Cyber-physical vulnerabilities in additive manufacturing systems: A case study attack on the .STL file with human subjects

doi:10.1016/j.jmsy.2017.05.007

Journal of Manufacturing Systems

Volume 44, Part 1, July 2017, Pages 154-164

https://doi.org/10.1016/j.jmsy.2017.05.007 Get rights and content

Highlights

•
An overview of the AM process chain and attack vectors at each step is given.
•
The .STL file as an attack vector is investigated in detail.
•
An automated attack algorithm is used to insert voids into arbitrary geometries.
•
A study using human subjects is conducted to simulate an attack occurring.

Abstract

One of the key advantages of additive manufacturing (AM) is its digital thread, which allows for rapid communication, iteration, and sharing of a design model and its corresponding physical representation. While this enables a more efficient design process, it also presents opportunities for cyber-attacks to impact the physical word. In this paper the authors examine potential attack vectors along the Additive Manufacturing process chain. Specifically, the effects of cyber-physical attacks, and potential means for detecting them, are explored. To explore the potential implications of such an attack, a case study was conducted to evaluate the ability of human subjects to detect and diagnose a cyber-physical attack on the STL file of a test specimen. Based on the results of this study, recommendations are presented for preventing and detecting cyber-physical attacks on AM processes.

Introduction

Cyber-physical systems (CPS) are systems that integrate physical hardware with software systems, often with the use of a network. With the growth of the Internet of Things (IoT) the number of CPS systems on networks continues to increase [1]. Concurrently, cyber-attacks have become more prevalent in recent years, increasing in maliciousness and decreasing in visibility [1], [2], [3]. This poses a significant issue, as cyber-attacks on cyber-physical systems could result in damage to the machines themselves or the humans who interact with them.

A prominent example of a cyber-physical attack was the Stuxnet worm that targeted Iranian centrifuges used for refining uranium. In this attack the worm was able to infect the software system and affect the physical hardware, causing damage to the centrifuges. By sending false data back to the operators, Stuxnet was able to make it appear as though the centrifuges were operating correctly, while it caused them to damage themselves. The ability of Stuxnet both to cause damage to physical systems and to hide itself illustrates the ability of a cyber-physical attack to disrupt manufacturing systems and the need for physical methods of detection [4].

Another example of a cyber-physical attack is the hijacking of insulin pumps. In this case a hacker is able to connect to a Bluetooth enabled insulin pump to control the dose of insulin given to the wearer. By increasing or decreasing the dosage of insulin, it is possible to cause serious injury or even death in the user. The currently security system for these pumps is insufficient to prevent a cyber-physical attack that could have potentially lethal consequences [5].

The previously mentioned examples demonstrate the ability for cyber-attacks to cross over into the physical world. Attacks on CPS are even more alarming when considering the ever-increasing amount of networked devices that are being connected to machines in the manufacturing world. A cyber-attack on these machines could cause injury to plant workers and damage to the machine itself. This has already been demonstrated at a German foundry wherein a cyberattack on a blast furnace’s control systems prevented a safe shut down and resulted in “massive damage” [6], [7]. Perhaps even more insidiously, an attack could be designed to cause a process to produce faulty parts that might find their way into end-user products[8]. For example, an attack could be designed to affect the production of a jet turbine part such that it would pass inspection but fail during operation and cause significant damage.

With the rise in both the number of CPS connected to networks and in malicious cyber-attacks, there is a clear need for research to understand the vulnerabilities of cyber-physical systems. Recent work on the current status of cyber-physical systems has identified security as a major issue [9]. Additionally, there is a need to identify the skills that are necessary to effectively operate a cyber-physical manufacturing environment [10], which the authors believe includes skills pertaining to the identification and prevention of attacks on manufacturing systems.

As such, the authors have investigated cyber-physical vulnerabilities in manufacturing systems. The authors have demonstrated such attacks on subtractive manufacturing, and have found that they can have a demonstrable effect on the part being produced [11], [12]. In the previous work the authors demonstrated a toolpath attack by manually modifying and replacing machining toolpath (e.g., GCODE). This work was limited to modifying the external geometry of a part in a way that affected the part strength, but was detectable using common inspection techniques.

In this paper, the authors scope their research solely on Additive Manufacturing (AM, commonly referred to as “3D Printing”) systems. The process chain of these networked machines has unique vulnerabilities that warrant a detailed investigation. Specifically, due to (i) their layer-wise fabrication approach and (ii) the processes’ impact on parts’ final material properties due to process-induced transformation of raw material to finished good (as opposed to subtractive machining, where the material properties are defined by the feed stock), there are several cyber-physical vulnerabilities that are unique to AM. For example, voids can be placed inside of a part and the material properties of internal layers can be changed without affecting the exterior layers, which makes detection with traditional part inspection techniques difficult (as discussed in Section 3). Because of the potential damage from a cyber-physical attack, there is a need to investigate AM systems to determine what vulnerabilities exist and how to prevent and mitigate the threat of cyber-attacks. Recently, there has been increasing interest in evaluating these threats to AM systems, with the effects of toolpath modifications and embedded defects being simulated and evaluated through physical testing [13]. The key differences between additive and subtractive manufacturing are the features that make AM unique: (i) its layerwise approach to fabrication, which provides opportunity to place defects internally, and (ii) its transformation of raw material in the process, which allows for altering material properties of the final product by changing the print parameters.

