intellectual property protection Archives - Perfect 3D Printing Filament

Two students from New York University Abu Dhabi won the first prize of the Hack3D challenge at New York University Tandon’s School of Engineering. Only five teams advanced to the final round of the only student-led 3D printing cybersecurity hackathon. The Hack3D competition, which is part of a broader global cybersecurity competition called the Cybersecurity Awareness Week (CSAW), encourages teams from around the globe to circumvent security measures in the additive manufacturing supply chain so that they can spotlight the need for anti-counterfeiting methods in 3D printing. The competition’s first round had a total of 49 teams trying to solve a problem to qualify for the next round, which included a trip to New York to attend the NYU Tandon challenge and prize money for winners and runners up.

Led by Nikhil Gupta, a mechanical and aerospace engineering professor at Tandon, the competition is on its second-year run and during the first qualifying round, had teams struggling to figure out the solution to a problem posted online. Participants were challenged to reconstruct a corrupted .gcode file employing skills in forensics and reverse-engineering. So basically, they had to hack the security measures Gupta embedded in the print files that make it virtually impossible to print a component correctly, in this case, a chess piece.

Last Friday, the final round rallied up five teams to compete in printing 3D parts that were embedded with anti-counterfeiting features developed at NYU Tandon and designed to protect CAD models. After eight intense hours at the NYU Tandon lab, Pedro Velasquez and Cole Beasley outrivaled the other four teams as they managed to hack the 3D printing cybersecurity code and 3D print the correct version. Called the SNEKS AD, the team was awarded $1,000 in prize money during a ceremony held last Friday night.

Hack3D, which explores vulnerabilities in 3D printing, brings together students from around the world to compete for scholarships and funding. Sponsored by some of the biggest names in the industry, like IBM, JP Morgan & Chase, Capsule 8, Red Baloon Security, and the National Science Foundation (NSF), this year’s CSAW annual competition gathered the world’s top student hackers with a total of 180 teams advancing to final rounds, competing for scholarships and cash prizes, including NYU Tandon’s more than $1 million in scholarships to all high school finalists in the CSAW Red Team Competition in Downtown Brooklyn.

Hack3D teams at work during the eight-hour final round challenge

3DPrint.com caught up with the winning team during the live competition on Friday via phone interview and both Beasley and Velasquez said they were “thrilled to be participating in the challenge” and “would love to return next year.” The computer science majors are both freshmen and eager to explore cybersecurity as part of their future in the chosen career. Only three hours into the challenge, Velasquez suggested: “we have a good plan in place and are keeping up with the schedule; we already have our first prototype and are printing out our second so that we can start testing it.”

Coles explained that during the final round “they have given us one part (a male piece) and we basically have to create another part (female) that connects to it”. There was a code embedded in the CAD file, which he referred to as a “hint hidden inside the code,” and once they got the right piece 3D printed, they won the challenge.

During Hack3D, competitors also had the opportunity to learn and use skills in graphics programming, file manipulation, and reverse engineering while gaining an understanding of the additive manufacturing supply chain.

Gupta explained during an interview with 3DPrint.com that “hackathons are an important component in finding the strength of the security method, so this year we expanded the competition and had 49 entries from across the world. We gave them one problem, yet none of the teams could completely solve it, so the five finalists that came closest to the answer were able to compete. They had two months for the first challenge, but only eight hours for the final round, and they needed to 3D print the part in our lab to check whether they could succesfully solve the challenge.”

Last year’s Hack3D pieces

“People have been doing traditional cybersecurity measures like password protecting files, encrypting files but there is nothing that relates to 3D printing itself, so we came up with some design schemes, so using the design features that we put in the files while designing the products. The security features prevent the files from getting printed in high quality unless you use a security key.”

The runners up were Alex Manning and Erin Ozcan, also known as the pwndevils from Arizona State University, and in third place, the AGGIES from Texas A&M University: Akash Tiwari, Maccoy Merrell, and Mutaz Melhem.

Gupta went on to say that “we found that the cyber threat landscape in the 3D printing world, mainly for aerospace and medical devices, will get worse. For example, if a counterfeit part makes its way to an airplane and something goes wrong, it will become hard to figure out that it was the reason for an accident. On the other hand, 3D printing and general access to new technologies have made it easier to replicate parts or reverse engineer them to recreate a system.”

According to NYU, flawed parts printed from stolen design files could produce dire results: experts predict that by 2021, 75 percent of new commercial and military aircraft will fly with 3D-printed engine, airframe, and other components, and the use of AM in the production of medical implants will grow by 20 percent per year over the next decade.

“Since mechanical engineers are the ones designing many parts, they need to get into a security mindset, to handle this issue,” continued the expert.

Nikhil Gupta

So Gupta, along with other researchers at NYU Tandon and NYU Abu Dhabi, were the first to convert flat QR codes into complex features hidden within 3D printed parts to foil counterfeiters and IP pirates and to provide an innovative way for unique device identification.

Gupta and his colleagues developed a scheme that “explodes” a QR code within a computer-assisted design (CAD) file so that it presents several false faces — dummy QR tags — to a scanning device. Only a trusted printer or end user would know the correct head-on orientation for the scanner to capture the legitimate QR code image.

“In 3D printing, you are creating a part layer by layer, so we break the QR code into a number of parts–like 300 different pieces–and we embed them into each layer, so that only one particular direction will show you the QR code, every other direction will show a cloud of points. Using any identifiable signature embedded, microstructures or metal sized particles can be used as a security method.”

