Researchers listen in to uncover cyber attacks on 3D printers
Image credit: Dreamstime
A team of engineers from Rutgers University-New Brunswick, NJ, and Georgia Institute of Technology have developed new methods – including an approach inspired by cancer imaging techniques – to detect cyberattacks on 3D printers.
“[3D printers] will be attractive targets because 3D-printed objects and parts are used in critical infrastructures around the world, and cyber attacks may cause failures in healthcare, transportation, robotics, aviation and space,” said Professor Saman Aliari Zonouz, a researcher at Rutgers’ department of electrical and computer engineering.
A 3D printer can cost approximately $100,000 and, due to this expense, many small and medium companies send their designs to external facilities for printing. There is, at present, no way to verify printed objects for accuracy. With the possibility of firmware being hacked, this means that the process cannot be absolutely secure.
“Imagine outsourcing the manufacturing of an object to a 3D-printing facility, and you have no access to their printers and no way of verifying whether small defects, invisible to the naked eye, have been inserted into your object,” said Professor Mehdi Javanmard, who also works at Rutgers University-New Brunswick.
“The results could be devastating and you would have no way of tracing where the problem came from.”
For their study, the researchers purchased several 3D printers and began by demonstrating that it was possible to hack into a computer’s firmware and cause objects to be printed with defects. In some cases, these defects can be identified with a thorough inspection of the object, although more commonly the defects are undetectable at a glance. These flawed objects could have holes or fractures hidden inside, making some – such as those used in surgery – potentially dangerous.
The researchers chose to focus on the physical aspects of 3D printers, knowing that anti-hacking software is never flawless. They tracked the activity of the extruder – through which material is pushed to form layers of an object – with microphones.
By simply monitoring the extruder’s noise and comparing it to what is expected using software similar to Shazaam or SoundHound, the researchers found that it was possible to determine whether the printing process is following the design correctly.
An alternative method for detecting flaws involves injecting tiny gold nanoparticles – acting as “contrast agents” – into the raw printable material. Scanning the 3D-printed object can reveal whether these tracers end up in the correct locations; if not, this could suggest that a deliberate defect has been added. “This idea is kind of similar to the way contrast agents or dyes are used for more accurate imaging of tumours as we see in MRIs or CT scans,” said Professor Javanmard.
Evaluating their methods using three different types of 3D printers, the researchers found their methods to be 100 per cent accurate in detecting printed defects in real time. According to the researchers, their next steps will be automate the process, to investigate other ways to attack 3D printers, and to transfer their methods to industry.
“You’ll see more types of attacks as well as proposed defences in the 3D-printing industry within about five years,” said Professor Zonouz.
Researchers from New York University, who have also investigated security in the 3D-printing industry, have suggested that deliberate, hidden flaws could be embedded into designs to prevent the illicit production of objects from stolen files.