Security challenges for Cyber-Physical Systems such as general Industrial Control Systems (ICS) have receive increasing attention from researchers in the last decade. Despite the significant challenges in the intersection of Cybersecurity and Engineering fields, cross-discipline research efforts on ICS security research resulted in a number of promising research directions. In this talk, I will discuss how those general directions relate to Additive Manufacturing security -- in particular, where I see unique opportunities in AM to address problems that are hard in general ICS.

Additive manufacturing (AM) is expected to revolutionize industrial manufacturing processes by providing access to readily available, lower cost, high-performance parts, including those with complex designs and diverse materials, not attainable in conventional subtractive machining processes. These benefits are distinctly advantageous for low-volume rapid prototyping. They also reduce the build time of complex, safety-critical components that traditionally require assembly.

The advanced product capabilities of AM also make these systems high risk for intellectual property theft, service outage attacks, and sabotage through compromised product quality. Concerns about malicious actors restrict business models and deter industry adoption and investment, especially those requiring secrecy around safety-critical components. In this paper, we analyze the threats to additive manufacturing system security using the Verification Evidence and Resilient Design in Anticipation of Cybersecurity Threats (VERDICT) tool, a model-based system engineering (MBSE) tool. First, we introduce a comprehensive set of attributes to characterize MBSE tools together with a survey of MBSE tools that support cyber analysis.

Based on these attributes and the available tools, we select the relevant tool (i.e., VERDICT) and apply it to an example additive manufacturing system. The modeling and analysis are intended to show the functionality of the VERDICT tool in a research context. The signals, properties, and requirements enable the user to experiment with and illustrate the functionality of the tool.

Finally, the paper introduces a novel approach for modeling the return on investment (ROI) for additive hardware cybersecurity investments that will lead to a cost-analysis integration with the VERDICT tool.

Metal Additive Manufacturing (AM) is increasingly utilized for functional parts, often used in safety-critical applications such as jet engine components. For these applications, it is imperative that the fit, form, and function are not compromised. However, it has been shown that numerous intentional sabotage attacks are pos- sible. Understanding how sabotage attacks can be conducted is a prerequisite for their prevention and detection.

This work focuses on Laser Beam Powder Bed Fusion (LB-PBF), an AM machine type dominant in the manufacturing of net-shape metal parts, and its subsystem controlling the shielding gas flow. We analyze how this essential subsystem can be manipulated to sabotage AM part performance. Our analysis shows that such sabo- tage attacks will be probabilistic, as opposed to the deterministic attacks previously discussed in the research literature. While this introduces issues with performance degradation and control over it, it is likely to also complicate the determination of intent and investigation of its root cause.

As Additive Layer Manufacturing (ALM) becomes pervasive in industry, its applications in safety critical component manufacturing are being explored and adopted. However, ALM's reliance on embedded computing renders it vulnerable to tampering through cyber-attacks. Sensor instrumentation of ALM devices allows for rigorous process and security monitoring, but also results in a massive volume of noisy data for each run. As such, in-situ, near-real-time anomaly detection is very challenging. The ideal algorithm for this context is simple, computationally efficient, minimizes false positives, and is accurate enough to resolve small deviations. In this paper, we present a probabilistic-model-based approach to address this challenge. To test our approach, we analyze current measurements from a polymer composite 3D printer during emulated tampering attacks. Our results show that our approach can consistently and efficiently locate small changes in the presence of substantial operational noise.

Cyber-physical systems (CPS) are engineered systems that are built from, and depend upon, the seamless integration of computation and physical components [NSF]. Embedded systems comprising of hardware and software systems are the major enabling technology for these cyber-physical systems. Today, CPSs can be found in security-sensitive areas such as aerospace, automotive, energy, healthcare, manufacturing transportation, entertainment, and consumer appliances. Compared to the traditional information processing systems, due to the tight interactions between cyber and physical components in CPSs and closed-loop control from sensing to actuation, new vulnerabilities are emerging from the boundaries between various layers and domains. In this keynote talk, Prof. Al Faruque will discuss how new vulnerabilities are emerging at the intersection of various components and subsystems and their various hardware, software, and physical layers. Several recent examples from various cyber-physical systems will be presented in this talk. To understand these new vulnerabilities, a very different set of methodologies and tools are needed. Defenses against these vulnerabilities demand also new hardware/software co-design approaches. The talk will highlight recent developments in this regard. The major goal of this talk will be to highlight various research challenges and the need for novel scientific solutions from the larger research community.