Embedded codes layer by layer

Continued growth in the 3D printing sector means that the CAD design files and the machines become vulnerable to hacks. Cybersecurity issues in the virtual world wreak havoc, in the last year a series of ransomware and supply chain attacks led to seriously compromised companies and malicious hacking. All this can quickly translate into 3D printing, with objects manufactured being at serious risk of failure, and as cyberattacks become more advanced, the risks are greater. NYU Tandon, one of the first university departments to teach cybersecurity in 3D printing, is raising the bar to spark student interest in the field, by engaging the global community in their annual hackathon. For Gupta, a lot of what we are beginning to see and as hacks become more advanced, this represents a significant danger for AM cybersecurity. The vulnerability of the internet around the world is increasing, accompanied by an expanding community of hackers that didn’t use to have the tools required for hacking. He claims that “there are now more motivations for hacks as digital manufacturing is rapidly increasing, bringing 3D printing to the forefront of the industry.”

[Images: NYU Tandon]

The post NYU Abu Dhabi Team Wins Hack3D Challenge appeared first on 3DPrint.com | The Voice of 3D Printing / Additive Manufacturing.

With so many fields applying additive manufacturing and 3D printers often being connected to the internet, they face security issues that range from privacy concerns to device integrity. Defects in products built by 3D printers due to hacks and cyberattacks could theoretically be problematic. If you think about medicine, new cybersecurity vulnerabilities could affect clinical operations and put patient care at risk. A recent increase in cyberattacks in healthcare-related industries accentuates the need for incorporating cybersecurity in medical research and practice. By extension, 3D printers and all connected devices need protection against attacks.

And when it comes to protecting the 3D printing pipeline from risks and cyber hacks, New York University (NYU) professor of mechanical and aerospace engineering, Nikhil Gupta, has been looking for solutions for years. Along with a team of researchers at NYU Abu Dhabi, he pioneered a way to hide 3D versions of identifying features such as QR codes inside printed components, giving the end-user with proper scanning technology a means of confirming the part’s legitimacy. He also found several other ways of making sure manufacturers and customers can prove that 3D printed parts are authentic and that a component can be correctly printed only by a trusted facility at the other end of the design pipeline. Just last month Gupta announced the development of a system for converting CAD files to a frequency domain, allowing them to hide 3D designs in sound files and more, making them safer against hacks.

Nikhil Gupta

Last July, Gupta along with colleague Ramesh Karri, professor of electrical and computer engineering at NYU Tandon School of Engineering, have received a new three-year National Science Foundation (NSF) award to develop a pedagogical program for cybersecurity in 3D printing that will include a variety of educational activities and resources around a new graduate-level course: Cybersecurity in Additive Manufacturing. They will teach mechanical engineering students the tools necessary for innovations in the field of white-hat hacking (also known as ‘ethical hackers’ attempting to find security holes via hacking, with permission from the system owner making the process completely legal). According to NYU Tandon, the course will bridge the gap between the fields of cybersecurity and mechanical design to provide a security mindset to mechanical engineers and materials scientists.

The collaborative educational initiative will begin this month and received an award of $464,034 as part of the NSF’s Secure and Trustworthy Cyberspace program.

The project includes a partnership with the New York City College of Technology (City Tech) that will provide resources for that school to implement a similar course on their Brooklyn campus near NYU Tandon. Gupta said that as part of the program, NYU Tandon may recruit summer undergraduate students from City Tech, to participate in the summer undergraduate research program on cybersecurity in 3D printing.

“We feel that having created a body of research and methods in this very critical — and rather unexplored — area of cybersecurity, it was critical that we share it and prepare a trained workforce,” said Gupta. “This support from the National Science Foundation allows us to develop a pedagogical foundation for passing the technologies we have developed on to the next generation of engineers, including, thanks in part to our relationship with City Tech, those under-represented in engineering.”

The project will first develop an introductory graduate-level course on AM security to be taught at both schools. This course will be part of a new Master of Science program and a new certificate program, both in AM. An online version of the course will also be offered. Additionally, the project will organize the HACK3D hackathon to build the security mindset of students for approaching digital manufacturing and will hold an annual workshop, scheduled for May 2020, and undergraduate summer research program in innovative research on the cybersecurity of digital manufacturing.

NYU Tandon researchers report that 3D printing is vulnerable

Karri, a renowned electronics supply chain cybersecurity expert, said that “inculcating a security mindset in the digital manufacturing supply chain workforce to address the cybersecurity challenges is timely.”

NYU Tandon

The educational framework in this project will be the first of its kind to address the security challenges in the field of 3D printing. With more and more fields using the technology, it will soon become essential to have specialists in 3D printing security. The NYU team has pioneered the AM attack taxonomy and design-based security scheme that are the core areas of this project. The security scheme requires a collaborative approach because innovative design features are embedded in the 3D solid models and extensively tested for possible breaches according to the proposed taxonomy of threats. According to Gupta and Karri, the interdisciplinary framework of this project enables the creation of a cross-disciplinary course on cybersecurity in AM.

The experts at NYU have come up with a brilliant idea to educate and engage students, and build capacity in the emerging field of AM security, providing the educational resources necessary for working professionals in the field of cybersecurity in 3D printing and young students who are inspired and eager to have a degree in this emerging new field.

[Images: NYU Tandon]

The post NYU Tandon Gets Grant to Teach Cybersecurity in 3D Printing appeared first on 3DPrint.com | The Voice of 3D Printing / Additive Manufacturing.