Proceedings of the 2021 Workshop on Additive Manufacturing (3D Printing) Security最新文献

{"title":"Session details: Keynote Talk","authors":"M. Yampolskiy","doi":"10.1145/3494690","DOIUrl":"https://doi.org/10.1145/3494690","url":null,"abstract":"","PeriodicalId":113006,"journal":{"name":"Proceedings of the 2021 Workshop on Additive Manufacturing (3D Printing) Security","volume":"36 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-11-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125864781","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Security in a Complex Non-deterministic World: Towards a Quantum Secure Industrial Internet \"QSII&\"","authors":"J. Salvo","doi":"10.1145/3462223.3485597","DOIUrl":"https://doi.org/10.1145/3462223.3485597","url":null,"abstract":"Exponential change is a counterintuitive concept in the classical world. It's hardly surprising since our cognitive and social organizations typically discount many of the observations and patterns [1] that would alert us to such historical periods of upheaval [2]. The current suite of digital technologies has catalyzed a total upending of the previous distribution channels and management systems for the acquisition, distribution and assimilation of data, information and knowledge [3],[4],[5]. Today the \"digital generation\" learns, interacts and transacts in ways that are foreign and suspicious to some of the current gatekeepers of traditional value storage implementations. [6] The global internet and cellular technologies have connected billions of people and trillions of objects into the most complex networks ever created. This fluid and non-deterministic system of systems has unleashed an unprecedented reservoir of creativity, opportunity, capability and risk. The topology of knowledge and connections has never been so asymmetric whereby a single organization or individual (sometimes anonymously) can quickly gain the control, attention and function of millions of machines and people for costs that are often deemed to be insignificant. [7] Traditional methods of security consistently fail because of the nature of this topology and asymmetry. This novel organization of knowledge combined with the power of \"action at a distance\" requires a new paradigm to secure the future of open society and privacy. Traditional technology platforms for manufacturing, banking, healthcare, finance, social media etc., and their corresponding control mechanisms (digital signatures, passwords, virtual private networks) will potentially fall short in the face of pressure from new computer algorithms/technologies [8] and the global cultural shift that is now deemed to be irreversible (TikTok, WeChat, Facebook, Blockchain, Anonymous) [9]. Code can be exploited in exponential fashion and linear security countermeasures will continue to regularly fail. Undoubtedly, new network designs and technology paradigms will be needed to protect complex systems such as additive manufacturing machines, data and their associated supply chains. Quantum resistant algorithms [10] and novel encrypted and distributed data ledgers offer us hope to blunt this pernicious threat against a hyper-connected world.","PeriodicalId":113006,"journal":{"name":"Proceedings of the 2021 Workshop on Additive Manufacturing (3D Printing) Security","volume":"310 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-11-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133133923","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Myths and Misconceptions in Additive Manufacturing Security: Deficiencies of the CIA Triad","authors":"M. Yampolskiy, J. Gatlin, M. Yung","doi":"10.1145/3462223.3485618","DOIUrl":"https://doi.org/10.1145/3462223.3485618","url":null,"abstract":"It is natural, as the demand for Additive Manufacturing (AM) Security grows, to adopt established approaches from other security research areas. However, such \"imports,'' if not done carefully, can be misleading, and sometimes even counterproductive, and thus may negatively affect actual security of AM. We argue that this is the case for the CIA triad (Confidentiality, Integrity, Availability), a fundamental model of data security. To this end, we present arguments showing that the CIA triad cannot substitute concrete threat categories already established in AM. AM is an area which is not \"pure data,\" but rather an area involving software, data files, and transforming data into physical artifacts, where established threats in this ecosystem include: Technical Data Theft, Sabotage, and Illegal Part Manufacturing.","PeriodicalId":113006,"journal":{"name":"Proceedings of the 2021 Workshop on Additive Manufacturing (3D Printing) Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-11-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131203364","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Cybersecurity Requirements for AM Systems: New Enforcement in DoD Environments, and Resources for Implementation","authors":"Mark J. Cotteleer, Simon S. Goldenberg, I. Wing, Oyindamola Alliyu, Stephen Kania, Veda Mujumdar, B. Sniderman","doi":"10.1145/3462223.3485624","DOIUrl":"https://doi.org/10.1145/3462223.3485624","url":null,"abstract":"The Office of the Inspector General (OIG) for the US Department of Defense (DoD) released Audit of the Cybersecurity of Department of Defense Additive Manufacturing Systems (DODIG-2021-098) [1] in July 2021, to determine \"whether DoD [sites] secured additive manufacturing (AM) systems to prevent unauthorized changes and ensure the integrity of the design data.