An overview of the cyber-physical attack vulnerabilities of the AM process chain is presented in Section 2. A case study of an AM cyber-physical attack, in which the .STL file structure is altered, is presented in Section 3. The resulting effectiveness of this attack is reported in Section 4 via part testing and experimentation with human subjects. Finally, in Section 5, the results of the attack are analyzed to identify ways of preventing and mitigating future attacks.

Section snippets

Cyber-vulnerabilities in the additive manufacturing process

To be able to prevent a cyber-attack, one must first understand the vulnerabilities and weaknesses of the system. To do this, it is necessary to follow a cyber-attack through the process chain, from conception to simulated deployment. In this section, the AM process chain is examined for potential vulnerabilities to cyber-attacks. Previous work by Bridges [14] has given a high level process view by highlighted points in the process chain where the theft or corruption of a design could occur;

Case study: cyber-physical attack on AM systems via altering .STL files

To gain a better understanding of existing vulnerabilities, to determine if these vulnerabilities are significant, to understand the circumstances that allow attacks to occur, and to develop better methods for preventing cyber-physical attacks from occurring in the future, the authors explored the effects of a cyber-physical attack on AM systems. Specifically, following the discussion of cyber-physical vulnerabilities along the AM process chain (Section 2), the authors decided to explore the

Effects of .STL void attack

To ascertain the potential impact of this specific attack, the authors sought to answer two research questions: (i) Can an automatically inserted void affect part strength enough to cause a failure?, and (ii) Can a void attack be detected by operators? These questions were answered via two experiments: first, the authors evaluated the effect of a “printed void” on the mechanical strength of a printed specimen; second, the authors evaluated the ability of AM operators to notice the attack via a

Discussion and recommendations

The results of this study show that more work is needed to protect AM systems against cyber-physical attacks. While the focus of this work was on the vulnerabilities of the universal AM file format, it is not done to suggest that we should move to a more closed, proprietary format. Not only would such an effort eliminate the primary reason behind the recent, widespread proliferation of desktop-scale AM systems within the hobbyist/maker community, it would also fail to address the root of the

Closure

With the increasing number of manufacturing systems connected to networks, more work needs to be done to ensure the safety of these systems. Additive manufacturing systems in particular have unique vulnerabilities presented by the ability to affect the internal layers without affecting the exterior. An overview of the AM process chain (Section 2) showed that the .STL file was a vulnerable attack vector due to its universality and ease of editing. Further investigation into the .STL file

Acknowledgements

This work was supported by the National Science Foundation Grant #1446804: “CPS: Synergy: Collaborative Research: Cyber-Physical Approaches to Advanced Manufacturing Security.” Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation.

Portions of this work (graduate student funding) were also provided via Virginia Tech.

Logan Sturm is a PhD student in Mechanical Engineering at Virginia Tech. His research is focused on cyber-physical security for additive manufacturing systems. His research involves identifying vulnerabilities in the AM process chain and working to develop solutions to the problems that are unique to AM. He has also done work related to embedded devices in AM systems and co-led a group that won the America Makes Innovation Sprint for Smart Structures.

References (23)

L. Wang et al.
Current status and advancement of cyber-physical systems in manufacturing
J Manuf Syst
(2015)
B. Dworschak et al.
Competences for cyber-physical systems in manufacturing—first findings and scenarios
Procedia CIRP
(2014)
S. Mustaca
Are your IT professionals prepared for the challenges to come?
Comput Fraud Secur
(2014)
S.R. Chhetri et al.
Side-Channels of Cyber-Physical Systems: Case Study in Additive Manufacturing
IEEE Des Test
(2017)
T. Craeghs et al.
Feedback control of Layerwise Laser Melting using optical sensors
Phys Procedia
(2010)
D. Evans
The Internet of Things: How the Next Evolution of the Internet is Changing Everything
CISCO White Pap
(2011)
J. Bayuk et al.
Malware Risks and Mitigation Report
BITS Financ Serv Roundtable
(2011)
M. Watin-Augouard
Prospective Analysis on Trends in Cybercrime from 2011 to 2020
Natl Gendarm
(2011)
Falliere N, Murchu LO, Chien E. W32. Stuxnet Dossier 2011,...
C. Li et al.
Hijacking an insulin pump: security attacks and defenses for a diabetes therapy system. e-Health Netw. Appl. Serv. (Healthcom)
2011 13th IEEE Int. Conf.
(2011)

Zetter K. (Wired). A Cyberattack Has Caused Confirmed Physical Damage for the Second Time Ever | WIRED 2015....

