Cybersecurity threats in Additive Manufacturing (AM) are an increasing concern as AM adoption continues to grow. AM is now being used for parts in the aerospace, transportation, and medical domains. Threat vectors which allow for part compromise are particularly concerning, as any failure in these domains would have life-threatening consequences. A major challenge to investigation of AM part-compromises comes from the difficulty in evaluating and benchmarking both identified threat vectors as well as methods for detecting adversarial actions. In this work, we introduce a generalized platform for systematic analysis of attacks against and defenses for 3D printers. Our "OFFRAMPS" platform is based on the open-source 3D printer control board "RAMPS." OFFRAMPS allows analysis, recording, and modification of all control signals and I/O for a 3D printer. We show the efficacy of OFFRAMPS by presenting a series of case studies based on several Trojans, including ones identified in the literature, and show that OFFRAMPS can both emulate and detect these attacks, i.e., it can both change and detect arbitrary changes to the g-code print commands.

翻译：摘要：随着增材制造（AM）的广泛应用，其面临的网络安全威胁日益引发关注。当前AM技术已应用于航空航天、交通运输及医疗领域的关键部件制造。由于这些领域的任何失效都可能引发致命后果，针对部件篡改的攻击向量尤其令人担忧。研究AM部件篡改问题的主要挑战在于，难以评估和基准测试已识别的攻击向量及检测对抗行为的方法。本研究提出一个通用平台，用于系统分析针对3D打印机的攻击与防御机制。该"OffRAMPS"平台基于开源3D打印机控制板"RAMPS"开发，能够对3D打印机的所有控制信号及输入输出进行解析、记录与修改。通过基于多种木马（包括文献中已记载的类型）的系列案例研究，我们验证了OffRAMPS的有效性：该平台既可模拟这些攻击，也能检测攻击行为——即能够任意改变或检测g-code打印指令的变更。