-
Stop Stealing My Data: Sanitizing Stego Channels in 3D Printing Design Files
Authors:
Aleksandr Dolgavin,
Mark Yampolskiy,
Moti Yung
Abstract:
The increased adoption of additive manufacturing (AM) and the acceptance of AM outsourcing created an ecosystem in which the sending and receiving of digital designs by different actors became normal. It has recently been shown that the STL design files -- most commonly used in AM -- contain steganographic channels. Such channels can allow additional data to be embedded within the STL files withou…
▽ More
The increased adoption of additive manufacturing (AM) and the acceptance of AM outsourcing created an ecosystem in which the sending and receiving of digital designs by different actors became normal. It has recently been shown that the STL design files -- most commonly used in AM -- contain steganographic channels. Such channels can allow additional data to be embedded within the STL files without changing the printed model. These factors create a threat of misusing the design files as a covert communication channel to either exfiltrate stolen sensitive digital data from organizations or infiltrate malicious software into a secure environment. This paper addresses this security threat by designing and evaluating a \emph{sanitizer} that erases hidden content where steganographic channels might exist. The proposed sanitizer takes into account a set of specific constraints imposed by the application domain, such as not affecting the ability to manufacture part of the required quality using the sanitized design.
△ Less
Submitted 7 April, 2024;
originally announced April 2024.
-
SoK: Security Below the OS -- A Security Analysis of UEFI
Authors:
Priyanka Prakash Surve,
Oleg Brodt,
Mark Yampolskiy,
Yuval Elovici,
Asaf Shabtai
Abstract:
The Unified Extensible Firmware Interface (UEFI) is a linchpin of modern computing systems, governing secure system initialization and booting. This paper is urgently needed because of the surge in UEFI-related attacks and vulnerabilities in recent years. Motivated by this urgent concern, we undertake an extensive exploration of the UEFI landscape, dissecting its distribution supply chain, booting…
▽ More
The Unified Extensible Firmware Interface (UEFI) is a linchpin of modern computing systems, governing secure system initialization and booting. This paper is urgently needed because of the surge in UEFI-related attacks and vulnerabilities in recent years. Motivated by this urgent concern, we undertake an extensive exploration of the UEFI landscape, dissecting its distribution supply chain, booting process, and security features. We carefully study a spectrum of UEFI-targeted attacks and proofs of concept (PoCs) for exploiting UEFI-related vulnerabilities. Building upon these insights, we construct a comprehensive attack threat model encompassing threat actors, attack vectors, attack types, vulnerabilities, attack capabilities, and attacker objectives. Drawing inspiration from the MITRE ATT&CK framework, we present a MITRE ATT&CK-like taxonomy delineating tactics, techniques, and sub-techniques in the context of UEFI attacks. This taxonomy can provide a road map for identifying existing gaps and developing new techniques for rootkit prevention, detection, and removal. Finally, the paper discusses existing countermeasures against UEFI attacks including a variety of technical and operational measures that can be implemented to lower the risk of UEFI attacks to an acceptable level. This paper seeks to clarify the complexities of UEFI and equip the cybersecurity community with the necessary knowledge to strengthen the security of this critical component against a growing threat landscape.
△ Less
Submitted 7 November, 2023;
originally announced November 2023.
-
Security-Enhancing Digital Twins: Characteristics, Indicators, and Future Perspectives
Authors:
Matthias Eckhart,
Andreas Ekelhart,
David Allison,
Magnus Almgren,
Katharina Ceesay-Seitz,
Helge Janicke,
Simin Nadjm-Tehrani,
Awais Rashid,
Mark Yampolskiy
Abstract:
The term "digital twin" (DT) has become a key theme of the cyber-physical systems (CPSs) area, while remaining vaguely defined as a virtual replica of an entity. This article identifies DT characteristics essential for enhancing CPS security and discusses indicators to evaluate them.
The term "digital twin" (DT) has become a key theme of the cyber-physical systems (CPSs) area, while remaining vaguely defined as a virtual replica of an entity. This article identifies DT characteristics essential for enhancing CPS security and discusses indicators to evaluate them.
△ Less
Submitted 2 June, 2023; v1 submitted 30 April, 2023;
originally announced May 2023.
