Manufacturers can’t afford disastrous file-based 3D Printing security blunders

Cybersecurity doesn’t immediately spring to mind when you think of 3D printing, but any enterprise hoping to adopt it at scale must make security a critical, integrated priority. The interconnectivity of devices combined with the concept of printing from a file opens the door to new security threats – with the relatively simple editing of one file potentially affecting thousands of components, the consequences could be disastrous. To avoid such disaster, it is imperative that manufacturing leaders explore the immutability of blockchain and proactively protect themselves.

Historically, “things” were manufactured by subtraction—you’d start with a big thing and chop bits off until you have a smaller thing. Additive manufacturing (AM) is a revolution which, as the name suggests, builds products from the ground up. AM consists of a number of hair-splitting sub-processes, however, “3D printing” has become the layman’s blanket term of choice for this increasingly important trend. Researchers claim it is an essential ingredient for Industry 4.0, and they currently value the market at approximately $14.5 billion worldwide (see Exhibit 1). The growth was mostly driven by evolutions in the capabilities of the technology, notably the ability to “print” with materials such as metal, as well as rapidly increased printing speeds and falling costs.

Exhibit 1: 3D printing market size worldwide, 2013-2021 (billions)

^{Source: Statista, 2019}

Some of the biggest manufacturers are adopting 3D printing in different industries with different, potentially life-threatening consequences

It would be impossible to deny the rapid growth of the market, resulting in some of the largest multinationals adopting the technology with the potential to be the biggest shake-up manufacturing has seen since Henry Ford’s production line. Examples include:

• BMW invested $12.3 million in an Additive Manufacturing Campus and deployed the technology to sites in the US, China, and Thailand to help with the production of individual components, small production runs, and large-scale manufacturing.
• Boeing purchased several 3D-printed components from Norsk Titanium AS to make its Boeing 787 Dreamliner. The parts received Federal Aviation Administration (FAA) approval in February 2017, meaning they were airworthy and could be used in production.
• NASA is using 3D printing to rapidly prototype rocket and rover parts. It is also exploring the technology to print tools at the International Space Station.

Manufacturers must understand that consequences will vary by industry, but the security risks they expose themselves to are the same

Printing components for mass production presents a substantial security risk as a product’s structure is stored in a single computer file. Previous research has found that altering the orientation of the product during printing can cause up to a 25% difference in strength. With the constant evolution of IoT, this threat has become increasingly real as hackers are now met with multiple points to enter a system, as explained in our other research, and can edit the structure of components before they are produced at mass. It’s no stretch of the imagination to consider the impact in the automotive industry if brakes stop functioning correctly or for an airplane manufacturer if an engine fails mid-flight.

Increased connectivity also creates an opportunity for hackers to take control of printers and produce products on exploited systems. Concerningly, global military bodies are increasingly enticed by the prospect of printed weapons and bombs. Proofs of concept not only prove that this capability is increasingly possible, but also that it moves risk thresholds from unreliable car parts to compromised explosives.

Blockchain offers the traceability and immutability manufacturers need to ensure 3D printing remains safe, secure, and efficient

These security problems shouldn’t scare manufacturers away from adopting 3D printing at scale; they just need to do so with caution. While it is still an emerging technology, our research has identified blockchain as a technology with a range of use cases in manufacturing, and provenance is one of them (see Exhibit 2).

Exhibit 2: Manufacturing is a prominent use case for blockchain

^{Source: HFS Research, 2018, Top 10 Enterprise Blockchain Services}

^{Sample: 550 blockchain engagements across 15 service providers}

Because blockchain records every transaction on its decentralized network, it cannot be tampered with or deleted, meaning manufacturers could use it to track every time anybody accesses one of their product files. This means if a file was tampered with, it would contain a record of who altered the file, exactly what they changed, and when they did so, allowing the manufacturer to rectify any unauthorized adjustments. General Electric (GE) has recognized the potential of blockchain in this area and has already filed a patent application for using blockchain to validate and verify 3D-printed objects in its supply chain to prevent counterfeiting.

But, blockchain could also help maintain the integrity of the printers themselves. Logging any interaction with the printer on a blockchain, with a note of where the contact originated from, would allow manufacturers to trace the origin of the files that were printed. This means if anything unauthorized were to be printed, it could be traced to its origin almost immediately.

The Bottom Line: If manufacturers want efficiency gains from 3D printing, they must understand the need for extensive file security, and blockchain could be the technology to provide it.

It is understandable that large enterprises are looking toward 3D printing to drive down manufacturing costs. However, it is imperative that they pause before they dive in head first. They need to remember that cybersecurity must be an integral part of any digital transformation and the 3D printing revolution is no different. Blockchain’s tracking and traceability have been proved to have a near-term business effect (see Exhibit 3), which means it could be the technology that offers the security manufacturers need to produce components at scale using 3D printing technologies.

Exhibit 3: Tracking and traceability will have near-term business impacts

^{Source: HFS Research Top 10 Enterprise Blockchain Services, 2018}