Sweden. The FENIX model they used, like Chat GPT, is a language generation model which predicts proper responses to questions or follow-ups to statements.
The FedOps team was partnered with Volvo and Zenseact, which develops software for driverless cars. It was made up of Gustav Kalander, Sonakshi Garg, Hugo Jonsson, Axel Nilsson, Bhhaanu Pirange and Jonathan Lancelot. They researched ways to protect federated learning models, which are being researched for use in driverless vehicles, from malicious attacks and poisoning. For driverless cars, attacks could pose a safety risk to drivers and pedestrians.
“We have some findings that the car industry can use to make sure these systems are robust, but there’s still a lot of research to be done,” Lancelot said. “Federated learning is not implemented in the car industry yet, but it’s starting to look at it.”