HPC Security - Hybrid Event

Europe/Zurich
Auditoire Paternot (Bâtiment Agora)

Auditoire Paternot

Bâtiment Agora

Rue du Bugnon 25A, 1005 Lausanne
Alexandre Wetzel (CHUV), Michele De Lorenzi (CSCS), Patrick Zosso (CHUV)
Description

Here are some considerations and questions that will accompany you throughout the various presentations.

Introduction

Research support and IT challenges!

CHUV in a few numbers is:
- About 12,000 employees, more than half of whom are caregivers
- Approximately 50,000 hospitalized patients in 2020 with an activity strongly impacted by COVID-19
- Approximately 800 researchers (6.6% of FTEs)

CHUV's main mission is patient care, but research is one of the strategic axes of the hospital. However, research and clinical activities are not always compatible and cannot be managed at the IT level in the same way.

The main mission of the infrastructure team is to deliver and ensure the operation of clinical systems 24 hours a day. Therefore, it is necessary to industrialize the installations and simplify the operational maintenance and monitoring as much as possible. It is natural that the equipment needed to run our clinical applications must be shared as much as possible.

In addition to operational efficiency, mutualization also has advantages in terms of costs and FTEs.


IT support teams therefore have a particular focus on the infrastructure needed for healthcare and cannot support systems that are often specific to a small community. Systems that can in many cases be complex to manage.

As a result, our institution must look at other actors to ensure the provision of an infrastructure that is suitable for researchers while respecting the security constraints imposed by CHUV and its partners.

In addition, some research groups have needs in terms of infrastructure availability and the need to process sensitive data.

These last points are certainly the biggest challenge that CHUV must address in terms of infrastructure provision. And to complicate things a bit more, the research community is not only composed of CHUV employees and requires frequent sharing of data or documents.

Key Questions

  • How to ensure a 24 x 7 support of infrastructures not operated by the CHUV
  • How to allow researchers to share information while respecting legal constraints
  • How to offer research and development environments that are robust, secure, maintainable and flexible for researchers
  • How to guide researchers in the choice of infrastructure to avoid uncontrollable deployments that could lead to security breaches.

 

Participants
  • Adam Henderson
  • Adrien Welsh
  • Alex Upton
  • Alexander Kashev
  • Alexandre Wetzel
  • Allen Neeser
  • Ana Rodriguez Sanchez-Archidona
  • Anne Kraemer
  • Antonio Javier Russo
  • Arnaud Hungler
  • Bastian Bukatz
  • Benedikt Thelen
  • Christian Bolliger
  • Cristian Bovino
  • Diego Moreno
  • Dries Verachtert
  • Emmanuel Jeanvoine
  • enrico favero
  • Ewan Roche
  • Fabio Zambrino
  • Filippo Stenico
  • Florian Huber
  • Fotis Georgatos
  • Guillermo Losilla
  • Hardik Kothari
  • He Xu
  • Heinz Stockinger
  • Ioannis Xenarios
  • Jani Heikkinen
  • Jean Louis Raisaro
  • Jean-Baptiste Aubort
  • Jonas Liechti
  • Jonas Richiardi
  • Julia Gustavsen
  • Jérémie Despraz
  • Lorenzo Cerutti
  • Louis Ruppert
  • Martin Jacquot
  • Massimo Benini
  • Mattia Belluco
  • Maxime Martinasso
  • Michael Rolli
  • Michal Bassani-Sternberg
  • Michele De Lorenzi
  • Narendra Kumar Reddy Challa
  • Nick Holway
  • Nicolas Rosat
  • Pablo Fernandez
  • Pierre Berthier
  • Radim Janalik
  • Raluca Hodoroaba
  • Roberto Fabbretti
  • Roman Briskine
  • Rémy Ressegaire
  • Sean Hughes
  • Sergio Guarino
  • Silvan Hostettler
  • Silvio Oertli
  • Snezana Nektarijevic
  • Steven Armstrong
  • Sudershan Lakshmanan Thirunavukkarasu
  • Sébastien Moretti
  • Thomas Chen
  • Thomas Jakobsche
  • Yann Sagon
    • 09:30 10:00
      Registration 30m
    • 10:00 10:15
      Welcome and Introduction
      Conveners: Alexandre Wetzel (CHUV), Michele De Lorenzi (CSCS)
    • 10:15 10:45
      CHUV Data Science Group, Mission and Support to Researchers
      Convener: Nicolas Rosat (Chuv)
    • 10:45 11:30
      Keynote Presentation - Using Clinical Images for Machine Learning Research: the Journey from Hospital to HPC

      As medicine and techniques progress, radiology departments accumulate more and more images, with ever-increasing resolution. These constitute very valuable data that can be used for predictive modelling using machine learning approaches. However, patient privacy and security concerns mean that new IT infrastructure must be put in place.

