How do you train an AI to detect cancer when privacy laws prevent hospitals from sharing patient scans? How do you improve approaches to detect network attacks using real-world data while still respecting user privacy? A new USC-led testbed aims to address these paradoxes, with implications across healthcare, transportation, and beyond.

The National Science Foundation has awarded USC’s Information Sciences Institute, a unit of the Viterbi School of Engineering, just over $1 million to build and operate a national testbed that will help researchers and organizations evaluate privacy-preserving technologies for data sharing. The project launched September 1, 2024.

The testbed, called TEPPIT (Testbed for Privacy-Preserving Technologies for Data Sharing and Analysis), is part of NSF’s broader $10 million Privacy-Preserving Data Sharing in Practice (PDaSP) program, which funds 10 teams across the country working to advance privacy-enhancing technologies from research into real-world deployment.

Solving a Critical Paradox

Consider medical research: multiple hospitals might want to collaborate on training machine learning models for cancer detection using MRI images, but privacy regulations make sharing patient data extremely challenging.

With privacy-preserving techniques like federated learning, each hospital can train a model locally on its own data, sharing only model updates rather than raw patient information. Combined centrally over multiple rounds, this produces an accurate model while keeping sensitive patient data at its source.

The technologies exist. The problem? It is challenging for researchers to test how well they actually work on a given dataset and for a given application.

“It is often unclear how well a given technique protects privacy in a specific application, what risks remain, and what trade-offs exist between privacy protection, accuracy, performance, and usability,” explained  Jelena Mirkovic, ISI project leader and research associate professor in the Thomas Lord Department of Computer Science at the School of Advanced Computing within Viterbi, who leads TEPPIT. “As a result, organizations struggle to confidently adopt these technologies in real-world systems.”

The stakes are high: deploy too little privacy protection and you risk patient data breaches and regulatory violations; deploy too much and your AI models become useless, defeating the purpose of data sharing entirely.

“By protecting individual privacy while still enabling data-driven analysis, these technologies help organizations responsibly unlock the value of shared data,” Mirkovic said.

Building the Testing Ground

Led by Mirkovic, in collaboration with John Heidemann, Viterbi research professor in the Thomas Lord department of computer science at the school of advanced computing and principal scientist at ISI, Jose-Luis Ambite, Viterbi research associate professor in the Thomas Lord Department of computer science at the school of advanced computing, David Balenson, director of the networking and cybersecurity division at ISI,  and Yuri Pradkin, senior research engineer at ISI, TEPPIT will provide a common evaluation environment where both researchers and practitioners can systematically test and compare privacy-preserving data sharing technologies under realistic conditions. The testbed aims to close the evaluation gap by providing shared infrastructure for assessment, comparative analysis, vulnerability testing, and privacy-utility trade-off analysis.

TEPPIT will leverage SPHERE, a nationally funded research infrastructure, to provide realistic testing environments that reflect actual operational systems, workloads, and constraints. This foundation helps ensure that evaluation results are meaningful, comparable, and reproducible.

“These technologies must be tested under conditions that reflect real operational systems,” Mirkovic noted. “By using SPHERE as a foundation, TEPPIT helps ensure that evaluation results are meaningful, comparable, and reproducible.”

Coordinating a National Effort

Beyond building the testbed, ISI is serving as the central coordination hub for the entire $10 million PDaSP program. The institute hosts the program website at https://pdasp.net and organizes meetings for all PDaSP teams, including a recent virtual program kickoff.

“ISI has extensive experience engaging research and practitioner communities across cybersecurity and networking,” said David Balenson, director of the Networking and Cybersecurity division at ISI. “In this coordination role, ISI will support collaboration among PDaSP teams, help publicize accomplishments to government and industry audiences, and facilitate connections with potential partners who could deploy these technologies.”

The PDaSP program emphasizes moving privacy technologies from research prototypes into real-world systems. Industry partners contribute use cases, operational constraints, and deployment perspectives, while also serving as potential pathways for transitioning successful technologies into production systems.

“Privacy-preserving data sharing is both a research challenge and a deployment challenge,” Ambite explained. “Industry partners contribute real-world use cases, operational constraints, and deployment perspectives that help ensure the research remains grounded in practice.”

From Prototype to Production

Over the next three years, TEPPIT is designed to become an open-source resource that grows as the community contributes new algorithms, test cases, and applications. Success will be measured by broad adoption among academic and industry users.

The project builds on ISI’s long track record of building national-scale research infrastructure, including Pegasus for scientific workflows, DETERLab and SPHERE for cybersecurity and privacy research, and California DREAMS for semiconductor manufacturing.

“For the PDaSP program as a whole, success means that technologies developed under the program transition into real-world deployment in industry and government, enabling organizations to share and analyze data more effectively while protecting individual privacy,” Heidemann said.

The applications span numerous sectors. Beyond healthcare, the work could help cities share transportation data to optimize traffic flow without revealing individual travel patterns, enable educational institutions to collaborate on student outcome research while protecting student privacy, and allow financial institutions to detect fraud patterns without exposing customer information.

More information about the PDaSP program is available at https://pdasp.net.

Published on January 22nd, 2026

Last updated on January 22nd, 2026