FLAW3D: A Trojan-Based Cyber Attack on the Physical Outcomes of Additive Manufacturing

Hammond Pearce, Kaushik Yanamandra, Nikhil Gupta, Ramesh Karri

Research output: Contribution to journalArticlepeer-review


Additive manufacturing (AM) systems such as 3-D printers use inexpensive microcontrollers that rarely feature cybersecurity defenses. This is a risk, especially given the rising threat landscape within the larger digital manufacturing domain. In this work, we demonstrate this risk by presenting the design and study of a malicious Trojan (the FLAW3D bootloader) for AVR-based Marlin-compatible 3-D printers (<inline-formula><tex-math notation="LaTeX">$&gt;$</tex-math></inline-formula>100 commercial models). We show that the Trojan can hide from programming tools, and even within tight design constraints (less than 1.7 KB in size), it can compromise the quality of additively manufactured prints and reduce tensile strengths by up to 50&#x0025;.

Original languageEnglish (US)
Pages (from-to)1-10
Number of pages10
JournalIEEE/ASME Transactions on Mechatronics
StateAccepted/In press - 2022


  • 3D printing
  • Additive manufacturing (AM)
  • bootloader trojan
  • Codes
  • cyber-physical systems (CPSs)
  • cybersecurity
  • firmware trojan
  • Hardware
  • Mechatronics
  • Microcontrollers
  • Printers
  • Servers
  • Trojan horses

ASJC Scopus subject areas

  • Control and Systems Engineering
  • Computer Science Applications
  • Electrical and Electronic Engineering


Dive into the research topics of 'FLAW3D: A Trojan-Based Cyber Attack on the Physical Outcomes of Additive Manufacturing'. Together they form a unique fingerprint.

Cite this