A team of researchers from the University of California, Irvine recently demonstrated how they can snatch intellectual property by simply recording and processing sounds emitted from a 3-D printer.
Mohammad Al Faruque, the director of UCI’s Advanced Integrated Cyber-Physical Systems Lab, led the team which showed that a simple device, such as a smartphone, can capture acoustic signals that carry information about the precise movements of the printer’s nozzle. These recordings can then be used to reverse engineer whatever object is being printed and re-create it somewhere else. Basically, this poses a huge security risk due to how easily detailed and confidential processes can be deciphered using common, everyday gadgets.
“In many manufacturing plants, people who work on a shift basis don’t get monitored for their smartphones, for example,” Al Faruque said. “If process and product information is stolen during the prototyping phases, companies stand to incur large financial losses. There’s no way to protect these systems from such an attack today, but possibly there will be in the future.”
The results of the team’s discovery will be presented at April’s International Conference on Cyber-Physical Systems in Vienna. They will show how the “hacking” can be as accurate as 90 percent, just by using the sound recording features of an ordinary smartphone.
Breach of Security
3-D printing, also known as additive manufacturing, transforms digital information embedded in source code to an actual object made from layers of material. The source file used in 3-D printing is called G-code, and if equipped with a strong enough encryption algorithm it can be easily protected against cyber theft. However, the challenge is that once the creation process has begun, the printer’s sounds can give away its secrets to anyone with a smartphone and the wherewithal to filch confidential material.
“My group basically stumbled upon this finding last summer as we were doing work to try to understand the relationship between information and energy flows,” Al Faruque explains. “According to the fundamental laws of physics, energy is not consumed; it’s converted from one form to another—electromagnetic to kinetic, for example. Some forms of energy are translated in meaningful and useful ways; others become emissions, which may unintentionally disclose secret information.”
An inevitable byproduct of the 3-D printing process, these sound signals encode a remarkable amount of information about what is being printed and how to do it. It’s not exactly intuitive that such a thing is possible, and originally the team hadn’t considered the security implications of their research.
“Initially, we weren’t interested in the security angle, but we realized we were onto something, and we’re seeing interest from other departments at UCI and from various U.S. government agencies.”
Al Faruque thinks engineers should start to come up with ways to jam the acoustic signals coming from the 3-D printers, perhaps with a white-noise device that can overwhelm and cancel the signals, or maybe using algorithms to distort them. He also said that a very cheap and simple precaution would be to prevent people from carrying smartphones near the areas where 3-D printing takes place.
It’s just another one of those security headaches that seems to be an unavoidable consequence of today’s rapid technological evolution. In exchange for convenience and the wonderful new opportunities this technology affords us, we sacrifice a little of our privacy and peace of mind. And all we can really do is be forever watchful—eternal vigilance really is, as the adage says, the price of freedom.
Meanwhile, here is a video of some of the amazing things that 3-D printers can make—and that can apparently be pilfered by thieves using smartphones.