A Secure and Trustworthy Federated Learning Platform as a Service Model for Stroke Management in European Clinical Centers

This paper presents the TRUSTroke Federated Learning (FL) Platform, supporting distributed, secure, and trustworthy training of machine learning (ML) models for collaborative healthcare applications without sharing sensitive data. The platform enables configuration, monitoring, and management of FL processes over the public Internet via a reliable and secure transport protocol based on Message Queuing Telemetry Transport (MQTT). This work details production-ready PaaS capabilities supported by an MQTT-based communication layer and a DMZ security architecture that isolates clinical data from external access, and it presents a comprehensive evaluation of network and model security that demonstrates resilience against common attacks while confirming scalability and low communication overhead. The platform is deployed and tested with geographically distributed clinical clients, supervised by a Parameter Server (PS) hosted at CERN’s computing center, and it is customized for stroke management with harmonized patient data integration. The discussion addresses practical deployment challenges and real-world application using a publicly available stroke dataset, emphasizing the importance of rigorous security assessment for FL platforms in digital healthcare contexts. Experimental validation demonstrates high model performance on stroke data (F1-score and AUPRC close to centralized training), low communication overhead (17-26 %), stable scalability across heterogeneous clinical nodes, and strong resilience to poisoning and free-rider attacks, confirming the platform’s reliability for secure digital healthcare deployments.