In a world where cybersecurity has become a concern for many, University of California, Irvine students have discovered another possible threat as a result of technology: hacking 3D printers.
The team, led by Mohammad Al Faruque, director of UCI’s Advanced Integrated Cyber-Physical Systems Lab, demonstrated that an ordinary smartphone could be placed next to a machine and capture audio waves that contain information about the precise movements of the printer’s nozzle. If in the wrong hands, that information could then be used to reverse engineer the object being printed and re-create it.
The university refers to this act as a “new kind of cyberattack, presenting significant security risks.”
The new UCI study found that the 3D printers emit sounds, vibrations and other signals that present opportunities for cyberattacks. (Image Credit: Daniel Anderson / UCI)
“In many manufacturing plants, people who work on a shift basis don’t get monitored for their smartphones, for example,” said Al Faruque. “If process and product information is stolen during the prototyping phases, companies stand to incur large financial losses. There’s no way to protect these systems from such an attack today, but possibly there will be in the future.”
In testing, Al Faruque and the team were able to duplicate an object with 90 percent accuracy using the sound copying process.
How this works
Industrial 3D printers typically convert digital information embedded in source code to build layer upon layer of material until a solid object takes shape. While the source file can be protected from hackers with strong encryption, once the printing process begins, the printer emits sounds that can be captured and used to recreate the object. The sounds emitted actually contain a lot of information and the researchers say that they’re being confronted with a heavy interest from U.S. government agencies to learn more about this form of cyberattack.
“My group basically stumbled upon this finding last summer as we were doing work to try to understand the relationship between information and energy flows,” said Al Faruque. “According to the fundamental laws of physics, energy is not consumed; it’s converted from one form to another – electromagnetic to kinetic, for example. Some forms of energy are translated in meaningful and useful ways; others become emissions, which may unintentionally disclose secret information.”
As a solution to this attack, Al Faruque suggests that engineers attempt to figure out a way to jam the acoustic signals that are emitted from 3D printers, possibly with a white-noise device, in order to introduce intentional acoustic randomness. In the meantime, one possible precaution would be to prevent people from carrying smartphones near 3D printing areas when sensitive objects are being printed.
