Cyber attacks on 3D printers are a threat to the health and safety of those operating them. Researchers at Rutgers University-New Brunswick and Georgia Institute of Technology have developed novel methods to combat these attacks.
"They will be attractive targets because 3D-printed objects and parts are used in critical infrastructures around the world, and cyber attacks may cause failures in health care, transportation, robotics, aviation and space," said Saman Aliari Zonouz, an associate professor in the Department of Electrical and Computer Engineering at Rutgers University, New Brunswick. Researchers are using cancer imaging techniques to detect intrusions and hacking of 3D printer controllers.
"Imagine outsourcing the manufacturing of an object to a 3D printing facility and you have no access to their printers and no way of verifying whether small defects, invisible to the naked eye, have been inserted into your object," said Mehdi Javanmard, study co-author and assistant professor in the Department of Electrical and Computer Engineering at Rutgers University, New Brunswick. "The results could be devastating and you would have no way of tracing where the problem came from."
3D printing has become very important in industrial manufacturing. Health- and safety-related products like medical prostheses, aerospace and auto parts are currently being printed with no solid standard way to verify them for accuracy according to the study.
Many companies and organizations send their software-designed products to outside facilities to be 3D printed, instead of spending up to $100,000 or more to buy a 3D printer. But the firmware of these outside 3D printers is susceptible to being hacked.
In the study, the researchers bought 3D printers and showed how it is possible to hack a computer’s firmware and print defective objects. The defects were undetectable on the outside, but the objects had holes, fractures or other impurities inside them.
Anti-hacking software is essential but it is not 100 percent safe against cyber attacks. The Rutgers and Georgia Tech researchers looked instead at the physical aspects of 3D printers.
The software controls the printer in 3D printing, which fulfills the virtual design of an object. The physical part includes an extruder, or “arm,” and the filament is pushed through to form the object.
Researchers observed the motion of the extruder using sensors and monitored sounds made by the printer via microphones.
"Just looking at the noise and the extruder's motion, we can figure out if the print process is following the design or a malicious defect is being introduced," Zonouz said.
The researchers developed a third method that examines an object to see if it was printed correctly. Tiny gold nanoparticles act as contrast agents. They are injected into the filament and sent with the 3D design to the printing facility. Once an object is printed and shipped back, high tech scanning reveals if the nanoparticles have shifted in the object, holes or any other defects.
"This idea is kind of similar to the way contrast agents or dyes are used for more accurate imaging of tumors as we see in MRIs or CT scans," Javanmard said.
The next step in the research is to investigate what other ways there are to attack 3D printers and propose defenses and transferring methods.
The study was published at the 26th USENIX Security Symposium in Vancouver, Canada.