In discussion recently the topic of 3D printing threat vectors came up. What might they be?
I always like to say a technology is like Atomic Power; it can be used for good or evil. In this publication, we typically write of those doing good things with 3D printing. 3D printing is a technology, so what evil things could an enemy do with it?
A threat vector is a method that an enemy could use to do damage to their target. Whether a threat vector is good or evil depends on whose side you are on, I suppose.
I suspect this is a question internally being answered by some of the larger militaries around the world, and I cannot imagine what kind of unusual scenarios they have conceived. But here’s a few I can conjure up.
Whether these are actually feasible, I have no idea. I also strongly recommend not attempting them, or else you may be getting an unexpected knock on your door.
Transmitting Devices Across A Border: This one actually happens all the time; digital files easily traverse almost the entire world through uploads, downloads and file transfers every second. Many of these transmissions cross international borders, effectively bypassing the normal security checks performed at the physical borders.
If one wished to insert a machine into a target country but could not get it across the border, you could instead transmit the digital design electronically. From there a recipient could theoretically use the design to 3D print (or otherwise manufacture the item using other making technologies). However, most dangerous devices require precision components of some kind that cannot be easily made with commonly available 3D printing equipment.
One item that could be transmitted in this way are 3D printable designs for handheld guns. However, most of these designs are barely usable and in fact would be better done using conventional equipment, like metal CNC mills and lathes.
Wild Guess Risk Level: Low
Production Sabotage: The idea here would be to disrupt a 3D print manufacturing process. While there isn’t a lot of production 3D printing going on yet, there will be in the near future. And in that future one can imagine 3D printing being a key step in a complex production process. What if someone were to disrupt that production by launching a digital attack on the 3D printers in the production line? If successful, a production line might be stopped for some time, and that’s not good in a “just in time production” world.
Such attacks could be fended off by establishing basic digital security measures around the equipment. But with many 3D printers now attached to the Internet, that’s something that should be examined.
Wild Guess Risk Level: Low
Part Sabotage: This approach is more subtle. Imagine a critical part for a machine or vehicle being 3D printed in production. What if the digital file representing that part were subtly altered to introduce a flaw of some kind? A flaw that would not become apparent for quite some time.
Later on a machine or vehicle using the part might experience a catastrophic failure. The magnitude of the failure depends on the nature of the target, be it a common automobile or a nuclear plant. Such an attack could be a very long term thing, not noticeable for many years.
This would require sophisticated digital attack capabilities, as the digital 3D models would have to be found and somehow altered without the owner’s knowledge. Either that or an ability to inject their own version of the part into the manufacturing lifecycle at an appropriate point.
To mitigate this style of threat, companies would have to have complete control over and verification of their 3D content. They’d also have to secure all digital transmissions from interception. While they may have some form of part quality control, it may have to be beefed up if this threat becomes real.
Wild Guess Risk Level: Low
Start Fires: Another threat vector might be through the materials. Production 3D printed parts may be designed to operate in certain environments and require particular materials to ensure correct function.
But what if the input materials to the 3D printer were compromised, and an alternate material substituted instead?
You could certainly execute Part Sabotage as above with this technique, but imagine if the substituted materials were chemically made to have damaging effects? What if they material were to catch fire when heated by the 3D printer? What if oxygen were mixed in with the aluminum powder? The results could be explosive! These could catastrophically affect a 3D printer.
Another angle here is to successfully complete the 3D print, but alter the chemistry of the production part so that it might catch fire when in its intended operating scenario.
Such events would be difficult to pull off, but it’s possible to do things like this, especially considering the industry’s love for inexpensive third party materials. To somewhat mitigate this threat you’d have to acquire your 3D print materials from certified vendors only.
Wild Guess Risk Level: Low
I guessed all these would carry a low risk factor, as you might expect. But let’s put this in perspective. Most of these effects might already occur BY ACCIDENT! There is no need for bad guys here, we can blow up things all by ourselves.
What we do need to do is clean up the manufacturing processes to avoid such accidental situations and much of the threat from enemies would also go away.