IEEE Access (Jan 2019)
Hardware Rooted Trust for Additive Manufacturing
Abstract
Additive manufacturing systems have unique security requirements. In addition to traditional system integrity, additive systems need additional guarantees of part authenticity and confidentiality. When a part comes out of additive manufacture, it must be the exact desired part, without substitution or tampering. In addition, the associated files must be strongly protected from disclosure. The use of hardware roots of trust like a trusted platform module (TPM) to protect authentication and encryption keys can guarantee that the necessary authentication and encryption cannot be subverted by remote software attack. For example, if the additive machine is hardened with a TPM, the TPM can provide an encryption key pair where the private key never leaves the hardware. If the part file is encrypted under the corresponding public key, then it can only be decrypted on the authorized printer, and only if that printer's software has not been compromised. Similarly, a part file can be signed by a private key in the TPM, and when validated by the corresponding public key, the authenticity is assured by hardware. This paper provides the first worked examples of how such hardware rooted protections can be integrated into existing additive manufacturing flows to dramatically strengthen protection of the authenticity, confidentiality, and availability of additive manufacturing files.
Keywords
