Needle in a Haystack: Detecting Subtle Malicious Edits to Additive Manufacturing G-code Files

Increasing usage of Digital Manufacturing (DM) in safety-critical domains is increasing attention on the cybersecurity of the manufacturing process, as malicious third parties might aim to introduce defects in digital designs. In general, the DM process involves creating a digital object (as CAD files) before using a slicer program to convert the models into printing instructions (e.g. g-code) suitable for the target printer. As the g-code is an intermediate machine format, malicious edits may be difficult to detect, especially when the golden (original) models are not available to the manufacturer. In this work we aim to quantify this hypothesis through a red-team/blue-team case study, whereby the red-team aims to introduce subtle defects that would impact the properties (strengths) of the 3D printed parts, and the blue-team aims to detect these modifications in the absence of the golden models. The case study had two sets of models, the first with 180 designs (with 2 compromised using 2 methods) and the second with 4320 designs (with 60 compromised using 6 methods). Using statistical modelling and machine learning (ML), the blue-team was able to detect all the compromises in the first set of data, and 50 of the compromises in the second

SoK: Acoustic Side Channels

We provide a state-of-the-art analysis of acoustic side channels, cover all the significant academic research in the area, discuss their security implications and countermeasures, and identify areas for future research. We also make an attempt to bridge side channels and inverse problems, two fields that appear to be completely isolated from each other but have deep connections.Comment: 16 page

Exploring Attacks and Defenses in Additive Manufacturing Processes: Implications in Cyber-Physical Security

Many industries are rapidly adopting additive manufacturing (AM) because of the added versatility this technology offers over traditional manufacturing techniques. But with AM, there comes a unique set of security challenges that must be addressed. In particular, the issue of part verification is critically important given the growing reliance of safety-critical systems on 3D printed parts. In this thesis, the current state of part verification technologies will be examined in the con- text of AM-specific geometric-modification attacks, and an automated tool for 3D printed part verification will be presented. This work will cover: 1) the impacts of malicious attacks on AM using geometrically-modified 3D models, 2) a 3D part reconstruction approach from medical imaging scans, 3) a mesh alignment technique based on point set registration, de- signed to handle abnormal part geometries, and 4) an automatic error detection and defect visualization tool for comparing the geometric similarity of 3D printed parts to their intended geometries

Graph-Theoretic Approach for Manufacturing Cybersecurity Risk Modeling and Assessment

Identifying, analyzing, and evaluating cybersecurity risks are essential to assess the vulnerabilities of modern manufacturing infrastructures and to devise effective decision-making strategies to secure critical manufacturing against potential cyberattacks. In response, this work proposes a graph-theoretic approach for risk modeling and assessment to address the lack of quantitative cybersecurity risk assessment frameworks for smart manufacturing systems. In doing so, first, threat attributes are represented using an attack graphical model derived from manufacturing cyberattack taxonomies. Attack taxonomies offer consistent structures to categorize threat attributes, and the graphical approach helps model their interdependence. Second, the graphs are analyzed to explore how threat events can propagate through the manufacturing value chain and identify the manufacturing assets that threat actors can access and compromise during a threat event. Third, the proposed method identifies the attack path that maximizes the likelihood of success and minimizes the attack detection probability, and then computes the associated cybersecurity risk. Finally, the proposed risk modeling and assessment framework is demonstrated via an interconnected smart manufacturing system illustrative example. Using the proposed approach, practitioners can identify critical connections and manufacturing assets requiring prioritized security controls and develop and deploy appropriate defense measures accordingly.Comment: 25 pages, 10 figure

