Adoption of artificial intelligence medical imaging applications is often impeded by barriers between healthcare systems and algorithm developers given that access to both private patient data and commercial model IP is important to perform pre-deployment evaluation. This work investigates a framework for secure, privacy-preserving and AI-enabled medical imaging inference using CrypTFlow2, a state-of-the-art end-to-end compiler allowing cryptographically secure 2-party Computation (2PC) protocols between the machine learning model vendor and target patient data owner. A common DenseNet-121 chest x-ray diagnosis model was evaluated on multi-institutional chest radiographic imaging datasets both with and without CrypTFlow2 on two test sets spanning seven sites across the US and India, and comprising 1,149 chest x-ray images. We measure comparative AUROC performance between secure and insecure inference in multiple pathology classification tasks, and explore model output distributional shifts and resource constraints introduced by secure model inference. Secure inference with CrypTFlow2 demonstrated no significant difference in AUROC for all diagnoses, and model outputs from secure and insecure inference methods were distributionally equivalent. The use of CrypTFlow2 may allow off-the-shelf secure 2PC between healthcare systems and AI model vendors for medical imaging, without changes in performance, and can facilitate scalable pre-deployment infrastructure for real-world secure model evaluation without exposure to patient data or model IP.
翻译:医疗成像应用人工智能往往受到医疗系统与算法开发者之间障碍的阻碍,因为获得私人病人数据和商业模型IP系统对于进行部署前评价十分重要。这项工作调查了使用CrypTFlow2 进行安全、隐私保护和AI辅助医疗成像推断的框架,CrypTFlow2 是一个最先进的端对端编译程序,允许机器学习模型供应商与目标病人数据拥有者之间进行加密安全双方计算(2PC)协议,并允许机器学习模型供应商与目标病人数据所有者之间进行加密双向计算。对多机构胸前放射成像数据集进行共同的DenseNet-121胸前X射线诊断模型,无论是否进行加密TFLow2, 遍及美国和印度7个地点的两套测试机组都进行安全、隐私保存和AI-光学图像分析。我们测量AUROC在多种病理分类任务中的安全性和不安全的推论之间的性能,并探索模型模型推理模型引入的输出分配和资源限制。 CrypTF2 与安全性和安全性定位系统之间没有明显差别分析,使用安全性和安全性影象分析方法。