Securing 3D Printing
With 3D printing an engine for distributed manufacturing and localized supply chains, new security techniques are emerging to ensure part authenticity and manufacturing resiliency.
January 11, 2023
After years of fits and starts, companies are finally getting serious about production-grade additive manufacturing (AM), especially as many rethink sourcing strategies in light of crippling supply chain challenges. With more reliance on AM, the authenticity and verification of 3D printed parts and build processes is rising to the fore, underscoring the need for new technologies that safeguard intellectual property and bring resiliency to digital manufacturing.
AM is gaining momentum across industries and technologies. The medical sector has been steadily expanding use of AM for production-grade surgical planning guides, implants and prosthetics with market analyst firms such as Gartner anticipating that in 2023, a quarter of medical devices produced in developed markets will take advantage of some form of 3D printing.
Jabil’s 3D Printing Technology Trends 2021 report confirms a similar trend across various industries. While prototyping use cases remained flat, the use of 3D printing for end-use parts is on a growth trajectory, with more than half (55%) of respondents confirming they use at least a quarter of their 3D printing capabilities to produce functional or end-use parts, significantly higher than in 2019.
Metal 3D printing is another hot spot: Gartner says 3D printed metals and alloys are already an essential supply chain tool for producing replacement parts in commercial, military and even some consumer markets.
The uptick in production-grade AM use has to do with companies shifting to more distributed and localized manufacturing models as a way to build more resiliency into their sourcing and production strategies. Supply chain disruptions during and post-pandemic caused serious parts shortages and logistics challenges. This forced companies to seek out alternative strategies to keep production moving and avoid the possibility of missed sales.
“Companies are now starting to get onboard with AM for distributed supply chains to minimize downtime, to be able to easily pivot from one supplier to another, and to save time and money in making parts more locally,” says Greg Hayes, senior vice president of applied technology at EOS, an AM system provider.
Yet Hayes suggests in setting up these distributed supply chains, companies are asking questions in two categories: How can we qualify the machine and part to ensure whoever is building the part is doing so in a qualified manner and how do we ensure security in a distributed ecosystem to make sure parts files are transported correctly?
“More so than with traditional manufacturing, AM designs have a lot more IP given parts consolidation or design features that make it printable or cost worthy. As companies scale distributed manufacturing using partners, it makes for a scenario where they need to consider security threats as well as data protection.” says Vishal Singh, senior director of CO-AM, Materialise’s open, cloud-based platform for managing the end-to-end AM production process.
Qualifying Part Performance
Given that many of EOS’ customers are in highly regulated industries such as medical device and aerospace, qualification—demonstrating that a given AM process is capable of meeting highly specific company and industry regulatory requirements and doing so on a repeatable and consistent basis—is a big deal.
The EOS Additive Minds consulting arm works with customers to verify any production process built on EOS systems is controlled and delivers consistent results by conducting a capability assessment and setting up risk management. As part of the operational qualification process, the EOS team provides rigorous testing to ensure process repeatability. For example, such a verification exercise could identify a defect that could alter mechanical properties and suggest preventive work instructions to detect and avoid any subsequent deviations.
The performance qualification part of the process is about establishing whether the equipment and process controls are adequate to ensure product specifications are met and to verify that all the connected process steps deliver the required specifications for the final part. With manufacturers increasingly reliant on third-party service bureaus to localize production, it’s imperative that guardrails are in place to ensure AM processes function as intended and that parts produced are qualified, reliable and tamper-free.
“Qualification and certification ensures that whomever you’re tasking to make the part is actually making the part in a way that’s qualified with certified machines you instructed and is not cutting costs,” Hayes says.
The ability to transfer an AM build package—all critical data related to a part’s design, materials and 3D printing process parameters—securely is the other key piece of the puzzle, especially in a distributed manufacturing scenario.
To that end, EOS partnered with Identify3D, now owned by Materialise, to integrate its secure and standardized communication platform with EOS 3D printers through use of EOS software development kits such as EOSPRINT and EOSCONNECT.
Identify3D creates an encrypted container with all the data consumed by an EOS printer for production, including instructions on specific machine parameters, machine type, operators and allowed number of production parts. The package, designed to protect the integrity of data as it moves throughout the digital manufacturing process, is sent via an authorized path and is unencrypted for AM production following the rules that were defined.
The IdentifyID solution delivers protection of intellectual property, but it also ensures manufacturing repeatability and traceability, from the early design stage through the finished product.
“Our software works with every node on the system to make sure requirements are met, that people who need access to the files have access, and that there’s a certified printer ready to print,” says Joe Inkenbrandt, founder and CEO of Identify3D and vice president of business development at Materialise. “We ensure that the component is transferred in a 3D file with instructions on how to make it with a 3D printer and to prevent the file from ending up in someone’s hands you don’t want it to. People think about security as keeping the bad guys away, but it’s also about keeping everyone honest in the process.”