-
State of Security Awareness in the AM Industry: 2020 Survey
Authors:
Mark Yampolskiy,
Paul Bates,
Mohsen Seifi,
Nima Shamsaei
Abstract:
Security of Additive Manufacturing (AM) gets increased attention due to the growing proliferation and adoption of AM in a variety of applications and business models. However, there is a significant disconnect between AM community focused on manufacturing and AM Security community focused on securing this highly computerized manufacturing technology. To bridge this gap, we surveyed the America Mak…
▽ More
Security of Additive Manufacturing (AM) gets increased attention due to the growing proliferation and adoption of AM in a variety of applications and business models. However, there is a significant disconnect between AM community focused on manufacturing and AM Security community focused on securing this highly computerized manufacturing technology. To bridge this gap, we surveyed the America Makes AM community, asking in total eleven AM security-related questions aiming to discover the existing concerns, posture, and expectations. The first set of questions aimed to discover how many of these organizations use AM, outsource AM, or provide AM as a service. Then we asked about biggest security concerns as well as about assessment of who the potential adversaries might be and their motivation for attack. We then proceeded with questions on any experienced security incidents, if any security risk assessment was conducted, and if the participants' organizations were partnering with external experts to secure AM. Lastly, we asked whether security measures are implemented at all and, if yes, whether they fall under the general cyber-security category. Out of 69 participants affiliated with commercial industry, agencies, and academia, 53 have completed the entire survey. This paper presents the results of this survey, as well as provides our assessment of the AM Security posture. The answers are a mixture of what we could label as expected, "shocking but not surprising," and completely unexpected. Assuming that the provided answers are somewhat representative to the current state of the AM industry, we conclude that the industry is not ready to prevent or detect AM-specific attacks that have been demonstrated in the research literature.
△ Less
Submitted 7 September, 2022;
originally announced September 2022.
-
Investigating 3D Printer Residual Data
Authors:
Daniel Bradford Miller,
Jacob Gatlin,
William Bradley Glisson,
Mark Yampolskiy,
Jeffrey Todd McDonald
Abstract:
The continued adoption of Additive Manufacturing technologies is raising concerns in the security, forensics, and intelligence gathering communities. These concerns range from identifying and mitigating compromised devices, to theft of intellectual property, to sabotage, to the production of prohibited objects. Previous research has provided insight into the retrieval of configuration information…
▽ More
The continued adoption of Additive Manufacturing technologies is raising concerns in the security, forensics, and intelligence gathering communities. These concerns range from identifying and mitigating compromised devices, to theft of intellectual property, to sabotage, to the production of prohibited objects. Previous research has provided insight into the retrieval of configuration information maintained on the devices, but this work shows that the devices can additionally maintain information about the print process. Comparisons between before and after images taken from an AM device reveal details about the device's activities, including printed designs, menu interactions, and the print history. Patterns in the storage of that information also may be useful for reducing the amount of data that needs to be examined during an investigation. These results provide a foundation for future investigations regarding the tools and processes suitable for examining these devices.
△ Less
Submitted 22 January, 2019;
originally announced January 2019.
-
Optimal Sabotage Attack on Composite Material Parts
Authors:
Bikash Ranabhat,
Joseph Clements,
Jacob Gatlin,
Kuang-Ting Hsiao,
Mark Yampolskiy
Abstract:
Industry 4.0 envisions a fully automated manufacturing environment, in which computerized manufacturing equipment--Cyber-Physical Systems (CPS)--performs all tasks. These machines are open to a variety of cyber and cyber-physical attacks, including sabotage. In the manufacturing context, sabotage attacks aim to damage equipment or degrade a manufactured part's mechanical properties. In this paper,…
▽ More
Industry 4.0 envisions a fully automated manufacturing environment, in which computerized manufacturing equipment--Cyber-Physical Systems (CPS)--performs all tasks. These machines are open to a variety of cyber and cyber-physical attacks, including sabotage. In the manufacturing context, sabotage attacks aim to damage equipment or degrade a manufactured part's mechanical properties. In this paper, we focus on the latter, specifically for composite materials. Composite material parts are predominantly used in safety-critical systems, e.g., as load-bearing parts of aircraft. Further, we distinguish between the methods to compromise various manufacturing equipment, and the malicious manipulations that will sabotage a part. As the research literature has numerous examples of the former, in this paper we assume that the equipment is already compromised, our discussion is solely on manipulations.
We develop a simulation approach to designing sabotage attacks against composite material parts. The attack can be optimized by two criteria, minimizing the "footprint" of manipulations. We simulate two optimal attacks against the design of a spar, a load bearing component of an airplane wing. Our simulation identifies the minimal manipulations needed to degrade its strength to three desired levels, as well as the resulting failure characteristics. Last but not least, we outline an approach to identifying sabotaged parts.
△ Less
Submitted 6 October, 2018;
originally announced October 2018.
