When it comes to computers and other technology, hacking, by definition, can mean either to modify in a clever, skillful way, or to get around security with malicious intent. So while we love hearing about cool 3D printing hacks, we also know that there are people in the world who aim to hack 3D printers for more nefarious reasons. 3D printing is being used more and more in industrial manufacturing, in fields like health, transportation, construction, and defense, and there isn’t really a standard way to verify parts for accuracy. Lots of organizations send products that they’ve designed with 3D software elsewhere to be printed, but the firmware and other aspects of these 3D printers are vulnerable to hacking. That’s why, as more people begin to realize that cyberattacks on 3D printers could threaten our world, researchers at Rutgers University – New Brunswick and the Georgia Institute of Technology (Georgia Tech) are working on counter strategies to defend 3D printers from these types of attacks.
“Imagine outsourcing the manufacturing of an object to a 3D printing facility and you have no access to their printers and no way of verifying whether small defects, invisible to the naked eye, have been inserted into your object. The results could be devastating and you would have no way of tracing where the problem came from,” said Mehdi Javanmard, an assistant professor in the Department of Electrical and Computer Engineering at Rutgers.
The research team has developed three novel methods to combat 3D printer cyberattacks, and published a peer-reviewed study, titled “See No Evil, Hear No Evil, Feel No Evil, Print No Evil? Malicious Fill Pattern Detection in Additive Manufacturing,” at the USENIX Security Symposium in Vancouver today, which is the flagship event of the security community and showcases the newest work in protecting computer systems, networks, and 3D printers. In addition to Javanmard, co-authors of the study include Luis Garcia, Tuan Le, and Saman Aliari Zonouz of Rutgers and Christian Bayens and Raheem Beyah of Georgia Tech.
It’s very important for 3D printer owners to purchase anti-hacking software, but it’s not a complete guarantee that your printer will be safe from cyberattacks. So the team decided to focus on the physical aspects of 3D printers, and purchased several for their study, in order to highlight the possibility of hacking into the firmware of a computer and printing objects with defects, which are typically not able to be detected by just looking at them.
The abstract reads, “In this paper, we develop a scheme of verification and intrusion detection that is independent of the printer firmware and controller PC. The scheme incorporates analyses of the acoustic signature of a manufacturing process, real-time tracking of machine components, and post production materials analysis. Not only will these methods allow the end user to verify the accuracy of printed models, but they will also save material costs by verifying the prints in real time and stopping the process in the event of a discrepancy. We evaluate our methods using three different types of 3D printers and one CNC machine and find them to be 100% accurate when detecting erroneous prints in real time. We also present a use case in which an erroneous print of a tibial knee prosthesis is identified.”
Zonouz, an associate professor in the Department of Electrical and Computer Engineering at Rutgers, said, “They will be attractive targets because 3D-printed objects and parts are used in critical infrastructures around the world, and cyberattacks may cause failures in health care, transportation, robotics, aviation and space.”
“You’ll see more types of attacks as well as proposed defenses in the 3D printing industry within about five years.”
The researchers used several interesting techniques to work on detecting 3D printer controller hacking and intrusions. In one experiment, the team used microphones to monitor the sounds the printer made, and also kept a close watch on the extruder’s movement with sensors.
Zonouz explained, “Just looking at the noise and the extruder’s motion, we can figure out if the print process is following the design or a malicious defect is being introduced.”
The team also injected tiny gold nanoparticles, as contrast agents, into the filament, and then closely examined their completed objects to make sure they were printed correctly. These nanoparticles can be sent with a design to a 3D printing facility that will print designs for companies. High-tech scanning will then show whether the nanoparticles have shifted in the 3D printed object, or have developed holes or other defects.
Javanmard said, “This idea is kind of similar to the way contrast agents or dyes are used for more accurate imaging of tumors as we see in MRIs or CT scans.”
Zonouz said that the team will now focus on other possible ways to attack 3D printers, and then work to propose defense strategies for the attacks and determine ways to transfer the methods to the industry. Discuss in the Security forum at 3DPB.com.[Source: Rutgers]