|(Image source: Pixabay)|
If 3D printing technology wants to get ahead of its inherent security issues, the best way would be to adopt blockchain.
Speaking at the 2019 Pacific Design & Manufacturing Show, Jack Heslin, President of 3D Tech Talks, a 3D printing consultancy, said as 3D printing becomes cheaper, easier, faster, and more ubiquitous, the very nature of the technology is going to demand the security afforded by blockchain.
It's all about what Heslin called the Digital Thread of Additive Manufacturing (DTAM), “the single, seamless strand of data that stretches from the initial design to the finished, 3D-printed part.”
If you've never heard of such a thing for 3D printing that's okay, because Heslin said such a thing really doesn't exist. “The [3D printing] process is linear, but it's not single or seamless,” he said.
3D-printing moves through several stages: from concept, to CAD file, to generative design (when available), to the actual 3D print. Then comes the post print process, and finally support if and when it is needed. All these steps each represent a point of vulnerability in which a 3D print can be corrupted or even stolen, putting company's intellectual property at risk. “The digital thread of manufacturing has vulnerabilities. Design files can be stolen,” Heslin said. The one that scares me the most is that design files can be hacked to deliberately put in a flaw...I'm not saying it's happening right now, or it's easy to do, but it is a concern.”
Research has already shown 3D printing has a growing need for cybersecurity. Researchers from New York University's Tandon School of Engineering for example have found that there are serious security issues around 3D printing that could present significant safety hazards due to counterfeit parts and products, or products being deliberately printed with hidden flaws and built-in failures.
|The Liberator (shown) is a single-shot gun that can be 3D-printed using unsecured files available on the Internet. (Image source: NotLessOrEqual [CC0])|
In 2016 researchers from the University of California, Irvine demonstrated a novel approach to 3D printer hacking when they revealed that the source code to produce 3D-printed parts can be stolen by recording the sounds the printer makes.
All of this leads to implications for a number of issues Heslin pointed out. Aside from printers being taken offline by malicious entities and concerns of stolen IP there are also larger issues, particularly around gun safety. For several years now a debate has raged about 3D-printed guns. Recently, a would-be domestic terrorist in Texas was arrested and sentenced after he was found in possession of an illegal AR-15 assault rifle that he was able to assemble with the help of 3D printed parts created using files freely available on the Internet.
One step beyond this, Heslin noted, would be the illegal and unauthorized printing of military machine parts and weapons or hacking 3D printer files to do deliberate damage to sensitive equipment or machines. In a 2016 paper, “dr0wned – Cyber-Physical Attack with Additive Manufacturing” a team of researchers were able to hack a PC connected to a 3D printer and from there make secret alterations to the 3D printing files for a $1000 drone that caused its propellor to fail mid-flight.
So how does blockchain address all of this? Blockchain works by creating a distributed, encrypted ledger across any number of parties that can be used to verify not only identities but also the status of any particular job. That means every entity involved in any stage of a 3D print is aware of what all the others are doing at any time in a safe and secure manner. Since a blockchain is decentralized, meaning no single entity owns it, stealing or altering a 3D printed file from a blockchain is not about tricking a single computer or printer – you'd have to hack every entity that was a part of that particular chain, which is exponentially more difficult, if not sometimes impossible.
“When you have multiple stakeholders in the process you have to ask is consensus required across stakeholders,” Heslin said. In that regard blockchain can provide authority to print and authority to send files to be printed.
He also pointed to the audit trail benefits offered. “We all know about Six Sigma and ISO – a lot of it is about audit trails,” Heslin said. “Blockchain, by nature, is an audit trail. It shows every edit and iteration in the process.” Furthermore, because the audit trail is decentralized it becomes immutable and cannot be erased.
Even as early the conceptual level there are benefits. “If you're a design engineer and you send parts to a service bureau to be 3D printed, you don't know if anyone else printed that part,” Heslin said. “Look at a site like Thingiverse. You can see how many times a file has been downloaded, but you have no idea how many times something has been printed...or if its being sold without your permission.”
There are already companies working on this. In 2017 GE filed a patent for an additive manufacturing (AM) system that is “an AM device configured to implement a distributed ledger system...wherein the the distributed ledger is a blockchain ledger.” The basic premise of the system is to use blockchain to identify and verify builds, and the authors of those builds, in an AM system.
Wipro, an India-based IT consultancy, is developing a blockchain system for AM specifically targeted at fighting IP theft. As the company's website states:
“3D printing empowers small manufacturers to create new products anywhere. The creators can share the files to a secluded printing facility. Blockchain can help set up such small independent value chain to make the production processes nimbler. The smart contracting application can ease out the transactions to assure integrity of product history, production process details, ownership and much more. It will also help to locate the most feasible printing facility and reduce the negotiation time regarding price, date of availability etc. At last the blockchain would capture the digital trail of the product, with details such as the type of raw material used, the source of raw material, production parameters, technical specifications, where it was manufactured, how it was stored and maintained etc.”
Where blockchain is typically looked at more on the software end, as with Bitcoin and other cryptocurrencies that have made it so popular, Heslin said 3D printing holds an “interesting extra layer in that this deals with physical products.”
And while cyberattacks against 3D printers have been confined mostly to research labs, 3D printers will only become a more enticing target for hackers as more and more printers are connected via the IoT and more and more companies trust 3D printers with sensitive files and information.
There's a shift happening in which what's most valuable won't be the end product, but rather the information that enables that end product, Heslin said. “You can't say with certainty that we can do this. But this issue is serious enough you have to address this.”
Chris Wiltz is a Senior Editor at Design News covering emerging technologies including AI, VR/AR, blockchain, and robotics.
The nation's largest embedded systems conference is back with a new education program tailored to the needs of today's embedded systems professionals, connecting you to hundreds of software developers, hardware engineers, start-up visionaries, and industry pros across the space. Be inspired through hands-on training and education across five conference tracks. Plus, take part in technical tutorials delivered by top embedded systems professionals. Click here to register today!