-
Power Consumption-based Detection of Sabotage Attacks in Additive Manufacturing
Authors:
Samuel B. Moore,
Jacob Gatlin,
Sofia Belikovetsky,
Mark Yampolskiy,
Wayne E. King,
Yuval Elovici
Abstract:
Additive Manufacturing (AM), a.k.a. 3D Printing, is increasingly used to manufacture functional parts of safety-critical systems. AM's dependence on computerization raises the concern that the AM process can be tampered with, and a part's mechanical properties sabotaged. This can lead to the destruction of a system employing the sabotaged part, causing loss of life, financial damage, and reputatio…
▽ More
Additive Manufacturing (AM), a.k.a. 3D Printing, is increasingly used to manufacture functional parts of safety-critical systems. AM's dependence on computerization raises the concern that the AM process can be tampered with, and a part's mechanical properties sabotaged. This can lead to the destruction of a system employing the sabotaged part, causing loss of life, financial damage, and reputation loss. To address this threat, we propose a novel approach for detecting sabotage attacks. Our approach is based on continuous monitoring of the current delivered to all actuators during the manufacturing process and detection of deviations from a provable benign process. The proposed approach has numerous advantages: (i) it is non-invasive in a time-critical process, (ii) it can be retrofitted in legacy systems, and (iii) it is airgapped from the computerized components of the AM process, preventing simultaneous compromise. Evaluation on a desktop 3D Printer detects all attacks involving a modification of X or Y motor movement, with false positives at 0%.
△ Less
Submitted 6 September, 2017;
originally announced September 2017.
-
A Hazard Analysis Technique for Additive Manufacturing
Authors:
Gregory Pope,
Mark Yampolskiy
Abstract:
The promise of Additive Manufacturing (AM) includes reduced transportation and warehousing costs, reduction of source material waste, and reduced environmental impact. AM is extremely useful for making prototypes and has demonstrated the ability to manufacture complex parts not possible (or prohibitively expensive) with conventional machining. Scientists and manufactures are finding increased uses…
▽ More
The promise of Additive Manufacturing (AM) includes reduced transportation and warehousing costs, reduction of source material waste, and reduced environmental impact. AM is extremely useful for making prototypes and has demonstrated the ability to manufacture complex parts not possible (or prohibitively expensive) with conventional machining. Scientists and manufactures are finding increased uses for AM in creation of all types of finished products including those built from polymers, biological material, and metals. Although companies such as GE have been using 3D printing for Additive Manufacturing for over thirty years to make mandrels for light bulb manufacturing, application areas of Additive Manufacturing have increased substantially in recent years, particularly due to the reduction in cost of 3D printers. Like most emergent technologies, there are bound to be growing pains with AM. This paper looks at the software that supports AM and 3D printing and their vulnerability to cyber-attacks, intellectual property theft, defect rates of AM software (which can cause undesired consequences themselves and also create vulnerabilities that a hacker may exploit), part reliability and safety of devices incorporating 3D printed parts (when making mission critical parts), and security/throughput issues of computer networks. Literature searches, consulting with technical experts and a relatively new hazard analysis technique will be used, one especially developed for software intensive systems called Systemic Theoretic Process Analysis (STPA). The purpose of this white paper is to identify risks (or hazards for mission critical parts) for AM in this emergent stage so that mitigations can be applied before accidents occur. A second purpose of this white paper is to evaluate the effectiveness of STPA as a hazard analysis technique in a field that is still relatively new.
△ Less
Submitted 29 May, 2017;
originally announced June 2017.
-
Detecting Cyber-Physical Attacks in Additive Manufacturing using Digital Audio Signing
Authors:
Sofia Belikovetsky,
Yosef Solewicz,
Mark Yampolskiy,
Jinghui Toh,
Yuval Elovici
Abstract:
Additive Manufacturing (AM, or 3D printing) is a novel manufacturing technology that is being adopted in industrial and consumer settings. However, the reliance of this technology on computerization has raised various security concerns. In this paper we address sabotage via tampering with the 3D printing process. We present an object verification system using side-channel emanations: sound generat…
▽ More
Additive Manufacturing (AM, or 3D printing) is a novel manufacturing technology that is being adopted in industrial and consumer settings. However, the reliance of this technology on computerization has raised various security concerns. In this paper we address sabotage via tampering with the 3D printing process. We present an object verification system using side-channel emanations: sound generated by onboard stepper motors. The contributions of this paper are following. We present two algorithms: one which generates a master audio fingerprint for the unmodified printing process, and one which computes the similarity between other print recordings and the master audio fingerprint. We then evaluate the deviation due to tampering, focusing on the detection of minimal tampering primitives. By detecting the deviation at the time of its occurrence, we can stop the printing process for compromised objects, thus save time and prevent material waste. We discuss impacts on the method by aspects like background noise, or different audio recorder positions. We further outline our vision with use cases incorporating our approach.
△ Less
Submitted 18 May, 2017;
originally announced May 2017.
