Digital manufacturing is a double-edged sword: How to leverage opportunities while mitigating threats

Image from Freepik

Advances in artificial intelligence, robotics, sensors, and networking technologies have unquestionably transformed the industrial landscape by making digital manufacturing (DM) a reality, and this shift towards increased digitization will only continue in 2023.

In fact, according to "The Impact of Technology in 2023 and Beyond: an IEEE Global Study," which surveyed chief information officers, chief technology officers and technology leaders in the U.S., U.K., China, India and Brazil on key technology trends, priorities and predictions for 2023 and beyond, technology will be a core driver of efficiency in the year ahead.

The survey found that the top three opportunities for manufacturers and supply chains heading into 2023 include:

Two-thirds (67%) of technologists surveyed believe 26-75% of jobs across the entire global economy will be augmented by AI-driven software in 2023.
98% say using digital twin technology and virtual simulations in 2023 to more efficiently design, develop and safely test product prototypes and manufacturing processes will be important.
98% agree that in 2023 and beyond, AI-powered autonomous, collaborative software and mobile robots will automate processes and tasks, including data analysis, allowing humans to be more efficient and effective.

But thriving in a cutting-edge DM environment requires a whole new kind of workflow – one in which specialized teams create the product designs and manufacturing processes, workers operate the DM equipment, and quality control teams test the finished components before sending them further along on the supply chain.

Moving forward, those design and manufacturing phases will run on off-site cloud servers, which provide increased flexibility, reliability, and connectivity. However, these off-site servers come with added security concerns, as DM processes can leave a business open to piracy, sabotage, or counterfeiting.

Increasingly Sophisticated Threat Actors Target New Vulnerabilities

Cybercriminals are savvy: with a variety of resources at their disposal, they can mount denial-of-service (DoS) attacks that prevent access to manufacturing systems, reverse-engineer an entire file or physical product after hacking into a portion of the system or steal proprietary digital information like design files and use them to develop competing products.

The list of potential targets is eye-opening: CAD software; G-code files that define processing parameters like tool path, nozzle temperature, laser power, and material type; the sensors and actuators responsible for measuring and driving the physical process; the controllers that operate in a feedback loop to carry out the decision-making process and control the behavior of the DM machines; or even the physical machines themselves.

The integrity and confidentiality of the manufacturing process are dependent on all of them, and all are susceptible to tampering by malefactors.

A recent European Union Agency for Cybersecurity report on emerging supply chain attacks found that almost two-thirds of attacks exploit vulnerabilities in code used by the suppliers of products and components, and several newsworthy incidents show the very real toll behind that statistic. That includes a 2017 attack on a major global auto manufacturer’s plant that forced a 48-hour shutdown, halting the production of an estimated 1,000 vehicles, and a 2019 ransomware incident that cost a multinational aluminum manufacturer some $75 million.

Novel Threats Require Novel Solutions and Progressive Thinking

Securing important supply chains, such as those involved in manufacturing, is vital to ensuring public trust and safety, especially considering that DM is now being used to make everything from aircraft components to medical implants.

In an ever-evolving threat landscape, researchers are continually working to develop countermeasures. These have traditionally included:

Digital watermarking, which involves embedding a hidden marker into a file to confirm copyright or track illegally made copies.
Fingerprinting – a method of uniquely identifying designs or products.
Various authentication methods, with multi-factor authentication becoming increasingly standard.
Injecting noise signals into side channels to prevent attackers from gleaning relevant information.
Obfuscating design files, making them harder to reverse-engineer.
Anomaly detection, which allows an operator to discover any deviations from the expected.

Effective new countermeasures are greatly needed, however. As researchers work to stay one step ahead of malefactors, digital manufacturers can employ best practices, such as those outlined by the National Institute of Standards and Technology.

At a time when there is no longer a strict divide between IT and OT, secure DM requires awareness, planning, and an all-hands-on-deck approach.

Ramesh Karri is an IEEE Fellow and Professor of Electrical and Computer Engineering at the NYU Tandon School of Engineering, as well as the co-founder of the NYU Center for Cybersecurity. His research and education activities span additive manufacturing security, hardware cybersecurity, security-aware computer-aided design, and other such topics.

ON DEMAND: In this webinar, Regina Lester, Vice President of Security & Safety Operations at Toledo Zoo, will share her insights on implementing security technologies in the entertainment sector and the challenges all organizations face — large and small — when it comes to balancing budget and security.