It isn’t a sci-fi movie but a true experiment conducted by the researchers at the University of California Irvine, led by Mohammad Al Faruque, that demonstrated how to steal 3D-Printed models by copying sounds of printer nozzles.
The researchers have proven that they can copy a complete 3D model with great accuracy by simply recording the sounds while the 3D printer is working. The experts were able to link the noise produced by pumps, servos and extruders while printing an object with the blueprint used to produce it.
The 3D printer produces a symphony of mechanical sounds specific to each project, the sound can give an attacker indication of the operation conducted to implement a specific design. The sound gives a detailed indication of the machine’s printing head movements and on the quantity of plastic filament is being extruded from the nozzle on every pass.
“The team, led by Mohammad Al Faruque, director of UCI’s Advanced Integrated Cyber-Physical Systems Lab, showed that a device as ordinary and ubiquitous as a smartphone can be placed next to a machine and capture acoustic signals that carry information about the precise movements of the printer’s nozzle. The recording can then be used to reverse engineer the object being printed and re-create it elsewhere. Detailed processes may be deciphered through this new kind of cyberattack, presenting significant security risks.” states a blog post published on UCI News.
One of the antipiracy measures consists in the encryption of 3D models, in other cases, the intellectual property protection is protected by developing DRM schemes for physical things to print.
The protection measures for 3D models implemented in various industries can protect them from unauthorized downloads and visualizations.
The researchers explained that everyone carrying smartphones can bypass these security measures recording the sounds of a 3D printer at work.
In 3D printing processes, the systems convert digital information embedded in source code to build layer upon layer of material giving the object the designed shape. That source file (aka G-code) is usually protected by encryption mechanisms that anyway are not effective once the printing is started.
“My group basically stumbled upon this finding last summer as we were doing work to try to understand the relationship between information and energy flows,” explained Al Faruque“According to the fundamental laws of physics, energy is not consumed; it’s converted from one form to another – electromagnetic to kinetic, for example. Some forms of energy are translated in meaningful and useful ways; others become emissions, which may unintentionally disclose secret information.”
The unique problem is that attackers need to record the entire printing process while the 3D printer is at work, an operation that for complex can take days for objects with complex shapes.
The result of the experiment was incredible, the researchers at UCI’s Advanced Integrated Cyber-Physical Systems Lab were able to clone a 3D-printed key-shaped object with 90 per cent accuracy. Now imagine the possible consequences of the application of the technique for espionage in a manufacturing plant.
“In many manufacturing plants, people who work on a shift basis don’t get monitored for their smartphones, for example,” Al Faruque said. “If process and product information is stolen during the prototyping phases, companies stand to incur large financial losses. There’s no way to protect these systems from such an attack today, but possibly there will be in the future.”
(Security Affairs – 3D Printer, piracy)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.