The last decade has seen a significant shift from traditional manufacturing to digital manufacturing (DM), with data serving as the backbone for operations across the factory floor and supply chain. This transition involves the increased use of network connectivity, sensors, IoT devices, and control toolboxes. Within DM systems, digital assets such as design files, G-code machine instructions, and in-situ monitoring data have become the system's core.
With so many sensors collecting terabytes of data and transmitting it across networks, the storage and processing of these large datasets present unique security challenges for the industry.
Because this data includes information on part geometry, manufacturing parameters, and product quality, protecting this information is crucial for intellectual property protection and preventing the reverse engineering of parts. For example, hardware designs for major transportation infrastructure, like airplane or automotive components, can remain unchanged for years. If this data were to be compromised, bad actors could do irreparable damage. Therefore, securing this data against cybersecurity threats has become a major focus.
Despite this growing focus on cybersecurity, threats still remain throughout the entire DM and supply chain cycle. Understanding these threats and solutions is imperative when building future digital manufacturing solutions.
Extreme density of devices in modern factories
Automation of the factory floor has resulted in the deployment of numerous types of sensors and IoT devices. Sometimes, several thousand devices may be deployed in a single workflow, which can present a challenge in developing and deploying networks. Automation is an expensive process and often implemented in stages, which leads to a patchwork of networks (ex: wired, wi-fi, and cellular) of various generations as different devices are added.
In such an environment, cybersecurity is usually an afterthought. The manufacturing sector operates on thin profit margins and expenses for designing and deploying a secure multimodal network, and workflow may compete with the investment needed to upgrade the manufacturing equipment. As a result, the field currently lacks clear guidelines on the best practices for cybersecurity.
Reverse engineering threats
While much of the focus has been on protecting manufacturing data integrity, such as design files and process parameters, the threat of reverse engineering is growing. Hardware components are often manufactured by third-party contractors who are trusted to protect the product’s integrity and data. However, side-channel attacks, which can include leaks in power consumption data from smart meters, security camera feeds, and hacked employee smartphone microphones, can provide enough information to reconstruct part geometry or understand production schedules.
Additionally, malicious actors might also legally purchase a part and use modern tools like imaging devices, image processing software programs, and 3D printers to reverse engineer its design and manufacturing parameters. To protect against this, manufacturers must develop specialized solutions. These can include:
● Developing 3D printing tool paths that cannot be easily decoded or replicated from images
● Using specialty materials that are not easily available to build high-quality parts
● Setting print parameters that provide unique microstructure signatures that can be identified as genuine or counterfeit
Recent network monitoring has shown a rise in "snooping attacks." These attacks don't aim to sabotage design files or the design process but can reveal critical information to competitors, such as production schedules, successful print parameters, and product quality. The hope is that as more facilities adopt DM workflows, industry-wide investments will lead to the emergence of better practices for secure and functional networks.
Manufacturing localization
Over the past several decades, outsourcing manufacturing to certain geographic regions emerged as a business practice due to the availability of a trained low-cost workforce, raw materials, and environmental regulations. However, automation has helped in democratizing manufacturing with 3D printers. General-purpose 3D printers can be installed closer to the location of consumption and can be operated by a workforce that is trained in printer maintenance, but is not necessarily an expert in manufacturing fields.
This localization model is helpful in manufacturing replacement parts that can be deployed within shorter time periods, at reduced shipping time and costs. However, this model requires the transmission of digital files to remote 3D printers, which in turn can cause cybersecurity vulnerabilities. In this case, streaming g-code directly to a 3D printer can be helpful in protecting against hacking. Because a part may take several hours to build, hackers may not have sufficient time to gather any meaningful information during an attack that may last only a few seconds or minutes.
Training a cyber-aware workforce
Manufacturing professionals involved in digital manufacturing are typically focused on delivering high-quality products. Cybersecurity isn’t top of mind and can seem like a burden to their normal routine. Therefore, there is a need for new workforce training programs that educate manufacturing experts on cybersecurity principles without adding intrusive layers to their daily tasks. The ultimate goal is to engrain cybersecurity best practices into workers so that it becomes a natural part of their job.
Advances in cybersecurity have led to improved taxonomies for understanding attack surfaces and vectors relevant to specific manufacturing scenarios. Efforts are underway to develop specialized cybersecurity methods for protecting data from digital manufacturing processes. These methods include watermarking, lossless compression, and embedding authentication keys directly into manufacturing files. These new methods will supplement existing network security, access control, and encryption practices, strengthening the overall security of the digital manufacturing ecosystem into the future.