AI-enabled modeling and monitoring of data-rich advanced manufacturing systems

The infrastructure of cyber-physical systems (CPS) is based on a meta-concept of cybermanufacturing systems (CMS) that synchronizes the Industrial Internet of Things (IIoTs), Cloud Computing, Industrial Control Systems (ICSs), and Big Data analytics in manufacturing operations. Artificial Intelligence (AI) can be incorporated to make intelligent decisions in the day-to-day operations of CMS. Cyberattack spaces in AI-based cybermanufacturing operations pose significant challenges, including unauthorized modification of systems, loss of historical data, destructive malware, software malfunctioning, etc. However, a cybersecurity framework can be implemented to prevent unauthorized access, theft, damage, or other harmful attacks on electronic equipment, networks, and sensitive data. The five main cybersecurity framework steps are divided into procedures and countermeasure efforts, including identifying, protecting, detecting, responding, and recovering. Given the major challenges in AI-enabled cybermanufacturing systems, three research objectives are proposed in this dissertation by incorporating cybersecurity frameworks. The first research aims to detect the in-situ additive manufacturing (AM) process authentication problem using high-volume video streaming data. A side-channel monitoring approach based on an in-situ optical imaging system is established, and a tensor-based layer-wise texture descriptor is constructed to describe the observed printing path. Subsequently, multilinear principal component analysis (MPCA) is leveraged to reduce the dimension of the tensor-based texture descriptor, and low-dimensional features can be extracted for detecting attack-induced alterations. The second research work seeks to address the high-volume data stream problems in multi-channel sensor fusion for diverse bearing fault diagnosis. This second approach proposes a new multi-channel sensor fusion method by integrating acoustics and vibration signals with different sampling rates and limited training data. The frequency-domain tensor is decomposed by MPCA, resulting in low-dimensional process features for diverse bearing fault diagnosis by incorporating a Neural Network classifier. By linking the second proposed method, the third research endeavor is aligned to recovery systems of multi-channel sensing signals when a substantial amount of missing data exists due to sensor malfunction or transmission issues. This study has leveraged a fully Bayesian CANDECOMP/PARAFAC (FBCP) factorization method that enables to capture of multi-linear interaction (channels × signals) among latent factors of sensor signals and imputes missing entries based on observed signals

Material extrusion-based additive manufacturing: G-code and firmware attacks and Defense frameworks

Additive Manufacturing (AM) refers to a group of manufacturing processes that create physical objects by sequentially depositing thin layers. AM enables highly customized production with minimal material wastage, rapid and inexpensive prototyping, and the production of complex assemblies as single parts in smaller production facilities. These features make AM an essential component of Industry 4.0 or Smart Manufacturing. It is now used to print functional components for aircraft, rocket engines, automobiles, medical implants, and more. However, the increased popularity of AM also raises concerns about cybersecurity. Researchers have demonstrated strength degradation attacks on printed objects by injecting cavities in the design file which cause premature failure and catastrophic consequences such as failure of the attacked propeller of a drone during flight. Since a 3D printer is a cyber-physical system that connects the cyber and physical domains in a single process chain, it has a different set of vulnerabilities and security requirements compared to a conventional IT setup. My Ph.D. research focuses on the cybersecurity of one of the most popular AM processes, Material Extrusion or Fused Filament Fabrication (FFF). Although previous research has investigated attacks on printed objects by altering the design, these attacks often leave a larger footprint and are easier to detect. To address this limitation, I have focused on attacks at the intermediate stage of slicing through minimal manipulations at the individual sub-process level. By doing so, I have demonstrated that it is possible to implant subtle defects in printed parts that can evade detection schemes and bypass many quality assessment checks. In addition to exploring attacks through design files or network layer manipulations, I have also proposed firmware attacks that cause damage to the printed parts, the printer, and the printing facility. To detect sabotage attacks on FFF process, I have developed an attack detection framework that analyzes the cyber and physical domain state of the printing process and detects anomalies using a series of estimation and comparison algorithms in time, space, and frequency domains. An implementation case study confirms that cyber-physical security frameworks are an effective solution against sophisticated sabotage attacks. The increasing use of 3D printing technology to produce functional components underscores the growing importance of compliance and regulations in ensuring their quality and safety. Currently, there are no standards or best practices to guide a user in making a critical printing setup forensically ready. Therefore, I am proposing a novel forensic readiness framework for material extrusion-based 3D printing that will guide standards organizations in formulating compliance criteria for important 3D printing setups. I am optimistic that my offensive and defensive research endeavors presented in this thesis will serve as a valuable resource for researchers and industry practitioners in creating a safer and more secure future for additive manufacturing