MANIPULATION OF G-CODE TOOLPATH FILES IN 3D PRINTERS: ATTACKS AND MITIGATIONS

Elizabeth Kurkowski, Alyxandra Van Stockum, Joel Dawson, Curtis Taylor, Tricia Schulz, Sujeet Shenoi

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

2 Scopus citations

Abstract

Additive manufacturing or 3D printing is commonly used to create mission-critical parts in the critical infrastructure. This research focuses on threats that target the key slicing step of additive manufacturing, when design files that model part geometry are converted to G-code toolpath files that convey instructions for printing parts layer by layer. The research leverages a hitherto unknown slicing software vulnerability where G-code corresponding to part slices is stored as plaintext ASCII characters in heap memory during execution. The vulnerability was discovered in two open-source, full-featured slicing software suites that support many 3D printers. Experiments with a toolkit developed to target slicing software in real time demonstrate that the attacks are surreptitious and fine-grained. Two attacks, temperature modification and infill exclusion, performed against G-code generated for fused filament fabrication printers demonstrate the ability to sabotage printed parts as well as print environments. Although the vulnerability can be mitigated using strong authentication and access controls along with G-code obfuscation, the ability to automate surreptitious, fine-grained attacks that degrade printed parts in ways that are imperceptible to the human eye and undetectible by nondestructive testing methods is a serious concern.

Original languageEnglish
Title of host publicationCritical Infrastructure Protection XVI - 16th IFIP WG 11.10 International Conference, ICCIP 2022, Revised Selected Papers
EditorsJason Staggs, Sujeet Shenoi
PublisherSpringer Science and Business Media Deutschland GmbH
Pages155-174
Number of pages20
ISBN (Print)9783031201363
DOIs
StatePublished - 2022
Event16th Annual IFIP WG 11.10 International Conference on Critical Infrastructure Protection, ICCIP 2022 - Virtual, Online
Duration: Mar 14 2022Mar 15 2022

Publication series

NameIFIP Advances in Information and Communication Technology
Volume666 IFIP
ISSN (Print)1868-4238
ISSN (Electronic)1868-422X

Conference

Conference16th Annual IFIP WG 11.10 International Conference on Critical Infrastructure Protection, ICCIP 2022
CityVirtual, Online
Period03/14/2203/15/22

Funding

This research was supported by the National Science Foundation under Grant no. DGE 1501177 and by UT-Battelle under Contract no. DE-AC05-00OR22725 with the U.S. Department of Energy.

Keywords

  • Additive manufacturing
  • G-code attacks
  • fused filament fabrication

Fingerprint

Dive into the research topics of 'MANIPULATION OF G-CODE TOOLPATH FILES IN 3D PRINTERS: ATTACKS AND MITIGATIONS'. Together they form a unique fingerprint.

Cite this