Visibility into AM machine processes is limited. Currently there is no commercial product available to compare the G-code executed by an AM machine with the intended G-code. It’s easy for a malicious cyber actor to subvert the printing process by inserting malicious G-code commands into the printing process. The ease of malicious attacks is due to lack of awareness, plaintext protocols and a lack of robust authentication. Malicious G-code commands inserted during the print process can lead to design changes and printer malfunctions. A sabotaged part failing unexpectedly or an unintended printer command can cause environmental and human hazards. These unforeseen consequences ultimately lead to a loss of trust in AM processes.
LSAM has seen a rapid increase over the past 5 years. Although LSAM is a newly emerging niche area for AM, the use cases have huge potential. These large scale machines are subject to the same cybersecurity threats as smaller 3D printers. We implemented BISON, a cybersecurity tool on a LSAM machine that continuously monitors the commands executed by the machine and compares them to the intended print commands. The tool detects unusual and malicious commands and alerts the user.
Through experimentation we examined the challenges and benefits of implementation. In order to implement the BISON cybersecurity tool there needs to be a physical connection between the AM machine and the BISON sensor. A switch was used to forward machine data to the sensor which was configured to passively collect data from the AM machine. This data would then be sent to a server which can be accessed by BISON where the data is analyzed for unusual activity and alerts are posted to a user-friendly user interface. Challenges included adding the sensor to the machine network, deciding where the server will be located and unexpected collected data format.
Learning Objectives:
- Describe ways that malicious cyber actors can change sabotage G-code commands
- Understand the gaps in current AM cybersecurity and the need to have visibility into AM processes
