FLAW3D: A Trojan-Based Cyber Attack on the Physical Outcomes of Additive Manufacturing

Hammond Pearce, Kaushik Yanamandra, Nikhil Gupta, Ramesh Karri

Research output: Contribution to journalArticlepeer-review


Additive manufacturing (AM) systems such as 3-D printers use inexpensive microcontrollers that rarely feature cybersecurity defenses. This is a risk, especially given the rising threat landscape within the larger digital manufacturing domain. In this work, we demonstrate this risk by presenting the design and study of a malicious Trojan (the FLAW3D bootloader) for AVR-based Marlin-compatible 3-D printers (>100 commercial models). We show that the Trojan can hide from programming tools, and even within tight design constraints (less than 1.7 KB in size), it can compromise the quality of additively manufactured prints and reduce tensile strengths by up to 50%.

Original languageEnglish (US)
Pages (from-to)5361-5370
Number of pages10
JournalIEEE/ASME Transactions on Mechatronics
Issue number6
StatePublished - Dec 1 2022


  • 3D printing
  • Additive manufacturing (AM)
  • bootloader trojan
  • cyber-physical systems (CPSs)
  • cybersecurity
  • firmware trojan

ASJC Scopus subject areas

  • Control and Systems Engineering
  • Computer Science Applications
  • Electrical and Electronic Engineering


Dive into the research topics of 'FLAW3D: A Trojan-Based Cyber Attack on the Physical Outcomes of Additive Manufacturing'. Together they form a unique fingerprint.

Cite this