Evaluation of additive and subtractive manufacturing from the security perspective

Part 1: INFRASTRUCTURE PROTECTIONInternational audienceAdditive manufacturing involves a new class of cyber-physical systems that manufacture 3D objects incrementally by depositing and fusing together thin layers of source material. In 2015, the global additive manufacturing industry had $5.165 billion in revenue, with 32.5% of all manufactured objects used as functional parts. Because of their reliance on computerization, additive manufacturing devices (or 3D printers) are susceptible to a broad range of attacks. The rapid adoption of additive manufacturing in aerospace, automotive and other industries makes it an attractive attack target and a critical asset to be protected.This chapter compares emerging additive manufacturing and traditional subtractive manufacturing from the security perspective. While the discussion compares the two manufacturing technologies, the emphasis is on additive manufacturing due to its expected dominance as the manufacturing technology of the future. The chapter outlines the additive and subtractive manufacturing workflows, proposes a framework for analyzing attacks on or using additive manufacturing systems and presents the major threat categories. In order to compare the two manufacturing paradigms from the security perspective, the differences between the two workflows are identified and the attack analysis framework is applied to demonstrate how the differences translate into threats. The analysis reveals that, while there is significant overlap with regard to security, fundamental differences in the two manufacturing paradigms require a separate investigation of additive manufacturing security

Liability Exposure when 3D-Printed Parts Fall from the Sky

Part 1: Themes and IssuesInternational audienceAdditive manufacturing, also referred to as 3D printing, has become viable for manufacturing functional parts. For example, the U.S. Federal Aviation Administration recently approved General Electric jet engine fuel nozzles that are produced by additive manufacturing. BecUniversity of South Alabama, Mobile, Alabama with cyber technology, a number of security concerns have been raised. This chapter specifically considers attacks that deliberately sabotage the mechanical properties of functional parts produced by additive manufacturing; the feasibility of these attacks has already been discussed in the literature.Investments in security measures directly depend on cost-benefit analyses conducted by the participants involved in additive manufacturing processes. This chapter discusses the entities that can be considered to be financially liable in the event of a successful sabotage attack. The analysis employs a model that distinguishes between the levels at which the additive manufacturing process has been sabotaged. Specifically, it differentiates between the additive manufacturing service provider and the various commodity suppliers. For each possible combination of injured party and level of attack, the involved parties that may face liability exposure are identified. This is accomplished by analyzing the necessary components that establish liability. The analysis reveals that liability potential exists at all levels of the additive manufacturing process in the event of a sabotage attack. For this reason, it is imperative that the involved actors conduct or re-evaluate their cost-benefit analyses and invest in security measures

Hazard driven threat modelling for cyber physical systems

Adversarial actors have shown their ability to infiltrate enterprise networks deployed around Cyber Physical Systems (CPSs) through social engineering, credential stealing and file-less infections. When inside, they can gain enough privileges to maliciously call legitimate APIs and apply unsafe control actions to degrade the system performance and undermine its safety. Our work lies at the intersection of security and safety, and aims to understand dependencies among security, reliability and safety in CPS/IoT. We present a methodology to perform hazard driven threat modelling and impact assessment in the context of CPSs. The process starts from the analysis of behavioural, functional and architectural models of the CPS. We then apply System Theoretic Process Analysis (STPA) on the functional model to highlight high-level abuse cases. We lever-age a mapping between the architectural and the system theoretic(ST) models to enumerate those components whose impairment provides the attacker with enough privileges to tamper with or disrupt the data-flows. This enables us to find a causal connection between the attack surface (in the architectural model) and system level losses. We then link the behavioural and system theoretic representations of the CPS to quantify the impact of the attack. Using our methodology it is possible to compute a comprehensive attack graph of the known attack paths and to perform both a qualitative and quantitative impact assessment of the exploitation of vulnerabilities affecting target nodes. The framework and methodology are illustrated using a small scale example featuring a Communication Based Train Control (CBTC) system. Aspects regarding the scalability of our methodology and its application in real world scenarios are also considered. Finally, we discuss the possibility of using the results obtained to engineer both design time and real time defensive mechanisms