The recent advances in Artificial Intelligence (AI) are radically transforming the healthcare sector. Implementing the related solutions presents significant challenges, ranging from managing data quality and heterogeneity to compliance with stringent regulations (e.g., GDPR and HIPAA). In this context, MLOps emerges as a crucial solution to address these issues through a set of practices and tools. As a result, MLOps-based pipelines play a pivotal role in the effective management of Machine Learning (ML) models, which is vital to support diagnostic and prognostic activities. On the other hand, the development of healthcare systems should also consider several cybersecurity aspects required by the same regulations. To this end, the Cybersecurity Framework (CSF) 2.0, developed by the National Institute of Standards and Technology (NIST), describes updated guidelines to mitigate cybersecurity risks. Therefore, adopting MLOps with the support of the CSF represents an essential step for enabling the transition of ML models to enabled devices and improving the security of healthcare systems. For this reason, in this work, we present the high-level architecture of an MLOps pipeline employed by the DARE (DigitAl lifelong pRevEntion) foundation. Moreover, we also analyze its feasibility in satisfying CSF requirements, with particular emphasis on those related to data security, detection, and recovery.
Robustelli, A., Marfoglia, A., D’Errico, C., Mellone, S., Carbonaro, A. (2025). Feasibility of MLOps-based healthcare pipelines in ensuring the Cybersecurity Framework. Aachen : Ceur Workshop proceedings.
Feasibility of MLOps-based healthcare pipelines in ensuring the Cybersecurity Framework
Antonio Robustelli;Alberto Marfoglia;Christian D’Errico;Sabato Mellone;Antonella Carbonaro
2025
Abstract
The recent advances in Artificial Intelligence (AI) are radically transforming the healthcare sector. Implementing the related solutions presents significant challenges, ranging from managing data quality and heterogeneity to compliance with stringent regulations (e.g., GDPR and HIPAA). In this context, MLOps emerges as a crucial solution to address these issues through a set of practices and tools. As a result, MLOps-based pipelines play a pivotal role in the effective management of Machine Learning (ML) models, which is vital to support diagnostic and prognostic activities. On the other hand, the development of healthcare systems should also consider several cybersecurity aspects required by the same regulations. To this end, the Cybersecurity Framework (CSF) 2.0, developed by the National Institute of Standards and Technology (NIST), describes updated guidelines to mitigate cybersecurity risks. Therefore, adopting MLOps with the support of the CSF represents an essential step for enabling the transition of ML models to enabled devices and improving the security of healthcare systems. For this reason, in this work, we present the high-level architecture of an MLOps pipeline employed by the DARE (DigitAl lifelong pRevEntion) foundation. Moreover, we also analyze its feasibility in satisfying CSF requirements, with particular emphasis on those related to data security, detection, and recovery.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
