A Physical Hash for Preventing and Detecting Cyber-Physical Attacks in Additive Manufacturing Systems

Brandman, Joshua Erich

22 June 2017

This thesis proposes a new method for detecting malicious cyber-physical attacks on additive manufacturing (AM) systems. The method makes use of a physical hash, which links digital data to the manufactured part via a disconnected side-channel measurement system. The disconnection ensures that if the network and/or AM system become compromised, the manufacturer can still rely on the measurement system for attack detection. The physical hash takes the form of a QR code that contains a hash string of the nominal process parameters and toolpath. It is manufactured alongside the original geometry for the measurement system to scan and compare to the readings from its sensor suite. By taking measurements in situ, the measurement system can detect in real-time if the part being manufactured matches the designer's specification. A proof-of-concept validation was realized on a material extrusion machine. The implementation was successful and demonstrated the ability of this method to detect the existence (and absence) of malicious attacks on both process parameters and the toolpath. A case study for detecting changes to the toolpath is also presented, which uses a simple measurement of how long each layer takes to build. Given benchmark readings from a 30x30 mm square layer created on a material extrusion system, several modifications were able to be detected. The machine's repeatability and measurement technique's accuracy resulted in the detection of a 1 mm internal void, a 2 mm scaling attack, and a 1 mm skewing attack. Additionally, for a short to moderate length build of an impeller model, it was possible to detect a 0.25 mm change in the fin base thickness. A second case study is also presented wherein dogbone tensile test coupons were manufactured on a material extrusion system at different extrusion temperatures. This process parameter is an example of a setting that can be maliciously modified and have an effect on the final part strength without the operator's knowledge. The performance characteristics (Young's modulus and maximum stress) were determined to be statistically different at different extrusion temperatures (235 and 270 °C). / Master of Science

additive manufacturing

3D printing

cyber-physical security

physical hash

in situ monitoring

side-channel measurement

Diferenciální elektromagnetická analýza / Differential electromagnetic analysis

Novotný, Bohumil

January 2013

This diploma thesis studies the theory side channels, simple and differential analysis, and types of attacks on the side channel, which may be run against the cryptographic system. The thesis explains the principles of side channel attack on a possible defense against them. The second part of the thesis describes experimental work created, its individual components and their functions. The findings builds custom solutions attack the electromagnetic side channel using electromagnetic probes and the workplace equipment developed for this task. The final part of the thesis is devoted to the description of the implemented algorithm, a description of measurement, measurement results and possible modifications of algorithms implemented in the microcontroller for full automation of the attack on the device, against which the attack was conducted.