C3PO: A Security Analysis Tool for Networked 3D Printers (CMU-CyLab-19-002)

Advanced manufacturing has brought networked devices and 3D printing to the manufacturing domain. While these changes have increased efficiency, they have simultaneously introduced new security risks. For example, networked 3D printers can be exploited by an attacker to steal proprietary design data, modify safety-critical parts, or halt operations. Furthermore, attackers can use other compromised devices on the network to launch attacks against these networked 3D printers. In thiswork,we present C3PO, a network security assessment tool that systematically identifies security threats to 3D printers in advanced manufacturing deployments. C3PO identifies an individual 3D printer’s potential network-based vulnerabilities (e.g., determines if encryption is used when transmitting data). The second phase identifies possible multistage attack paths for achieving a specific goal on a given network deployment. As a use case, we applied C3PO to analyze 8 types of 3D printers in 3 real-world deployments to identify network security trends in commercial 3D printers and provide insights on how to secure these machines after they are deployed.