‘Logic bombs’ pose threat to drones, protheses, and other 4D-printed objects

Getty Images

Cybersecurity researchers at Rutgers University-New Brunswick and the Georgia Institute of Technology have proposed new ways to protect 4D-printed objects like drones, prostheses, and medical devices from malicious embedded computer code called “logic bombs.”

“Next-generation, cyber-physical additive manufacturing enables advanced product designs and capabilities, but it increasingly relies on highly networked industrial control systems that present opportunities for cyberattacks,” said principal research investigator Saman Zonouz, quoted in an article about the research posted to the Rutgers website.

Zonouz, an associate professor of electrical and computer engineering at the New Jersey university, added, “The predominant approach to defending against these threats relies on host-based intrusion detectors that sit within the same target controllers and, hence, are often the first target of the controller attacks.”

The researchers looked at Mystique, a novel class of attacks on printed objects that leverage emerging 4D printing technology. Mystique enables visually harmless objects to behave maliciously when a logic bomb is triggered by a stimulus such as a change in temperature, moisture, or pH level, or when the part material is modified prior to printing. Such changes can lead to catastrophic operational failure.

The researchers proposed two strategies to prevent these attacks. The first focuses on designing a sensor that can measure the composition and diameter of raw materials passing through a 3D printer’s extruder to ensure the material meets expectations before the object is printed. A dielectric sensor can detect a change of 0.1 mm in a filament’s diameter and a change of 10% in concentration composition.

The second solution is to use high-resolution CT (computed-tomography) images to detect residual stresses in printed objects that contrast benign and malicious designs before activation of an attack. CT detection has an accuracy of 94.6% in identifying 4D attacks in a single printing layer.

The research team plans to provide guidelines to tie together resilience solutions pertaining to software security, control system design, and signal processing and incorporate reliable and practical cyber-physical attack detection into real-world manufacturing environments.

The National Science Foundation funded the Rutgers-Georgia Tech research.