MitM attacks on intellectual property and integrity of additive manufacturing systems: A security analysis

Abstract

Additive Manufacturing (AM) was originally invented to reduce the cost of the prototyping process. Over time, the technology evolved to be faster, more accurate, and affordable. These factors, in addition to the potential use of AM in parts production, have helped rapidly drive the growth of AM in both industrial and personal uses. Thus, there is an accompanying demand to understand the cybersecurity implications of such systems. In our research, we present an in-depth security review of Stratasys Dimension Elite and show how manufacturers of such high-end 3D printers failed to protect the confidentiality and integrity of the printed 3D models. Revealing the intricate dimensions of cyber threats within the realm of AM and laying the foundation for understanding the multifaceted nature of attacks, offering insights into vulnerabilities and potential consequences. Moreover, we demonstrate the massive impact network attacks can have on 3D printers' communication channels. Our sniffing attack stole transmitted models with a minimal overhead of 0.015 seconds to evade detection. The developed replacement attack targeted and replaced specific models with offline-prepared models. Also, we automated a sabotaging attack to alter the interior model structure on the fly with minimal visual but significant strength differences. By revealing these attacks, this research not only improves the security posture of 3D printers but also enhances the understanding of security challenges in additive manufacturing as a whole.