Cyber Security Show: 3D printing still needs security to be built in

Additive manufacturing – aka 3D printing – presents a "paradigm shift" for manufacturers, but at this year’s Cyber Security Show in London – convened under Chatham House Rules – there are warnings that poor security could stifle the industry.

3D printing is predicted to be a multi-billion dollar industry over the next few years. It can reduce the number of parts and processes in almost any use case, and the audience are told that even if they don't use it, someone in their supply chain already is or soon will be.

However this new way of manufacturing also brings new security challenges. Aside from the potential to hack into 3D printers - traditional office printers have long been a known attack vector  and this new wave of devices could be just as bad – the fact everything relies on CAD and STL files makes stealing IP much easier.

Where once there were engineering drawings, blueprints and propriety tooling, additive manufacturing merely needs a few digital files to create objects. Aside from the fact anyone who has access to these files – for example any printing shop or service you outsource any jobs to – has your IP, these files are easy to change and alter.

Whether for fun or industrial espionage, unauthorised alterations to design files can have serious consequences. Changing the internal structure of an object to make it lighter or heavier, while seeming innocuous, could cause damage in a helicopter or other finely-tuned machine.

Such alterations can be hard to see, especially in metal or wood prints, without the right (and often extremely expensive) equipment.  “Imagine you find you have 50,000 parts that don't work,” the audience is warned. “Don't assume it’s right because it looks it.”

We are also told that the “risks are real and growing” and these dangers could potentially disrupt the whole supply chain. But with such danger comes the opportunity for security companies to better secure those supply chains. Companies that use 3D printing need better access controls; to the software, the hardware and the files. “The time to build security into additive is now.”


« Africa needs better application of 'Smart City' tech


Cloud research: Ransomware, CISOs & new regulations »
Dan Swinhoe

Dan is a journalist at CSO Online. Previously he was Senior Staff Writer at IDG Connect.

  • twt
  • twt
  • twt
  • Mail


Do you think your smartphone is making you a workaholic?