A Physical Hash for Preventing and Detecting Cyber-Physical Attacks in Additive Manufacturing Systems
This thesis proposes a new method for detecting malicious cyber-physical attacks on additive manufacturing (AM) systems. The method makes use of a physical hash, which links digital data to the manufactured part via a disconnected side-channel measurement system. The disconnection ensures that if th...
Main Author: | |
---|---|
Other Authors: | |
Format: | Others |
Published: |
Virginia Tech
2018
|
Subjects: | |
Online Access: | http://hdl.handle.net/10919/86412 |
id |
ndltd-VTETD-oai-vtechworks.lib.vt.edu-10919-86412 |
---|---|
record_format |
oai_dc |
spelling |
ndltd-VTETD-oai-vtechworks.lib.vt.edu-10919-864122021-08-14T05:30:06Z A Physical Hash for Preventing and Detecting Cyber-Physical Attacks in Additive Manufacturing Systems Brandman, Joshua Erich Mechanical Engineering Williams, Christopher B. Zheng, Xiaoyu Camelio, Jaime A. additive manufacturing 3D printing cyber-physical security physical hash in situ monitoring side-channel measurement This thesis proposes a new method for detecting malicious cyber-physical attacks on additive manufacturing (AM) systems. The method makes use of a physical hash, which links digital data to the manufactured part via a disconnected side-channel measurement system. The disconnection ensures that if the network and/or AM system become compromised, the manufacturer can still rely on the measurement system for attack detection. The physical hash takes the form of a QR code that contains a hash string of the nominal process parameters and toolpath. It is manufactured alongside the original geometry for the measurement system to scan and compare to the readings from its sensor suite. By taking measurements in situ, the measurement system can detect in real-time if the part being manufactured matches the designer's specification. A proof-of-concept validation was realized on a material extrusion machine. The implementation was successful and demonstrated the ability of this method to detect the existence (and absence) of malicious attacks on both process parameters and the toolpath. A case study for detecting changes to the toolpath is also presented, which uses a simple measurement of how long each layer takes to build. Given benchmark readings from a 30x30 mm square layer created on a material extrusion system, several modifications were able to be detected. The machine's repeatability and measurement technique's accuracy resulted in the detection of a 1 mm internal void, a 2 mm scaling attack, and a 1 mm skewing attack. Additionally, for a short to moderate length build of an impeller model, it was possible to detect a 0.25 mm change in the fin base thickness. A second case study is also presented wherein dogbone tensile test coupons were manufactured on a material extrusion system at different extrusion temperatures. This process parameter is an example of a setting that can be maliciously modified and have an effect on the final part strength without the operator's knowledge. The performance characteristics (Young's modulus and maximum stress) were determined to be statistically different at different extrusion temperatures (235 and 270 °C). Master of Science 2018-12-15T07:00:43Z 2018-12-15T07:00:43Z 2017-06-22 Thesis vt_gsexam:11594 http://hdl.handle.net/10919/86412 In Copyright http://rightsstatements.org/vocab/InC/1.0/ ETD application/pdf Virginia Tech |
collection |
NDLTD |
format |
Others
|
sources |
NDLTD |
topic |
additive manufacturing 3D printing cyber-physical security physical hash in situ monitoring side-channel measurement |
spellingShingle |
additive manufacturing 3D printing cyber-physical security physical hash in situ monitoring side-channel measurement Brandman, Joshua Erich A Physical Hash for Preventing and Detecting Cyber-Physical Attacks in Additive Manufacturing Systems |
description |
This thesis proposes a new method for detecting malicious cyber-physical attacks on additive manufacturing (AM) systems. The method makes use of a physical hash, which links digital data to the manufactured part via a disconnected side-channel measurement system. The disconnection ensures that if the network and/or AM system become compromised, the manufacturer can still rely on the measurement system for attack detection. The physical hash takes the form of a QR code that contains a hash string of the nominal process parameters and toolpath. It is manufactured alongside the original geometry for the measurement system to scan and compare to the readings from its sensor suite. By taking measurements in situ, the measurement system can detect in real-time if the part being manufactured matches the designer's specification. A proof-of-concept validation was realized on a material extrusion machine. The implementation was successful and demonstrated the ability of this method to detect the existence (and absence) of malicious attacks on both process parameters and the toolpath.
A case study for detecting changes to the toolpath is also presented, which uses a simple measurement of how long each layer takes to build. Given benchmark readings from a 30x30 mm square layer created on a material extrusion system, several modifications were able to be detected. The machine's repeatability and measurement technique's accuracy resulted in the detection of a 1 mm internal void, a 2 mm scaling attack, and a 1 mm skewing attack. Additionally, for a short to moderate length build of an impeller model, it was possible to detect a 0.25 mm change in the fin base thickness.
A second case study is also presented wherein dogbone tensile test coupons were manufactured on a material extrusion system at different extrusion temperatures. This process parameter is an example of a setting that can be maliciously modified and have an effect on the final part strength without the operator's knowledge. The performance characteristics (Young's modulus and maximum stress) were determined to be statistically different at different extrusion temperatures (235 and 270 °C). === Master of Science |
author2 |
Mechanical Engineering |
author_facet |
Mechanical Engineering Brandman, Joshua Erich |
author |
Brandman, Joshua Erich |
author_sort |
Brandman, Joshua Erich |
title |
A Physical Hash for Preventing and Detecting Cyber-Physical Attacks in Additive Manufacturing Systems |
title_short |
A Physical Hash for Preventing and Detecting Cyber-Physical Attacks in Additive Manufacturing Systems |
title_full |
A Physical Hash for Preventing and Detecting Cyber-Physical Attacks in Additive Manufacturing Systems |
title_fullStr |
A Physical Hash for Preventing and Detecting Cyber-Physical Attacks in Additive Manufacturing Systems |
title_full_unstemmed |
A Physical Hash for Preventing and Detecting Cyber-Physical Attacks in Additive Manufacturing Systems |
title_sort |
physical hash for preventing and detecting cyber-physical attacks in additive manufacturing systems |
publisher |
Virginia Tech |
publishDate |
2018 |
url |
http://hdl.handle.net/10919/86412 |
work_keys_str_mv |
AT brandmanjoshuaerich aphysicalhashforpreventinganddetectingcyberphysicalattacksinadditivemanufacturingsystems AT brandmanjoshuaerich physicalhashforpreventinganddetectingcyberphysicalattacksinadditivemanufacturingsystems |
_version_ |
1719460113845059584 |