-
dr0wned - Cyber-Physical Attack with Additive Manufacturing
Authors:
Sofia Belikovetsky,
Mark Yampolskiy,
Jinghui Toh,
Yuval Elovici
Abstract:
Additive manufacturing (AM), or 3D printing, is an emerging manufacturing technology that is expected to have far-reaching socioeconomic, environmental, and geopolitical implications. As use of this technology increases, it will become more common to produce functional parts, including components for safety-critical systems. AM's dependence on computerization raises the concern that the manufactur…
▽ More
Additive manufacturing (AM), or 3D printing, is an emerging manufacturing technology that is expected to have far-reaching socioeconomic, environmental, and geopolitical implications. As use of this technology increases, it will become more common to produce functional parts, including components for safety-critical systems. AM's dependence on computerization raises the concern that the manufactured part's quality can be compromised by sabotage. This paper demonstrates the validity of this concern, as we present the very first full chain of attack involving AM, beginning with a cyber attack aimed at compromising a benign AM component, continuing with malicious modification of a manufactured object's blueprint, leading to the sabotage of the manufactured functional part, and resulting in the physical destruction of a cyber-physical system that employs this part. The contributions of this paper are as follows. We propose a systematic approach to identify opportunities for an attack involving AM that enables an adversary to achieve his/her goals. Then we propose a methodology to assess the level of difficulty of an attack, thus enabling differentiation between possible attack chains. Finally, to demonstrate the experimental proof for the entire attack chain, we sabotage the 3D printed propeller of a quadcopter UAV, causing the quadcopter to literally fall from the sky.
△ Less
Submitted 1 September, 2016;
originally announced September 2016.
-
Towards Security of Additive Layer Manufacturing
Authors:
Mark Yampolskiy,
Todd R. Andel,
J. Todd McDonald,
William B. Glisson,
Alec Yasinsac
Abstract:
Additive Layer Manufacturing (ALM), also broadly known as 3D printing, is a new technology to produce 3D objects. As an opposite approach to the conventional subtractive manufacturing process, 3D objects are created by adding thin material layers over layers. Until recently, they have been used, mainly, for plastic models. However, the technology has evolved making it possible to use high-quality…
▽ More
Additive Layer Manufacturing (ALM), also broadly known as 3D printing, is a new technology to produce 3D objects. As an opposite approach to the conventional subtractive manufacturing process, 3D objects are created by adding thin material layers over layers. Until recently, they have been used, mainly, for plastic models. However, the technology has evolved making it possible to use high-quality printing with metal alloys. Agencies and companies like NASA, ESA, Boeing, Airbus, etc. are investigating various ALM technology application areas. Recently, SpaceX used additive manufacturing to produce engine chambers for the newest Dragon spacecraft. BAE System plans to print on-demand a complete Unmanned Aerial Vehicle (UAV), depending on the operational requirements. Companies expect the implementation of ALM technology will bring a broad variety of technological and economic benefits. This includes, but not limited to, the reduction of the time needed to produce complex parts, reduction of wasted material and thus control of production costs along with minimization of part storage space as companies implement just-in-time and on-demand production solutions. The broad variety of application areas and a high grade of computerization of the manufacturing process will inevitably make ALM an attractive target for various attacks.
△ Less
Submitted 13 January, 2015;
originally announced February 2016.
-
Integrated monitoring of multi-domain backbone connections -- Operational experience in the LHC optical private network
Authors:
Patricia Marcu,
David Schmitz,
Wolfgang Fritz,
Mark Yampolskiy,
Wolfgang Hommel
Abstract:
Novel large scale research projects often require cooperation between various different project partners that are spread among the entire world. They do not only need huge computing resources, but also a reliable network to operate on. The Large Hadron Collider (LHC) at CERN is a representative example for such a project. Its experiments result in a vast amount of data, which is interesting for re…
▽ More
Novel large scale research projects often require cooperation between various different project partners that are spread among the entire world. They do not only need huge computing resources, but also a reliable network to operate on. The Large Hadron Collider (LHC) at CERN is a representative example for such a project. Its experiments result in a vast amount of data, which is interesting for researchers around the world. For transporting the data from CERN to 11 data processing and storage sites, an optical private network (OPN) has been constructed. As the experiment data is highly valuable, LHC defines very high requirements to the underlying network infrastructure. In order to fulfil those requirements, the connections have to be managed and monitored permanently. In this paper, we present the integrated monitoring solution developed for the LHCOPN. We first outline the requirements and show how they are met on the single network layers. After that, we describe, how those single measurements can be combined into an integrated view. We cover design concepts as well as tool implementation highlights.
△ Less
Submitted 20 January, 2011;
originally announced January 2011.