      In this talk, I will cover our ongoing collaboration in data science between the IT and Radiology departments at the Lausanne University Hospital, which is both integrating existing tools and developing new software.

      I will discuss data extraction, coding and de-identification of medical images, secure storage using open source software, and give examples of the machine learning pipelines being developed, exploiting both CPU and GPU computing.

      Convener: Jonas Richiardi (CHUV)
    • 11:30 12:00
      Sensitive Genomics Data Analysis in Real Time for Clinical Proposes - the User’s Perspective

      Cancer immunotherapy has revolutionized the clinical outcome of patients. At the Department of Oncology at the CHUV, several phase I personalized cancer vaccines and adoptive T cells based therapies trials have been launched and a few more are under development. These exploratory therapies are based on the activation of the immune system to recognize and eliminate tumors based on recognition of mutated neoantigens presented specifically on the surface of cancer cells. Mutations are often private to each patient, hence comprehensive target discovery approaches have been put in place, including whole exome sequencing, transcriptomics and mass spectrometry based immunopeptidomics analyses. The computation analyses of such sensitive data must be completed within a define timeframe required for the manufacturing of the treatment products.

      In my presentation I will describe the computational pipeline for antigen discovery that we have developed for these trials and will discuss IT challenges related to the implementation of such a pipeline in the interface between research and clinical practices.

      Convener: Michal Bassani (CHUV)
    • 12:00 13:30
      Lunch and Networking 1h 30m
    • 13:30 14:00
      MedCo - Fostering Multi-Centric Medical Collaborations with Decentralized Privacy-Enhancing Technologies

      Using real-world evidence in biomedical research, an indispensable complement to clinical trials, requires access to large quantities of patient data that are typically held separately by multiple healthcare institutions. Centralizing those data for a study is often infeasible due to privacy and security concerns. Federated analytics is rapidly emerging as a solution for enabling joint analyses of distributed medical data across a group of institutions, without sharing patient-level data. We propose MedCo, a novel federated query system for distributed and privacy-preserving cohort exploration. MedCo enhances federated analytics with advanced privacy-enhancing technologies such as multiparty homomorphic encryption. It enables users to perform distributed cohort exploration and compute federated analytics on identified cohorts scattered across several institutions without the need of transferring patient data out the IT infrastructure of the data provider.

      Convener: Jean Louis Raisaro (CHUV)
    • 14:00 14:30
      Synthetic Data

      Companies, and in particular hospitals, collect large quantities of personal data. This information is extremely valuable and serves as a basis for many scientific studies.
      As of today, the reuse of such data is regulated by the Swiss Data Protection Law and the Swiss Law on Human Research. These laws prevent, to some extent, the processing, sharing, and publication of unmodified data that can potentially contain identifying information. As a result, research has to be performed on altered information that eventually reduces the accuracy of scientific experiments and data analyses.
      With the advent of Machine Learning, and in particular Generative Adversarial Networks (GANs), we are now able to generate synthetic data that possesses similar statistical properties than a reference population without creating exact copies of the original individuals. Some authors claim that this creates a paradigm shift in this privacy – utility tradeoff where synthetic data is now able to keep its utility while remaining safe in terms of privacy disclosure.
      This talk will present the preliminary results from a study carried out at CHUV to test and validate this synthetic data approach with the final objective being to determine its real potential in a hospital setting.

      Convener: Jérémie Despraz (CHUV)
    • 14:30 15:00
      Replacing POSIX authentication, towards a new Identity and Access Management for HPC

      Since the early development of Linux-based operating systems, the management of identities following POSIX standards has shown very few improvements. Today, HPC centres continue to use Linux-inherited POSIX standards for managing their users identities. With the development of web services and applications, a new set of concepts and standards grouped inside the name Identity and Access Management (IAM) have been developed to manage identities and roles. Applying IAM to HPC improves user management, roles definition, security and enables a simpler exchange of workflows from Cloud to HPC or vice versa. This talk showcases the application of such an IAM authentication concept to access HPC systems and discusses the benefits and the difficulties to integrate other IAM concepts to access HPC centres.

      Convener: Maxime Martinasso (CSCS)
    • 15:00 15:05
      Farewell and End of the Meeting 5m