Cited by (162)

MitM attacks on intellectual property and integrity of additive manufacturing systems: A security analysis
2024, Computers and Security
Additive Manufacturing (AM) was originally invented to reduce the cost of the prototyping process. Over time, the technology evolved to be faster, more accurate, and affordable. These factors, in addition to the potential use of AM in parts production, have helped rapidly drive the growth of AM in both industrial and personal uses. Thus, there is an accompanying demand to understand the cybersecurity implications of such systems. In our research, we present an in-depth security review of Stratasys Dimension Elite and show how manufacturers of such high-end 3D printers failed to protect the confidentiality and integrity of the printed 3D models. Revealing the intricate dimensions of cyber threats within the realm of AM and laying the foundation for understanding the multifaceted nature of attacks, offering insights into vulnerabilities and potential consequences. Moreover, we demonstrate the massive impact network attacks can have on 3D printers' communication channels. Our sniffing attack stole transmitted models with a minimal overhead of 0.015 seconds to evade detection. The developed replacement attack targeted and replaced specific models with offline-prepared models. Also, we automated a sabotaging attack to alter the interior model structure on the fly with minimal visual but significant strength differences. By revealing these attacks, this research not only improves the security posture of 3D printers but also enhances the understanding of security challenges in additive manufacturing as a whole.
Ensuring additive manufacturing quality and cyber–physical security via side-channel measurements and transmissions
2024, Journal of Manufacturing Systems
In order to securely monitor and validate additive manufacturing (AM) processes,the authors present a novel data transmission approach using a disconnected side-channel monitoring system. This approach is centered on the concept of embedding process-quality information into the print toolpath such that it may be detected by an in-situ side-channel monitoring system. This system can then parse these side-channel measurements to decode the embedded information, effectively transmitting process quality information to the air-gapped monitoring system. This enables in-situ comparison against the covertly transmitted specification for validation of the part build. This approach allows the monitoring system to remain disconnected from the network while still enabling the validation of parts never-before-seen by the system. In this paper, the concept of, and considerations for, transmitting part quality specification information over process side-channels is presented. An implementation, consisting of a disconnected side-channel monitoring system and communication protocol, is constructed for a material extrusion AM machine. Validation of the overall concept and AM process embodiment is provided through demonstration of successful detection of attacks on part geometry and process parameters.
Metaverse in advanced manufacturing: Background, applications, limitations, open issues & future directions
2024, ICT Express
The metaverse promises to revolutionize the internet by introducing a new era of three-dimensional objects. The advancements in artificial intelligence and immersive technologies have made the metaverse a trending topic in various industries, including manufacturing. This study aims to provide a comprehensive understanding of the metaverse, its underlying technologies, and the current trends shaping its development. By delving into the concept and potential applications of the metaverse in manufacturing, we seek to uncover its transformative benefits for the industry. Through an exploration of existing use cases, we aim to highlight the practical implications of the metaverse. Recognizing the need for further research, this study also addresses the limitations, privacy concerns, and security implications associated with the metaverse. By examining these aspects, we hope to motivate further investigation and contribute to the ongoing discourse surrounding this emerging paradigm.
Lightweight Geometric Compression Encoding for Additive Manufacturing
2023, CAD Computer Aided Design
In additive manufacturing (AM), 3D geometric models often contain some repetitive structures. To represent model topology more effectively and reduce storage space, this paper introduces a data structure using the repetition encoding framework and the hash encoding framework. First, we identify repeated meshes within the model and establish transformation groups. Then, we cluster the identical transformation groups to optimize storage space usage by utilizing the geometric relationships among facets. Finally, efficient data storage is achieved using the hash encoding framework. We devise three compatible encodings for prevalent additive manufacturing file formats based on these frameworks. We compare the encoding process with three commercial software solutions regarding the reconstruction efficiency and the storage space requirement. Experimental results exhibit that our proposed methods reduce file sizes by over 70% while preserving model topology information.
Stereo vision enabled flexible in-situ process authentication of additive manufacturing
2023, Manufacturing Letters
Additive manufacturing (AM) has been increasingly adopted in aerospace, healthcare, and many other industries to fabricate parts with complex geometries. Despite the rapid market growth, the digital thread of AM makes it vulnerable to cyber-attacks, which raises concerns among researchers and practitioners. Notably, most of cyber-attacks maliciously manipulate the workpiece by altering the printing path. For AM authentication, it is important to monitor the printing process and detect malicious alterations in the printing path. Most existing studies mounted a camera onto the 3D printer and recorded videos of the extruder and printing bed to analyze the printing path. Besides the inconvenience and potential interferences to the AM process, these approaches are sensitive to camera positions and angles, and they are limited in the ability to precisely track the kinematics of the extruder and printing bed. To advance the state-of-the-art, this study leverages stereo vison and develops a new in-situ monitoring scheme for AM process authentication. With the stereo camera, RGB-D videos (RGB images + depth information) can be collected in real time from the extruder and printing bed. The kinematics of the extruder and bed are then estimated using optical flow and pinhole model for the reconstruction of the printing trajectory. Finally, a control chart is built upon the Hausdorff distance between the reconstructed path and the designed one (from the G-code) for the detection of printing path alterations. The developed scheme is evaluated and validated through case studies with multiple types of attack patterns.
Understanding blockchain applications in Industry 4.0: From information technology to manufacturing and operations management
2023, Journal of Industrial Information Integration
The current literature regarding blockchain-based applications in the context of Industry 4.0 has rapidly grown during the last decade. However, a systematic literature review that summarizes the main contributions, findings, and implications from a managerial perspective of the blockchain technology adoption in the specific context of Industry 4.0 is still missing. The present article aims to fill this research gap by examining and elaborating on the extant literature to develop a literature-grounded framework (WHY-HOW-WHAT) that helps better understand the management issues that blockchain technology can help resolve in the context of Industry 4.0, as well as identify the main features of blockchain-based solutions in various areas of Industry 4.0. Furthermore, the proposed framework is useful to understand how ten Industry 4.0 enabling technologies combine with the blockchain technology to implement efficient and effective blockchain-based solutions in Industry 4.0 settings. Finally, based on this framework we conjecture the trajectories of the evolution of blockchain technology in Industry 4.0 settings, and highlight the relevant research gaps that both academics and practitioners working on this field should address in the near future.

