The issue of cybersecurity in Additive Manufacturing (AM) across the DoD has lacked the crucial attention required to maintain a strong cybersecurity posture until recently. When AM cybersecurity issues have been recognized there has been a lack of awareness or misunderstanding of how to secure the AM workflow. In January 2021 the DoD released the “Department of Defense Additive Manufacturing Strategy”. The document outlines the DoD AM integration, collaboration, education, and security plans. It is acknowledged that to realize the full value of the AM process, standards must be updated to enable AM printers to be securely connected to networks with authorized digital protocols and frameworks. Currently in the DoD, AM devices are primarily kept secure from cyber threats by implementing a “do not connect to network” philosophy. However, this is a myth that creates a false sense of security that cybersecurity threats do not exist between the transfer of elements between devices such as flash drives and desktops. Look back to 2008 where Agent.BTZ proliferated via infected thumb drives. Organizations must ensure every interaction between AM assets is addressed to reduce risks and improve cybersecurity. DoD AM machines are connected and cybersecurity-related visibility and controls must be in place.
What are the DoD AM assets?
DoD AM assets refer to AM printers, materials, post processing equipment, associated computers and software including CAD, slicing, operating systems and AM file sharing sites. This encompasses both physical and digital assets. AM printers are found in all branches of the military. The precise number is not known. In July 2021 a DoD IG report was released titled “Audit of the Cybersecurity of Department of Defense Additive Manufacturing Systems”. This report surveyed 5 sites and found 73 AM printers and 46 associated computers that either directly engaged in AM or were related in some way to the AM workflow. The DoD utilizes many different types of AM printing technology (e.g. SLA, FDM) and materials. This expands the risk exposure and consideration of cybersecurity must be addressed at every interaction throughout the AM process.
Why have DoD AM assets not been given cybersecurity consideration until recently?
AM machines have historically been classified as manufacturing machines which do not require cyber security measures. Initially it made sense to classify them as such but as the AM industry has developed, more AM printers have the capability to connect to a network. Once printers are connected it leaves them vulnerable to attack. In the last 5 years the DoD has gained awareness of this cybersecurity threat within AM.
How could DoD AM assets be compromised?
If AM assets are not secured, adversaries could modify designs and digital files, as discussed in the DoD Office of Inspector General audit, causing operations which produce a modified part to be printed with potentially disastrous consequences. AM printers could be attacked which would render them useless and even cause harm to the work area where they are located through fire and toxic fumes. Intellectual property theft can occur, giving valuable information to malicious attackers. Even where AM printers are not connected to a network, if the device used to design and slice the AM part, it is connected and there is a cybersecurity vulnerability.
If you are interested in learning more about securing AM, please contact us at info@breakpoint-labs.com.