Posted by Sam Pearson on April 28, 2017
Arguably the next big complement to traditional manufacturing, additive manufacturing (AM) encompasses the technologies that construct 3D objects by adding consecutive layers of material. That material can be plastic, metal, or concrete. AM technologies can create significant commercial and defense opportunities, making it possible to manufacture needed products on site, on demand, in near-real time, and in far-flung locales where parts inventory is nonexistent. Futuristic applications may include machines that can build machines and structures in which people will live and work.
While AM may foreshadow the future of manufacturing, its reliance on digital files and connectivity make it a prime target for cyberattacks. The data generated during an object’s AM design and production form a digital thread of information that runs through the object’s lifespan. Cyber risks are possible at every step along this thread, including threats to intellectual property, software, firmware, networks, design files, printing, production, and third-party supply chains.1
It’s important that commercial manufacturers and military leaders looking to embrace AM understand the ways to mitigate the risks and stay ahead of potential attackers. Imagine the implications of an attacker introducing a design flaw into an aircraft, an automobile, a weapon, or a medical implant. The tiniest change, which may be nearly impossible to detect, could significantly alter the reliability of the end product, potentially compromising safety.
A thorough security risk and threat assessment is one of the first steps to combatting a potential AM cyber attack. Often coordinated with multiple offices throughout the organization and agencies that regulate cybersecurity, this assessment can help pinpoint the vulnerabilities most pertinent to the organization’s AM processes and products, as well as additional threats that may arise in the exploration of other applications.
The actual design of the product is vulnerable to theft, so it is critical to lock the file to prevent its use or corruption via introduction of malicious flaws. Encryption standards for these files are emerging, but it’s a good idea to consider a data loss prevention strategy to help protect sensitive AM data from unauthorized use.
Standards are also emerging to protect the AM build process. These include the use of radio frequency ID tags to track AM-produced products throughout the supply chain and the use of unique chemical identifiers on products. Robust quality assurance protocols can also help detect alterations, misplaced materials, and structural bugs.
People are AM’s most vulnerable asset, and the number of individuals participating in the process can create a host of potential cybersecurity threats. Conducting stakeholder analyses can help identify who is involved in the AM digital thread and supply chain and educate them about security risks and best practices for protection.
As with most emerging technologies, the risks and rewards are a balancing act. AM has tremendous potential in a variety of government and commercial applications, but addressing cyber risks is critical to realizing this potential.
1 Deborah Golden and Kelly Marchese, “Six Steps to Securing Additive Manufacturing,” GCN.com, March 13, 2017, https://gcn.com/articles/2017/03/13/securing-additive-manufacturing.aspx