A report suggests there may be cybersecurity risks present in the current 3D printing workflows that could result in bad things happening.
Researchers examined the typical workflows of 3D printing in manufacturing and found opportunities for security infiltration. This is largely the result of the work chain being composed of multiple parties, multiple locations, unsecured data transfer, and lack of complete data protocols.
Let’s think about how this could work: a 3D part design is created at a manufacturer’s research center. This design is then sent to an external 3D print service provider using the current date protocols, which specify the geometry, but not much else. The service provider then prints the object in the orientation best for them (to optimize their service efficiency) but not necessarily to optimize the strength of the part, which could be the goal of the customer.
While that example demonstrates process goal conflict, it is the result of incomplete protocols between the parties: the designer should be able to specify the orientation, among other factors. Because of this, it is theoretically possible for a third party to change the print’s orientation or other parameters and thus its resulting strength. This might mean a sub-standard part is used in a critical mechanical process.
Yes, this all sounds pretty unlikely, but that’s what security is all about these days. The bad guys look for those rare opportunities to take control and it becomes an “exploit” to be used in the future when required. When it will be engaged, no one knows, nor the purpose, until it's too late.
This situation suggests the need for additional, secure protocols between parties involved in 3D printing. I believe these will eventually happen, not so much for security, but for efficiency and consistency. As for now, the protocols are still very substandard, starting with the widespread but ultimately awful STL 3D model format.