The cyber security risks of 3D printing

RESEARCHERS in the US are warning of the dangers posed by cyber security breaches to the emerging technology of 3D printing, also known as additive manufacturing.

Additive manufacturing, where an object is ‘printed’ from a CAD file usually using metal, ceramic or polymer materials, is becoming increasingly popular as a way to produce small batch products, for rapid prototyping or producing specialist parts. It has recently been approved by the US Federal Aviation Administration to produce a part for commercial jet engines. However, Ramesh Karri and a team of cyber security experts and materials engineers at New York’s Tandon School of Engineering, say that defects could be introduced to the CAD files as part of a cyber attack.

Karri and the team say that an attacker could hack into a 3D printer connected to the internet to make changes. They believe that two specific problems are most vulnerable – the insertion of fine defects within the body of an object, and the orientation of the printer nozzles.

'These are possible foci for attacks that could have devastating impact on users of the end product, and economic impact in the form of recalls and lawsuits,' explained Nikhil Gupta, an associate professor of mechanical engineering and researcher on the paper.

The researchers introduced sub-millimetre defects between the printed layers of an object, so small that they would be undetectable by standard industry techniques like ultrasonic imaging. Over time, such defects would weaken the part – as it would be more susceptible to fatigue conditions, heat, light and humidity – and cause it to fail.

Slightly more concerning is changing the printer head orientation. As the CAD files themselves do not specifically give instructions for printer head orientation, the researchers say that the overall instructions for the product to be printed could be changed without detection. Changing the nozzle orientation could make the product up to 25% weaker.

The team says that new cyber security tools will be needed to protect against such attacks.

“With the growth of cloud-based decentralised production environments enabled by the unique flexibility of additive manufacturing, it is critical that all entities within the additive manufacturing supply chain be aware of the unique challenges presented to avoid significant risk to the reliability of the product,” the researchers write.

Journal of The Minerals, Metals & Materials Society DOI: 10.1007/s11837-016-1937-7