FRoMEPP: Digital forensic readiness framework for material extrusion based 3D printing process

Abstract

Additive manufacturing (a.k.a., 3D printing) materializes an object by stacking thin layers of material from ground zero. It is increasingly utilized in industry to print critical components of automobiles, airplanes, etc. Failure of a 3D printed part (such as a turbine blade) during operation may incur immense damage to the system and the surroundings, incentivizing cyberattacks on the printed object. A forensically ready printing setup facilitates a post incident investigation. Currently, no forensic readiness model exists for an additive manufacturing (AM) process in the literature, whereas conventional cyber-domain specific models do not consider AM processes and may be ineffective in investigating 3D printed parts in a crime scene. This paper presents a forensic readiness framework, FRoMEPP for the material extrusion-based 3D printing process to acquire and preserve forensic data after identifying important information sources in the printing process chain. FRoMEPP framework provides practical technical guidance to the organizations striving for a forensically ready printing environment. It also benefits the regulatory bodies in formalizing compliance criteria for critical 3D printing setups. We implement FRoMEPP framework on a typical material-extrusion printer, Ultimaker-3, and evaluate it through a case study by implementing three sabotage attacks involving thermal profile manipulation, internal voids, and printing timing integrity compromise. The evaluation results show that FRoMEPP can effectively investigate and present traces of the attacks against 3D printed parts.