Charles Goulding underlines the critical importance of cybersecurity when 3D printing is used for military applications.
With the recent hacks into our infrastructure cyber systems, and the hefty ransom paid to the nefarious hackers, cybersecurity has come to the forefront of the political debate.
The 3D printing and additive manufacturing industries are not excluded from this imminent and very real threat.
In fact, a report released by the Inspector General for the Department of Defense on July 7, 2021, indicated that there are additive manufacturing (AM) vulnerabilities that expose the DoD Information Network to unnecessary cybersecurity risks. In a new report published by the Defense Department, the cyber weaknesses compromise AM design data that could enable adversaries to re-create and use DoD technology to the advantage of the adversary. This includes on the battlefield itself.
In addition, if hackers accessed and changed DoD AM design data, the alterations could affect the strength and utility of U.S. DoD 3D printed products. This could lead to irreparable damage and insufferable human casualties. With the DoD being one of the largest consumers of 3D printing technologies, cybersecurity should be high on the list of priorities.
But this is not the first we are seeing or hearing of military cybersecurity practices and additive manufacturing and it won’t be the last.
The Defense Industry
In 2016, the DoD Office of Small Business Programs released a notice on Cybersecurity that highlights the concerns.
There are two types of information systems that process or store DoD’s unclassified information:
- Contractor’s Internal Information System: An information system that is owned, or operated by or for, a contractor.
- DoD Information System, to include:
- DoD-owned and/or operated Information System: An information system owned or operated by the DoD or by another government organization on behalf of the DoD.
- Contractor System operated on behalf of DoD: The term “on behalf of” as used here means when a contractor builds an information system for the DoD or operates an information system for the DoD, e.g., an email provider or payroll system, or provides processing services for DoD. e.g., cloud-service providers.
The protections required to protect government information are dependent on the information that is being protected and the kind of system on which the information is processed or stored.
Defense Federal Acquisition Regulation Supplement (DFARS) Clause 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting, was published as a final rule October 21, 2016.
Audit findings include inconsistent securing or managing of AM systems to prevent unauthorized changes, as well as lax controls ensuring the integrity of the design data. In addition, the AM systems were erroneously categorized as stand-alone systems that did not require an authority to operate. As a result, AM systems were left vulnerable to unnecessary cybersecurity risks. The IG recommended that the DoD establish and maintain AM cybersecurity controls in accordance with DoD and Federal guidance.
The U.S. Military has been extensively using 3D printing and additive manufacturing. In fact, the Navy has been utilizing 3D printing for some time now. We have written about the Navy in previous Fabbaloo articles and have demonstrated that 3D printing and additive manufacturing technologies are becoming more prevalent there. Not only is 3D printing useful, but it is also patriotic as well. The Army has been utilizing 3D printing for its resources and missions. In light of these recent developments, ExOne was awarded a $1.6 million DoD contract for portable 3D printing.
Whether it be a supplier of key defense components or a manufacturer of armored vehicles, cybersecurity should be on the mind of every defense contractor, especially when utilizing AM practices and related software.
The Research & Development Tax Credit
The now permanent Research and Development (R&D) Tax Credit is available for companies developing new or improved products, processes and/or software. As of 2016, eligible startup businesses can use the R&D Tax Credit against $250,000 per year in payroll taxes.
3D printing can help boost a company’s R&D Tax Credits. Wages for technical employees creating, testing and revising 3D printed prototypes can be included as a percentage of eligible time spent for the R&D Tax Credit. Similarly, when used as a method of improving a process, time spent integrating 3D printing hardware and software counts as an eligible activity. Lastly, when used for modeling and preproduction, the costs of filaments consumed during the development process may also be recovered.
Whether it is used for creating and testing prototypes or for final production, 3D printing is a great indicator that R&D Credit eligible activities are taking place. Companies implementing this technology at any point should consider taking advantage of R&D Tax Credits.
Ages ago, we relied on forts and muskets to keep us secure. Today, we must remain cyber secure. And for that, we must rely on cybersecurity protocols and guidelines to help us establish standards that will keep our defense industry and contractors safe from enemy hackers. Each defense contractor can take note of and learn from this recent development. As long as the threat is imminent, we should remain vigilant.