Cybersecurity threats in Additive Manufacturing (AM) are an increasing concern as AM adoption continues to grow. AM is now being used for parts in the aerospace, transportation, and medical domains. Threat vectors which allow for part compromise are particularly concerning, as any failure in these domains would have life-threatening consequences. A major challenge to investigation of AM part-compromises comes from the difficulty in evaluating and benchmarking both identified threat vectors as well as methods for detecting adversarial actions. In this work, we introduce a generalized platform for systematic analysis of attacks against and defenses for 3D printers. Our "OFFRAMPS" platform is based on the open-source 3D printer control board "RAMPS." OFFRAMPS allows analysis, recording, and modification of all control signals and I/O for a 3D printer. We show the efficacy of OFFRAMPS by presenting a series of case studies based on several Trojans, including ones identified in the literature, and show that OFFRAMPS can both emulate and detect these attacks, i.e., it can both change and detect arbitrary changes to the g-code print commands.

翻译：增材制造（AM）中的网络安全威胁随着AM应用范围的不断扩大而日益受到关注。目前，AM已被应用于航空航天、交通运输和医疗领域的零部件制造。允许对零部件进行恶意篡改的威胁向量尤其令人担忧，因为这些领域的任何故障都可能导致危及生命的后果。研究AM零部件篡改攻击面临的一个主要挑战在于，评估和基准测试已识别的威胁向量以及检测对抗性行为的方法存在困难。在本研究中，我们提出了一种用于系统分析3D打印机攻击与防御的通用平台。我们的“OFFRAMPS”平台基于开源3D打印机控制板“RAMPS”。OFFRAMPS允许对3D打印机的所有控制信号和输入/输出进行分析、记录和修改。我们通过展示一系列基于多个木马程序（包括文献中已识别的木马）的案例研究，证明了OFFRAMPS的有效性，并表明OFFRAMPS既能模拟这些攻击，也能检测这些攻击，即它既能改变G代码打印指令，也能检测对其进行的任意篡改。