View all citing articles on Scopus

Christopher Williams is an Associate Professor and the Electro-Mechanical Corporation Senior Faculty Fellow in the Department of Mechanical Engineering at Virginia Tech. He currently holds the W. S. Pete White Chair for Innovation in Engineering Education. He is the Director of the Design, Research, and Education for Additive Manufacturing Systems Laboratory (DREAMS Lab), and the Associate Director of Virginia Tech’s Macromolecules & Interfaces Institute. He holds affiliate faculty appointments in the Department of Engineering Education and the Department of Material Science & Engineering.

Dr. Jaime Camelio is the Rolls-Royce Commonwealth professor for advanced manufacturing, the previous graduate program director and assistant department head of the Grado department of industrial and systems engineering at Virginia Tech. He leads the Virginia Tech Cyber-Physical Systems Security Manufacturing Group, which is looking to improve the resiliency of the critical infrastructure of the United States, specifically the manufacturing related segments. The group has three main focus areas; vulnerability assessment of the manufacturing enterprise, improving in-process monitoring in manufacturing systems, and augmenting current quality control tools in manufacturing, to detect unwanted changes in part or production.

Dr. Jules White is an Assistant Professor of Computer Science in the Dept. of Electrical Engineering and Computer Science at Vanderbilt University. His research focuses on securing, optimizing, and leveraging data from mobile cyber-physical systems. His mobile cyber-physical systems research spans four key focus areas: (1) mobile security and data collection, (2) high-precision mobile augmented reality, (3) mobile device and supporting cloud infrastructure power and configuration optimization, and (4) applications of mobile cyber-physical systems in multi-disciplinary domains, including energy-optimized cloud computing, smart grid systems, healthcare/manufacturing security, next-generation construction technologies, and citizen science.

Robert Parker is an independent consultant who has worked with the Virginia Tech Applied Research Corporation. His focus is on research program development and management as well as technical consulting. Current areas of interest include mobile security, cyber-physical systems security, trusted electronics, and more generally, embedded computing. He has previously worked as a deputy director at the Information Sciences Institute.

View full text

Cyber-physical vulnerabilities in additive manufacturing systems: A case study attack on the .STL file with human subjects

Highlights

Abstract

Introduction

Section snippets

Cyber-vulnerabilities in the additive manufacturing process

Case study: cyber-physical attack on AM systems via altering .STL files

Effects of .STL void attack

Discussion and recommendations

Closure

Acknowledgements

J Manuf Syst

Procedia CIRP

Comput Fraud Secur

IEEE Des Test

Phys Procedia

The Internet of Things: How the Next Evolution of the Internet is Changing Everything

CISCO White Pap

Malware Risks and Mitigation Report

BITS Financ Serv Roundtable

Prospective Analysis on Trends in Cybercrime from 2011 to 2020

Natl Gendarm

Hijacking an insulin pump: security attacks and defenses for a diabetes therapy system. e-Health Netw. Appl. Serv. (Healthcom)

2011 13th IEEE Int. Conf.