Security of cyber-physical Additive Manufacturing supply chain: Survey, attack taxonomy and solutions

IF 4.8 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Computers & Security Pub Date : 2025-06-17 DOI:10.1016/j.cose.2025.104557

Mahender Kumar, Gregory Epiphaniou, Carsten Maple

{"title":"Security of cyber-physical Additive Manufacturing supply chain: Survey, attack taxonomy and solutions","authors":"Mahender Kumar, Gregory Epiphaniou, Carsten Maple","doi":"10.1016/j.cose.2025.104557","DOIUrl":null,"url":null,"abstract":"<div><div>Additive Manufacturing (AM) is transforming industries by enabling rapid prototyping and customised production. However, as AM processes become increasingly digitised and interconnected, they introduce significant cybersecurity vulnerabilities, including intellectual property theft, design manipulation, and counterfeit production. This paper offers a comprehensive analysis of cyber and cyber–physical threats within the AM supply chain, addressing a critical research gap that has largely focused on isolated security aspects. Building upon existing taxonomies, we expand cybersecurity frameworks to incorporate emerging AM-specific threats. We propose a structured attack taxonomy that categorises threats by attacker goals, targets, and methods, supported by real-world case studies. The paper emphasises the need for robust cybersecurity measures to protect intellectual property, ensure production integrity, and strengthen supply chain security. Finally, we present mitigation strategies to counter these threats, laying the foundation for future research and best practices to secure AM ecosystems.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"157 ","pages":"Article 104557"},"PeriodicalIF":4.8000,"publicationDate":"2025-06-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Security","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167404825002469","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

Additive Manufacturing (AM) is transforming industries by enabling rapid prototyping and customised production. However, as AM processes become increasingly digitised and interconnected, they introduce significant cybersecurity vulnerabilities, including intellectual property theft, design manipulation, and counterfeit production. This paper offers a comprehensive analysis of cyber and cyber–physical threats within the AM supply chain, addressing a critical research gap that has largely focused on isolated security aspects. Building upon existing taxonomies, we expand cybersecurity frameworks to incorporate emerging AM-specific threats. We propose a structured attack taxonomy that categorises threats by attacker goals, targets, and methods, supported by real-world case studies. The paper emphasises the need for robust cybersecurity measures to protect intellectual property, ensure production integrity, and strengthen supply chain security. Finally, we present mitigation strategies to counter these threats, laying the foundation for future research and best practices to secure AM ecosystems.

查看原文本刊更多论文

网络物理增材制造供应链的安全性：调查、攻击分类和解决方案

增材制造（AM）通过实现快速原型和定制生产正在改变行业。然而，随着增材制造过程日益数字化和互联化，它们引入了重大的网络安全漏洞，包括知识产权盗窃、设计操纵和假冒产品。本文对AM供应链中的网络和网络物理威胁进行了全面分析，解决了主要集中在孤立安全方面的关键研究差距。在现有分类法的基础上，我们扩展了网络安全框架，以纳入新兴的am特定威胁。我们提出了一种结构化的攻击分类法，根据攻击者的目标、目标和方法对威胁进行分类，并辅以现实世界的案例研究。该文件强调需要强有力的网络安全措施来保护知识产权，确保生产完整性，并加强供应链安全。最后，我们提出了应对这些威胁的缓解策略，为未来的研究和最佳实践奠定基础，以确保AM生态系统的安全。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Computers & Security 工程技术-计算机：信息系统

CiteScore

12.40

自引率

7.10%

发文量

365

审稿时长

10.7 months

期刊介绍： Computers & Security is the most respected technical journal in the IT security field. With its high-profile editorial board and informative regular features and columns, the journal is essential reading for IT security professionals around the world. Computers & Security provides you with a unique blend of leading edge research and sound practical management advice. It is aimed at the professional involved with computer security, audit, control and data integrity in all sectors - industry, commerce and academia. Recognized worldwide as THE primary source of reference for applied research and technical expertise it is your first step to fully secure systems.