Proceedings of the 50th Hawaii International Conference on System Sciences | 2017 Implications of Malicious 3D Printer Firmware Samuel Bennett Moore William Bradley Glisson Mark Yampolskiy University of South Alabama University of South Alabama University of South Alabama [email protected] [email protected] [email protected] Abstract implemented in high volume production settings in the ensuing three to five years. The utilization of 3D printing technology within As the use of 3D printers and their components the manufacturing process creates an environment grows, industry impact is already visible in several that is potentially conducive to malicious activity. industries [3]. A Wohlers Associates report states Previous research in 3D printing focused on attack that, in 2015, the 3D printing industry (a.k.a. vector identification and intellectual property Additive Manufacturing or AM) accounted for protection. This research develops and implements $5.165 billion of revenue, with 32.5% of all AM- malicious code using Printrbot’s branch of the open manufactured objects used as functional parts [29]. source Marlin 3D printer firmware. Implementations The integration of 3D printing is observable in of the malicious code were activated based on a aviation, medical and manufacturing industries [11, specified printer command sent from a desktop 16, 29]. In the aviation industry, Airbus is application. The malicious firmware successfully experimenting with the use of metal 3D printers in ignored incoming print commands for a printed 3D their manufacturing process [29]. General Electric is model, substituted malicious print commands for an already producing fuel nozzles for a jet engine that is alternate 3D model, and manipulated extruder feed scheduled to be available in 2016 [17]. NASA is rates. The research contribution is three-fold. First, incorporating 3D printing into its space program in this research provides an initial assessment of order to build components on an as-needed basis [6]. potential effects malicious firmware can have on a The medical field is exploring the use of 3D printed 3D printed object. Second, it documents a potential scaffolds for bone tissue engineering [9, 16]. From a vulnerability that impacts 3D product output using manufacturing perspective, Ford announced that they 3D printer firmware. Third, it provides foundational have created 500,000 parts in the last few decades grounding for future research in malicious 3D using 3D printers for the purposes of rapid prototyping [11, 20]. The use of 3D printers in rapid printing process activities. prototyping has prompted the idea that 3D printing will lead to rapid production environments [2]. In addition, the integration of 3D printers into all 1. Introduction aspects of society has stimulated debates in regard to the overall geopolitical and socioeconomic impact of Three-dimensional (3D) printing capabilities these devices [7, 21, 24]. present intriguing opportunities for businesses in With the continued assimilation of 3D printers today’s globally networked environment. 3D printers into manufacturing scenarios, it is plausible that the operate by fusing successive layers, with varying escalating importance of these devices will provide degrees of layer thickness, to produce 3D objects motivation for attackers along with creating new [18]. The ability to print objects on demand attack surface opportunities. This is similar to potentially provides organizations with the ability to integration issues and residual data risk experienced develop custom, cost effective components for a with other digital devices in business environments variety of purposes [3]. A PriceWaterhouseCoopers [15]. The ramifications of these compromises range (PwC) report indicates that, approximately, 71% of from physical damage to the 3D printer, to theft of manufactures in the US are implementing 3D printing intellectual property, to physically harming the in some form or fashion [23]. The report goes on to operator, to sabotage of the production product [31]. indicate that 42% believe that 3D printing will be Prospective attack vectors for 3D printers and associated printer components include consumer applications used to interact with the printer, 3D URI: http://hdl.handle.net/10125/41899 ISBN: 978-0-9981331-0-2 CC-BY-NC-ND 6089 model files, the communication architecture use to and incorporate all 3D printing parameters involved pass commands to the 3D printer and the firmware. in the printing process. This is due to the unique [26, 27]. Due to the data flow of the 3D printing effects printing parameters have on the structural process, the firmware is a piece of software that properties of the printed object. controls the 3D printer and, as such, is the final piece Brown, et al., [5] analyze legal aspects of IP of software involved in manufacturing process. protection in AM. Based on current US law, the The potential magnitude of a compromise coupled authors discuss whether and to what extent patent, with an understanding of the inherent data flow in a copyright, and trademark protection can be applied to 3D printer prompted the hypothesis that a 3D blueprint, process, printed object, and design on printer’s firmware can be maliciously modified so object. While some protection can be offered by the that it negatively impacts printed objects. To explore existing legal framework, the authors identify this hypothesis several research questions were numerous limitations. For instance, a 3D scan of a identified: manufactured object is not considered an original 1. Is open source data available to assist in technical drawing (blueprint); thus it can be used to modifying the 3D printer firmware? legally avoid copyright protection of a blueprint. 2. How does the 3D printer firmware interpret and From an attack perspective, Faruque, et al., [10] execute received commands? present the first side-channel attack on a 3D printer. 3. What effect can manipulation of the commands The authors show how acoustic emanations of a have on the printed model? desktop 3D printer can be used to reconstruct the The research contribution is three-fold. First, this printed object’s geometry. The authors report an research provides an initial assessment of potential average accuracy for axis prediction of 78.35% and effects malicious firmware can have on the 3D an average length prediction error of 17.82%. In the printed object. Second, it documents a, potential, follow-up poster and technical report [8], the authors vulnerability that impacts 3D product output using analyze a video feed from a thermal imaging camera Marlin firmware. Third, it provides the foundation for in an attempt to measure and reproduce the print bed future areas of research involving firmware and nozzle movements of a 3D printer, from which a manipulation. The paper is structured as follows: complete design specification can be derived. Section 2 discusses relevant research in 3D printer Turner, et al. [27] analyzed the manufacturing security. Section 3 describes the methodology and tool chain in AM and found several attack vectors experimental design to evaluate the research that can be easily exploited. The authors have questions. Section 4 discusses implementation and examined the lack of integrity checks when receiving results. Section 5 discusses conclusions gathered the design (common non-secure mechanisms include from the conducted experiment and section 6 email and USB drives), the lack of physical security identifies areas for future research. on machining tools, and the exposure to common network attacks. The authors note the difficulty of 2. Literature review relying on the quality control process because it is expensive and not tailored for detection of cybersecurity attacks. As the proliferation of 3D printers escalates, it Yampolskiy, et al., [31] present on an extensive stands to reason that the number and various types of survey of AM related material science literature and attacks will increase. Recent research indicates that discuss which manufacturing parameters can have a the introduction and impact of residual data extracted negative impact on the quality of manufactured parts. from digital devices is continuing to escalate in legal The discussion focuses on AM with metals and alloys atmospheres [4, 19]. This situation emphasizes the and covers a variety of AM processes, including necessity to understand how a devise can be power bed fusion, direct energy deposition, and sheet compromised along with effective mitigation lamination. The identified parameters include but are strategies for the production product and the not limited to build direction, scanning strategy, heat intellectual property. source energy, etc. The researchers identify the So far, two major security threat categories have following cyber and physical attack vectors been identified for 3D printing in the literature: categories: malicious software and firmware, violation of Intellectual Property (IP) and ability to malicious 3D models, and the physical supply chain. inflict physical damage, e.g., via a sabotage of a Yampolskiy, et al., [32] generalizes the ability to manufactured part’s quality. sabotage AM as the weaponization of 3D printing. Yamploskiy, et al., [30] express a need to expand The authors propose a framework for the analysis of intellectual property protection beyond the 3D model attacks involving AM and then then discuss how 6090 certain categories of attacks can generate effects execute its