Run TMC: Component Level Connectivity – It’s Tricky
Posted on February 17th, 2022
Let’s talk about heat. You might be wondering what your thermostat has to do with additive manufacturing or cyber security but rest assured – a skilled adversary is well aware of the sneaky cyber sabotage heat can induce into a system. We will explore one of the digital “knobs” specific to industrial machinery – more specifically the relationship between stepper motor driver setpoints and heat – an attacker may manipulate to cause accelerated equipment wear.
Through testing we have found it possible to triple the default current that the drivers send to the motors with no alarms or notifications that anything is amiss. This type of subtle yet harmful alteration could remain undetected until permanent overheating damage has occurred. The solution would be to replace every stepper motor on the machine as well as the control board. This is a relatively time consuming task especially multiplied over a fleet of printers let alone the time required to diagnose the issue in the first place. Scenarios that are difficult to detect and establish a root cause is the area in which sophisticated adversaries thrive. Advances in technology and “Industry 4.0” are exposing sensitive and/or critical functionality to external users that are “connected.” And here we see the asymmetry of cyber. What takes an adversary a few minutes to set in action takes a business exponentially longer and costlier to return to a pre-compromised state. The business implications are worse as we imagine the lost production time and corresponding customer dissatisfaction.
Heat is the enemy of electronics. We see extreme measures taken to combat these issues at all scales of computing and electrical systems. The home computer build might eke out more points on a benchmark after increasing the CPU operating voltage – thus increasing the heat output from that component. Solutions range from fans to water cooling loops to mitigate this adverse side effect.
On the industrial scale we notice that large data centers often are placed near bodies of water to support the massive cooling needs (Mytton, 2021). Now imagine the additive manufacturing environment, these manufacturing processes often occur at very elevated temperatures, right at the glass transition threshold of the polymer feedstock. The above image shows a hardware motor heat mitigation system developed by NASA. A software based current monitoring system is a scalable solution, being easily deployed to a fleet of printers of various makes and models in a fraction of the time and expense compared to hardware methods.
3D printers are a system of electrical impulses emanating from the control board that articulate stepper motors in a well timed symphony. The instructions the machine needs to operate are called GCODE files which are routed to the machine’s controller and interpreted by the on-machine firmware before being parsed as commands to the individual end effectors. To leverage the symphony metaphor further: The original 3D design file that is sliced would be the composer, the control board is the orchestrator, the GCODE is the sheet music, firmware is the language the sheet music is written for, and the end effectors (stepper motors, end stops, bed level probe) are the individual musicians.
Now we can picture the hacker as a competing symphony – hellbent on being the best show in town – by any and all means. As additive manufacturing equipment has evolved so has the connectivity of the individual components. What that means is more of the system is controllable via GCODE commands – specifically the M907 command. This is great from a maintenance and diagnostic point of view but no one has taken a step back to evaluate the cybersecurity concerns of making these control points available to software articulation. Stepper motor driver current adjustments used to be a “hands-on-machine” task involving accessing the control board and physically dialing in the vREF with a screwdriver and confirming the setting with a multimeter. With increased component level connectivity we are exposing potentially damaging instructions to anyone that can be within “ear shot” versus someone physically being present in a room. They are free to sabotage individual instruments tuning to their heart’s content knowing no one is suspicious of this type of attack. Previously they were only able to heckle guests from the street as they purchased tickets.
If all this composing, orchestrating, and translating sounds like an error prone game of telephone you would be correct, and a skilled adversary knows and uses this to their advantage. It also highlights the scope of the problem and how there is no single “silver-bullet” solution to solve the entire problem of secured digital manufacturing. BreakPoint Labs is developing an AM cyber situational awareness tool, BISON, to generate high fidelity data into largely opaque AM processes and workflows. Increased situational and user awareness is going to be what is necessary to prevent remote industrial sabotage of connected industrial 4.0 manufacturing systems.
If you are interested in learning more about how BISON can protect your manufacturing technology endpoints, please contact us at firstname.lastname@example.org.
Works Cited- Mytton, D. Data centre water consumption. npj Clean Water 4, 11 (2021). https://doi.org/10.1038/s41545-021-00101-w