\" The audit report recommends requiring \"all AM systems to obtain an authority to operate in accordance with DoD policy before their use\" [1], and requiring \"AM system owners to immediately identify and implement security controls to minimize risk until obtaining an authority to operate.\" [1] The DoD Chief Information Officer (CIO) responded that existing DoD regulations require both of these for \"all IT systems, including AM systems\" [1]. Such cyber security rules can help guard against vulnerabilities such as design file theft or digital thread hacking, as well as unauthorized prints on AM systems that can impact the safety and integrity of parts used in defense systems, expose critical intellectual property to bad actors and even cause manufacturing facilities to shut down. To improve AM system vendors' understanding of these cybersecurity requirements for DoD and the US Government (USG), we discuss in this paper the process for obtaining an Authority To Operate (ATO) certification for an IT system per DoD and USG cybersecurity regulations, i.e., the Risk Management Framework (RMF) process from the US National Institute of Standards and Technology (NIST) [2]. We also describe resources for AM system vendors to understand and implement the RMF process for obtaining an ATO certification, particularly in the DoD environment. [1] Department of Defense Office of Inspector General. 2021. Audit of the Cybersecurity of Department of Defense Additive Manufacturing Systems (DODIG-2021-098). https://www.dodig.mil/reports.html/article/2683843/audit-of-the-cybersecurity-of-department-of-defense-additive-manufacturing-syst/ Full report at: https://media.defense.gov/2021/Jul/07/2002757308/-1/-1/1/DODIG-2021-098.PDF [2]NIST Information Technology Laboratory Computer Security Resource Center. 2021. About the Risk Management Framework (RMF): A Comprehensive, Flexible, Risk-Based Approach https://csrc.nist.gov/projects/risk-management/about-rmf","PeriodicalId":113006,"journal":{"name":"Proceedings of the 2021 Workshop on Additive Manufacturing (3D Printing) Security","volume":"353 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-11-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122785678","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Session details: Session 2: Industry Perspective on AM Security","authors":"J. Gatlin","doi":"10.1145/3494692","DOIUrl":"https://doi.org/10.1145/3494692","url":null,"abstract":"","PeriodicalId":113006,"journal":{"name":"Proceedings of the 2021 Workshop on Additive Manufacturing (3D Printing) Security","volume":"44 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-11-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129750314","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Session details: Session 1: Research Community Perspective on AM Security","authors":"P. Witherell","doi":"10.1145/3494691","DOIUrl":"https://doi.org/10.1145/3494691","url":null,"abstract":"","PeriodicalId":113006,"journal":{"name":"Proceedings of the 2021 Workshop on Additive Manufacturing (3D Printing) Security","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-11-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124819994","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A Robust Control Scheme for Time Delay Switch Attacks","authors":"Luka Malashkhia, L. Swiler, Ali Pinar, Yan Wang","doi":"10.1145/3462223.3485621","DOIUrl":"https://doi.org/10.1145/3462223.3485621","url":null,"abstract":"Modern manufacturing systems are increasingly vulnerable to cyber-attacks with a high level of automation and connectivity. Given that sensors are widely dependent upon to control manufacturing processes, the sensor-controller loop becomes an easy target for attacks. In this paper, a novel robust control framework is developed for systems subject to time delay switch (TDS) attacks, where data transmission from sensors to controllers are maliciously delayed. The attackers intend to make controllers use noncurrent information about the system states in order to destabilize and sabotage the system. Particularly, to increase the effectiveness of delay detection and prediction as well as error bound estimation