Researchers in cybersecurity have proposed new methods for protecting 3D printed objects such as drones, prostheses, and medical gadgets against stealthy “logic bombs.”
Scientists at Rutgers University-New Brunswick and the Georgia Institute of Technology have presented new methods for protecting 3D printed products like drones, prostheses, and medical gadgets from stealthy “logic bombs”.
On December 10, the researchers will present their work, “Physical Logic Bombs in 3D Printers via Emerging 4D Techniques,” at the 2021 Annual Computer Security Applications Conference.
Rapid prototyping is the rapid manufacturing of a part, model, or assembly utilizing 3D computer-aided design, most commonly using 3D printing or “additive manufacturing.” Additive printing is increasingly being utilized to make safety-critical items in a variety of industries, but there are currently no reliable ways for confirming their integrity against adversarial pre-print design alterations.
“Next-generation, cyber-physical additive manufacturing enables advanced product designs and capabilities, but it increasingly relies on highly networked industrial control systems that present opportunities for cyber-attacks,” says principal investigator Saman Zonouz.
“The predominant approach to defending against these threats relies on host-based intrusion detectors that sit within the same target controllers, and hence are often the first target of the controller attacks.”
The researchers investigated Mystique, a novel class of printed object attacks that use emerging 4D printing technologies to install computer code – or logic bombs – by altering the production process.
When a logic bomb is triggered by stimuli such as changes in temperature, moisture, pH, or modifications to the materials used initially, Mystique causes visually innocuous objects to behave maliciously, potentially causing catastrophic operational failures when they are employed.
The researchers successfully tested Mystique on many 3D printing case studies, demonstrating that it can avoid earlier defenses. They presented two solutions to this problem.
The first approach is to create a sensor that can measure the composition and diameter of raw materials as they move through the printer’s extruder to verify they satisfy expectations before the product is created. A dielectric sensor can detect a 0.1mm change in filament diameter and a 10% change in concentration composition.
The second technique employs high-resolution computed tomography scans to detect residual stresses in printed items that distinguish between benign and malicious designs prior to attack activation. This CT detection has a 94.6 percent accuracy in identifying 4D attacks in a single printing layer.
The research team intends to develop standards for linking resilience solutions in software security, control system design, and signal processing, as well as to include reliable and effective cyber-physical attack detection into real-world production.
“Our proposal is a novel potential attack vector that needs to be considered and mitigated effectively in additive manufacturing platforms. The idea is to use new physical logic bombs in 3D printed objects, such as industrial gears and personal protective equipment like COVID-19 masks,” added Zonouz.
“These logic bombs can later be activated by the adversaries using physical stimulus like moisture or heat whenever suitable for them to make the printed objects malfunction, such as to make a COVID mask lose its protection against the viral infection.”
Image Credit: Getty
You were reading: Cybersecurity experts unveil new protections against stealthy “logic bombs”
