A Physical Hash for Preventing and Detecting Cyber-Physical Attacks in Additive Manufacturing Systems
| dc.contributor.author | Brandman, Joshua Erich | en |
| dc.contributor.committeechair | Williams, Christopher B. | en |
| dc.contributor.committeemember | Zheng, Xiaoyu | en |
| dc.contributor.committeemember | Camelio, Jaime A. | en |
| dc.contributor.department | Mechanical Engineering | en |
| dc.date.accessioned | 2018-12-15T07:00:43Z | en |
| dc.date.available | 2018-12-15T07:00:43Z | en |
| dc.date.issued | 2017-06-22 | en |
| dc.description.abstract | This thesis proposes a new method for detecting malicious cyber-physical attacks on additive manufacturing (AM) systems. The method makes use of a physical hash, which links digital data to the manufactured part via a disconnected side-channel measurement system. The disconnection ensures that if the network and/or AM system become compromised, the manufacturer can still rely on the measurement system for attack detection. The physical hash takes the form of a QR code that contains a hash string of the nominal process parameters and toolpath. It is manufactured alongside the original geometry for the measurement system to scan and compare to the readings from its sensor suite. By taking measurements in situ, the measurement system can detect in real-time if the part being manufactured matches the designer's specification. A proof-of-concept validation was realized on a material extrusion machine. The implementation was successful and demonstrated the ability of this method to detect the existence (and absence) of malicious attacks on both process parameters and the toolpath. A case study for detecting changes to the toolpath is also presented, which uses a simple measurement of how long each layer takes to build. Given benchmark readings from a 30x30 mm square layer created on a material extrusion system, several modifications were able to be detected. The machine's repeatability and measurement technique's accuracy resulted in the detection of a 1 mm internal void, a 2 mm scaling attack, and a 1 mm skewing attack. Additionally, for a short to moderate length build of an impeller model, it was possible to detect a 0.25 mm change in the fin base thickness. A second case study is also presented wherein dogbone tensile test coupons were manufactured on a material extrusion system at different extrusion temperatures. This process parameter is an example of a setting that can be maliciously modified and have an effect on the final part strength without the operator's knowledge. The performance characteristics (Young's modulus and maximum stress) were determined to be statistically different at different extrusion temperatures (235 and 270 °C). | en |
| dc.description.abstractgeneral | Additive Manufacturing (AM, also known as 3D printing) machines are cyber-physical systems and are therefore vulnerable to malicious attacks that can cause physical damage to the parts being manufactured or even to the machine itself. This thesis proposes a new method for detecting that an AM system has been hacked. Attacks are identified via a series of measurements taken by a measurement system that is disconnected from the main network. The disconnection ensures that if the network and/or AM system are hacked, the manufacturer can still rely on the measurement system for attack detection. The proposed method uses a physical hash to transfer information to the disconnected measurement system. This physical hash takes the form of a QR code and stores in it the nominal process parameters and toolpath of the build. It is manufactured alongside the original geometry for the measurement system to scan and compare to the readings from its sensor suite. By taking measurements in real-time, the measurement system can detect if the part being manufactured matches the designer’s specification. A proof-of-concept of the proposed method was realized on a common AM system. The implementation was successful and demonstrated the ability of this method to detect the existence of a malicious attack. A case study for detecting changes to the toolpath is also proposed using the simple measurement of how long each layer takes to build. Given benchmark readings of a part manufactured on the same technology as the proof-of-concept implementation, several modifications were able to be detected. The attack types tested were the insertion of an internal void, scaling the part, and skewing the part. A second case study is also presented where components were manufactured at different extrusion temperatures. By measuring the force required to break the parts, it was determined that temperature has an effect on the final part strength. This confirmed that malicious attacks targeting extrusion temperature are a plausible threat, and that the parameter should be measured in the proposed system. | en |
| dc.description.degree | Master of Science | en |
| dc.format.medium | ETD | en |
| dc.identifier.other | vt_gsexam:11594 | en |
| dc.identifier.uri | http://hdl.handle.net/10919/86412 | en |
| dc.publisher | Virginia Tech | en |
| dc.rights | In Copyright | en |
| dc.rights.uri | http://rightsstatements.org/vocab/InC/1.0/ | en |
| dc.subject | additive manufacturing | en |
| dc.subject | 3D printing | en |
| dc.subject | cyber-physical security | en |
| dc.subject | physical hash | en |
| dc.subject | in situ monitoring | en |
| dc.subject | side-channel measurement | en |
| dc.title | A Physical Hash for Preventing and Detecting Cyber-Physical Attacks in Additive Manufacturing Systems | en |
| dc.type | Thesis | en |
| thesis.degree.discipline | Mechanical Engineering | en |
| thesis.degree.grantor | Virginia Polytechnic Institute and State University | en |
| thesis.degree.level | masters | en |
| thesis.degree.name | Master of Science | en |
Files
Original bundle
1 - 1 of 1