for control, a new state space model based on diffeomorphism is formulated. A Markov chain model is developed to represent the TDS attacks. The uncertainty of system states is quantified and the upper bounds of delays are estimated. With the estimated bounds, a sliding integral mode control is developed to adjust the system to converge to the sliding manifold. The new framework is demonstrated with a 3D printer thermal control example.","PeriodicalId":113006,"journal":{"name":"Proceedings of the 2021 Workshop on Additive Manufacturing (3D Printing) Security","volume":"19 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-11-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133513688","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Defining and Addressing the Cybersecurity Challenges of Additive Manufacturing Platforms","authors":"Christian Adkins, Stephan Thomas, D. Moore","doi":"10.1145/3462223.3485622","DOIUrl":"https://doi.org/10.1145/3462223.3485622","url":null,"abstract":"Additive Manufacturing (AM) Platform is a new technology and commercial business model which enables production of additively made parts through an on-line market of AM designs, services, and manufacturing. Customers who are designing parts to be manufactured with additive technologies can upload their designs to the AM Platform and find a manufacturing partner based on technical capabilities, geographic location, and cost. By providing an easy to use online platform, companies can expect to optimize their cost, quality, and lead-time through a competitive bid process. This research investigates the cybersecurity issues inherent to an online marketplace and platform which shares data containing Intellectual Property (IP) between multiple companies. Based on currently implemented business models in the AM Platform industry, the most common use cases will be examined to determine any vulnerabilities associated with data and IP sharing between the platform, its customers, and vendors. Finally, based on the vulnerabilities discovered, a set of cybersecurity solutions will be proposed in order to protect the confidentiality and integrity of the data and ultimately the customers IP through the AM Platform.","PeriodicalId":113006,"journal":{"name":"Proceedings of the 2021 Workshop on Additive Manufacturing (3D Printing) Security","volume":"214 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-11-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122039961","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Information Embedding in Additive Manufacturing through Printing Speed Control","authors":"K. Elsayed, Adam Dachowicz, Jitesh H. Panchal","doi":"10.1145/3462223.3485623","DOIUrl":"https://doi.org/10.1145/3462223.3485623","url":null,"abstract":"Additive manufacturing (AM) is rapidly developing, and new applications are continuously emerging. While AM is increasingly becoming integral to many industries, including aerospace, automotive, and biomedical, it has opened a host of unique security concerns, from theft of technical data to process sabotage and counterfeiting. In this work, we present a method to address the counterfeiting problem by embedding information in additively manufactured parts through controlling printing process parameters. Variations in printing speed, the encoding parameter in this work, introduce subtle localized height differences on parts' surfaces, which are readable using an optical profilometer. The profilometry data is captured after printing, and this data is processed to predict the intended bit response for each embedding region on the surface of the part. We experimentally demonstrate the feasibility of the proposed scheme for embedding and reading the information in 3D printed parts and show that it achieves 80% accuracy for a 53 mm/s difference in printing speed between the encoded bits. Finally, we characterize the performance of the proposed scheme, measured as the accuracy in decoded messages, as a function of the difference in printing speed used to perform the embedding.","PeriodicalId":113006,"journal":{"name":"Proceedings of the 2021 Workshop on Additive Manufacturing (3D Printing) Security","volume":"66 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-11-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122941252","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Proceedings of the 2021 Workshop on Additive Manufacturing (3D Printing) Security","authors":"","doi":"10.1145/3462223","DOIUrl":"https://doi.org/10.1145/3462223","url":null,"abstract":"","PeriodicalId":113006,"journal":{"name":"Proceedings of the 2021 Workshop on Additive Manufacturing (3D Printing) Security","volume":"4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-11-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133857109","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}