TY - JOUR
T1 - Needle in a Haystack
T2 - Detecting Subtle Malicious Edits to Additive Manufacturing G-Code Files
AU - Beckwith, Caleb
AU - Naicker, Harsh Sankar
AU - Mehta, Svara
AU - Udupa, Viba R.
AU - Nim, Nghia Tri
AU - Gadre, Varun
AU - Pearce, Hammond
AU - Mac, Gary
AU - Gupta, Nikhil
N1 - Publisher Copyright:
© 2009-2012 IEEE.
PY - 2022/9/1
Y1 - 2022/9/1
N2 - Increasing usage of digital manufacturing (DM) in safety-critical domains is increasing attention on the cybersecurity of the manufacturing process, as malicious third parties might aim to introduce defects in digital designs. In general, the DM process involves creating a digital object (as CAD files) before using a slicer program to convert the models into printing instructions (e.g., g-code) suitable for the target printer. As the g-code is an intermediate machine format, malicious edits may be difficult to detect, especially when the golden (original) models are not available to the manufacturer. In this work, we aim to quantify this hypothesis through a red team/blue team case study, whereby the red team aims to introduce subtle defects that would impact the properties (strengths) of the 3-D printed parts, and the blue team aims to detect these modifications in the absence of the golden models. The case study had two sets of models, the first with 180 designs (with two compromised using two methods) and the second with 4320 designs (with 60 compromised using six methods). Using statistical modeling and machine learning (ML), the blue team was able to detect all the compromises in the first set of data, and 50 of the compromises in the second.
AB - Increasing usage of digital manufacturing (DM) in safety-critical domains is increasing attention on the cybersecurity of the manufacturing process, as malicious third parties might aim to introduce defects in digital designs. In general, the DM process involves creating a digital object (as CAD files) before using a slicer program to convert the models into printing instructions (e.g., g-code) suitable for the target printer. As the g-code is an intermediate machine format, malicious edits may be difficult to detect, especially when the golden (original) models are not available to the manufacturer. In this work, we aim to quantify this hypothesis through a red team/blue team case study, whereby the red team aims to introduce subtle defects that would impact the properties (strengths) of the 3-D printed parts, and the blue team aims to detect these modifications in the absence of the golden models. The case study had two sets of models, the first with 180 designs (with two compromised using two methods) and the second with 4320 designs (with 60 compromised using six methods). Using statistical modeling and machine learning (ML), the blue team was able to detect all the compromises in the first set of data, and 50 of the compromises in the second.
KW - Information security
KW - computer aided manufacturing
KW - computer security
UR - http://www.scopus.com/inward/record.url?scp=85120068606&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85120068606&partnerID=8YFLogxK
U2 - 10.1109/LES.2021.3129108
DO - 10.1109/LES.2021.3129108
M3 - Article
AN - SCOPUS:85120068606
SN - 1943-0663
VL - 14
SP - 111
EP - 114
JO - IEEE Embedded Systems Letters
JF - IEEE Embedded Systems Letters
IS - 3
ER -