Model-Based Security Analysis in Additive Manufacturing Systems

Abstract

Additive manufacturing (AM) is expected to revolutionize industrial manufacturing processes by providing access to readily available, lower cost, high-performance parts, including those with complex designs and diverse materials, not attainable in conventional subtractive machining processes. These benefits are distinctly advantageous for low-volume rapid prototyping. They also reduce the build time of complex, safety-critical components that traditionally require assembly. The advanced product capabilities of AM also make these systems high risk for intellectual property theft, service outage attacks, and sabotage through compromised product quality. Concerns about malicious actors restrict business models and deter industry adoption and investment, especially those requiring secrecy around safety-critical components. In this paper, we analyze the threats to additive manufacturing system security using the Verification Evidence and Resilient Design in Anticipation of Cybersecurity Threats (VERDICT) tool, a model-based system engineering (MBSE) tool. First, we introduce a comprehensive set of attributes to characterize MBSE tools together with a survey of MBSE tools that support cyber analysis. Based on these attributes and the available tools, we select the relevant tool (i.e., VERDICT) and apply it to an example additive manufacturing system. The modeling and analysis are intended to show the functionality of the VERDICT tool in a research context. The signals, properties, and requirements enable the user to experiment with and illustrate the functionality of the tool. Finally, the paper introduces a novel approach for modeling the return on investment (ROI) for additive hardware cybersecurity investments that will lead to a cost-analysis integration with the VERDICT tool.