Data and file protection is as foundational to the AM value chain as it is with any digital ecosystem. This industry need drove Materialise to acquire IdentifyID and integrate the technology into its CO-AM digital manufacturing platform. CO-AM, buttressed by IdentifyID, not only safeguards CAD and STL file design data, it also ensures security and integrity of the entire process recipe, including such parameters as the layer thickness of the powder or the amount of energy required to achieve the desired qualities during post-processing, Singh says.
“Now that you’re not just managing the internal factory floor, but dispatching a technical data package to a third-party provider, you want to make sure that package is delivered without tampering and has data integrity,” he says. “Identify3D transfers that data package securely with controls that ensure the process recipes are honored by the 3D printer.”
Next-Generation 3D Printing Security Innovations
Beyond the current crop of AM qualification and validation capabilities, an array of cutting-edge security technologies are being explored in academia, startups and a variety of research labs. PrintParts is now in beta test with SmartParts, a solution that embeds data-rich particles into the materials of 3D parts, which, when scanned, reveal the material and part’s full specifications and history.
Scans can be made through a part’s lifetime to authenticate and retrieve any pertinent historical data, including part supplier, the part’s manufacturing lot as well as the specific material it was made from, which ensures traceability and confirming part authenticity. In addition, each unique ID, along with the corresponding digital manufacturing data, are stored in the SmartParts cloud platform, which can be integrated with manufacturing execution systems and enterprise resource planning systems.
Researchers at New York University (NYU) Tandon School of Engineering and NYU Abu Dhabi also have to address counterfeiting and intellectual property theft of 3D-printed objects given the rise of counterfeit parts production and the availability of reverse engineering tools. Their process embeds tracking codes inside of 3D-printed parts for product authentication, using an imaging method like micro computed tomography to retrieve the information. The researchers said their process was best suited for sophisticated, high-risk use cases in areas such as biomedical and aerospace where the quality of even the smallest part matters.
NYU researchers devised a way to “explode” a quick response (QR) code, bar code or other passive tags within a CAD file so it can be hidden without compromising part integrity or revealing itself to counterfeiters. By converting a relatively simple two-dimensional tag into a complex 3D feature comprised of hundreds of tiny elements dispersed within the printed component, they established a “false face”—a process that shields the correct QR code from anyone not knowing where to look, the researchers explain. Dispersing the tiny flaws over many layers of the 3D-printed object keeps part strength intact, they add.
Using 3D-printed tags for security and parts provenance is also an area Massachusetts Institute of Technology’s (MIT) Computer Science & Artificial Intelligence Laboratory (CSAIL) is exploring. As 3D printing becomes more pervasive in manufacturing, organizations are grappling with a variety of issues, including how to track and identify parts as they move through the production process to monitor quality issues, confirm authenticity of parts using meta data and trace an object back to a particular printer to address compliance concerns, explains Mustafa Doga Dogan, a fourth-year Ph.D. student in MIT’s Department of Electrical Engineering and Computer Science.
Dogan and his MIT research colleagues came up with InfraredTags, essentially invisible machine-readable labels that can be embedded in objects using 3D printers and then tapped to identify and track objects. The tags are more durable than standard barcodes, which can be removed or become unreadable, the researchers say. The objects are printed with an infrared-transmitting filament, which infrared cameras can see through, and there are air gaps inside to house the tag’s bits, which appear at different intensity in the infrared image, Dogan explains.
As part of the initiative, Dogan’s team built a user interface that enables common tags like QR codes to be integrated with the object geometry as the basis of InfraredTags along with a low-cost imaging module that augments mobile devices and decodes tags using the research team’s image processing pipeline.
Dogan also discussed the possibilities of embedding metadata about objects into the InfraredTags to provide richer contextualization and allow for information sharing. Users could access a tag to get more information from the creator or to 3D print it themselves. The capability also holds promise for embedding other types of metadata in an object to prove authenticity, including date of fabrication, materials used to make the object as well as critical information surrounding weight or size.
“A lot of industries could benefit from use of these tags, especially transportation, packaging, shipping and retail,” Dogan says. “They can be used to help avoid counterfeiting.”
In another research initiative, Dogan and his colleagues created G-ID, a method that uses the subtle patterns left by the 3D printing process to distinguish and identify objects that might seem similar to the human eye.
“This has value if you’re 3D printing 10,000 copies of an object and you want to uniquely identify each copy for authenticity and security purposes,” Dogan says.
As companies push forward with distributed manufacturing and AM production plans, they need to keep security issues front and center. It starts by defining what the major security threats are to the new business models and AM processes and doing a formal threat analysis. It’s important to address 3D printing security at a holistic level and tailor solutions appropriately.
“You have to be thinking ahead about [3D printing security] as an insurance policy to protect the business,” says Materialise’s Singh. “Make sure each step of the end-to-end value chain is protected, and don’t take this as a secondary thought process. Security needs to be top of mind as a primary need.”
Beth Stackpole is a contributing editor to DE. You can reach her at firstname.lastname@example.org.
More EOS Coverage
More Materialise Coverage
About the Author
Beth Stackpole is a contributing editor to Digital Engineering. Send e-mail about this article to DE-Editors@digitaleng.news.Follow DE