A Physical Hash for Preventing and Detecting Cyber-Physical Attacks in Additive Manufacturing Systems

This thesis proposes a new method for detecting malicious cyber-physical attacks on additive manufacturing (AM) systems. The method makes use of a physical hash, which links digital data to the manufactured part via a disconnected side-channel measurement system. The disconnection ensures that if th...

Full description

Bibliographic Details
Main Author: Brandman, Joshua Erich
Other Authors: Mechanical Engineering
Format: Others
Published: Virginia Tech 2018
Subjects:
Online Access:http://hdl.handle.net/10919/86412
id ndltd-VTETD-oai-vtechworks.lib.vt.edu-10919-86412
record_format oai_dc
spelling ndltd-VTETD-oai-vtechworks.lib.vt.edu-10919-864122021-08-14T05:30:06Z A Physical Hash for Preventing and Detecting Cyber-Physical Attacks in Additive Manufacturing Systems Brandman, Joshua Erich Mechanical Engineering Williams, Christopher B. Zheng, Xiaoyu Camelio, Jaime A. additive manufacturing 3D printing cyber-physical security physical hash in situ monitoring side-channel measurement This thesis proposes a new method for detecting malicious cyber-physical attacks on additive manufacturing (AM) systems. The method makes use of a physical hash, which links digital data to the manufactured part via a disconnected side-channel measurement system. The disconnection ensures that if the network and/or AM system become compromised, the manufacturer can still rely on the measurement system for attack detection. The physical hash takes the form of a QR code that contains a hash string of the nominal process parameters and toolpath. It is manufactured alongside the original geometry for the measurement system to scan and compare to the readings from its sensor suite. By taking measurements in situ, the measurement system can detect in real-time if the part being manufactured matches the designer's specification. A proof-of-concept validation was realized on a material extrusion machine. The implementation was successful and demonstrated the ability of this method to detect the existence (and absence) of malicious attacks on both process parameters and the toolpath. A case study for detecting changes to the toolpath is also presented, which uses a simple measurement of how long each layer takes to build. Given benchmark readings from a 30x30 mm square layer created on a material extrusion system, several modifications were able to be detected. The machine's repeatability and measurement technique's accuracy resulted in the detection of a 1 mm internal void, a 2 mm scaling attack, and a 1 mm skewing attack. Additionally, for a short to moderate length build of an impeller model, it was possible to detect a 0.25 mm change in the fin base thickness. A second case study is also presented wherein dogbone tensile test coupons were manufactured on a material extrusion system at different extrusion temperatures. This process parameter is an example of a setting that can be maliciously modified and have an effect on the final part strength without the operator's knowledge. The performance characteristics (Young's modulus and maximum stress) were determined to be statistically different at different extrusion temperatures (235 and 270 °C). Master of Science 2018-12-15T07:00:43Z 2018-12-15T07:00:43Z 2017-06-22 Thesis vt_gsexam:11594 http://hdl.handle.net/10919/86412 In Copyright http://rightsstatements.org/vocab/InC/1.0/ ETD application/pdf Virginia Tech
collection NDLTD
format Others
sources NDLTD
topic additive manufacturing
3D printing
cyber-physical security
physical hash
in situ monitoring
side-channel measurement
spellingShingle additive manufacturing
3D printing
cyber-physical security
physical hash
in situ monitoring
side-channel measurement
Brandman, Joshua Erich
A Physical Hash for Preventing and Detecting Cyber-Physical Attacks in Additive Manufacturing Systems
description This thesis proposes a new method for detecting malicious cyber-physical attacks on additive manufacturing (AM) systems. The method makes use of a physical hash, which links digital data to the manufactured part via a disconnected side-channel measurement system. The disconnection ensures that if the network and/or AM system become compromised, the manufacturer can still rely on the measurement system for attack detection. The physical hash takes the form of a QR code that contains a hash string of the nominal process parameters and toolpath. It is manufactured alongside the original geometry for the measurement system to scan and compare to the readings from its sensor suite. By taking measurements in situ, the measurement system can detect in real-time if the part being manufactured matches the designer's specification. A proof-of-concept validation was realized on a material extrusion machine. The implementation was successful and demonstrated the ability of this method to detect the existence (and absence) of malicious attacks on both process parameters and the toolpath. A case study for detecting changes to the toolpath is also presented, which uses a simple measurement of how long each layer takes to build. Given benchmark readings from a 30x30 mm square layer created on a material extrusion system, several modifications were able to be detected. The machine's repeatability and measurement technique's accuracy resulted in the detection of a 1 mm internal void, a 2 mm scaling attack, and a 1 mm skewing attack. Additionally, for a short to moderate length build of an impeller model, it was possible to detect a 0.25 mm change in the fin base thickness. A second case study is also presented wherein dogbone tensile test coupons were manufactured on a material extrusion system at different extrusion temperatures. This process parameter is an example of a setting that can be maliciously modified and have an effect on the final part strength without the operator's knowledge. The performance characteristics (Young's modulus and maximum stress) were determined to be statistically different at different extrusion temperatures (235 and 270 °C). === Master of Science
author2 Mechanical Engineering
author_facet Mechanical Engineering
Brandman, Joshua Erich
author Brandman, Joshua Erich
author_sort Brandman, Joshua Erich
title A Physical Hash for Preventing and Detecting Cyber-Physical Attacks in Additive Manufacturing Systems
title_short A Physical Hash for Preventing and Detecting Cyber-Physical Attacks in Additive Manufacturing Systems
title_full A Physical Hash for Preventing and Detecting Cyber-Physical Attacks in Additive Manufacturing Systems
title_fullStr A Physical Hash for Preventing and Detecting Cyber-Physical Attacks in Additive Manufacturing Systems
title_full_unstemmed A Physical Hash for Preventing and Detecting Cyber-Physical Attacks in Additive Manufacturing Systems
title_sort physical hash for preventing and detecting cyber-physical attacks in additive manufacturing systems
publisher Virginia Tech
publishDate 2018
url http://hdl.handle.net/10919/86412
work_keys_str_mv AT brandmanjoshuaerich aphysicalhashforpreventinganddetectingcyberphysicalattacksinadditivemanufacturingsystems
AT brandmanjoshuaerich physicalhashforpreventinganddetectingcyberphysicalattacksinadditivemanufacturingsystems
_version_ 1719460113845059584