Skip to content

Successful Sabotage of Drone Highlights Additive Manufacturing Security Needs

By Karen Haywood Queen Contributing Editor, SME Media

Additive manufacturers seeking to protect their products must secure every point in their manufacturing process, a need highlighted by the recent successful hack and sabotage of a drone produced by 3D printing, Richard Grylls, technical director at SLM Solutions, said.

“Companies looking to safeguard their components should be concerned with securing all parts of the process – from data generation to shipping,” he added.

Adequate protection is difficult to achieve because, “an adversary will be able to exploit even a single weakness of the system,” researcher Mark Yampolskiy said. “Therefore security can only be achieved by protecting against all possible avenues of attack.”

Yampolskiy, of the University of Southern Alabama, was part of a team that hacked into an AM system for making a drone. Researchers from Ben Gurion University of the Negev and Singapore University of Technology and Design were also on the team.

These researchers altered the propeller blueprint, which caused the drone to crash and break in July. And they published their paper in the fall.

The attack was not the first demonstration of what could be done, but it was the first successful end-to-end attack, Yampolskiy said.

Previous demonstrations had assumed the perpetrator was already inside the AM system, he said. Yampolskiy and his fellow researchers used spear phishing to gain access to the computer and then installed a backdoor that enabled remote access to the compromised computer.

In the “less than a handful” of previous demonstrations, “all other aspects—how an attacker gets into the system, how a defect with desired characteristics is developed, and the very final impact on the CPS (cyber-physical systems) that employs a sabotaged 3D printed part–were not properly covered,” he said.

This digital attack also was novel because the tampering was very subtle and not visible to the human eye, Sven Schrecker, chief architect for IoT Security Solutions at Intel, said.

“In order to combat this approach, we need to highlight the importance of supply chain integrity,” he said. “Each product or system must have its integrity attested to. The owner/operator of the equipment must be able to interrogate each component of the system to attest to that element’s integrity.”

Toolpath-Screen-Shot-750x420.jpg
See how the phishing attack worked, on YouTube: http://tinyurl.com/gqg8xg5

To detail: The blueprint itself should be protected so that any alterations could be detected, Yampolskiy said. Individual commands to the printer should be verified that they are corresponding to the blueprint. The actual manufacturing process should be verified that the object is printed according to spec. The manufacturing process should be safeguarded to ensure that mechanical weaknesses aren’t introduced. The quality assurance process needs to be improved to detect alterations in both the 3D design and micro-structural properties of materials to make those parts, Schrecker said.

To help ensure integrity, SLM’s inspections include X-rays and CT scans to verify dimensions and structural integrity–ensuring that the components meet specifications and have not been tampered with at any stage of the process, Grylls said.

Another significant and troubling difference in this hack was that the part would appear and operate normally—for a time.

It is exactly the scenario Kasey Cross, director of product management at LightCyber, painted–of defects being introduced to products that are not immediately discernible–in a cyber defense article.

When the researchers modified the print blueprint, they introduced a defect that would get past factory inspection and testing and then lead to a catastrophic failure, Yampolskiy said.

“Think about a jet engine,” said fellow researcher Yuval Elovici of Ben Gurion University and Singapore University. “It might run normally for a short period of time and then break when the airplane is flying.”

Keeping computers that are involved in AM offline offers another level of protection.

“Users of SLM Solutions systems producing components for critical applications often keep their SLM Solutions machines, and all data preparation systems, completely offline,” Grylls said.

Germany’s Platform Industry 4.0 Security Working Group and the Industrial Internet Consortium Security Working Group are working together to address manufacturing security issues, Schrecker said.

Upcoming demonstrations will show how interoperability monitoring can identify supply chain compromises, he added.

Related Articles

  • VIEW ALL ARTICLES
  • Latest Videos

  • Connect With SME Media

Always Stay Informed

Receive the latest manufacturing news and technical information by subscribing to our monthly and quarterly magazines, weekly and monthly eNewsletters, and podcast channel.