Yargh! Piracy and Intellectual Property in the 3D-Printing Era

Counterfeit handbags and toys were just the beginning. Now hackers want to forge 3D-printed products. Can they be stopped?

Michael Petch | Redshift

Pullquote share icon. Share

Cybersecurity is a cat-and-mouse game.

Counterfeiting is the world’s second-oldest profession.

An estimated $220 million of U.S. currency is counterfeit. By comparison, according to the OECD, about 2.5 percent of goods, or $461 billion, are fake.

When it comes to counterfeiting, the usual items come to mind: handbags, clothing, toys, and money.

Indeed, the ease of counterfeiting currency with 2D inkjet printing led one Secret Service agent to lament forgery as a “lost art.”

But now that 3D printing is increasingly used to produce goods ranging from airplane parts to fine art, a whole new market is ripe for fakery.

Fortunately for 3D printing and intellectual-property rights, a few companies and scholars are already on the case.  handbags-2

“Counterfeiting is a much smarter market to be in than, say, cocaine or heroin because, by and large, you and I aren’t going to buy cocaine and heroin,” says Sharon Flank, CEO of InfraTrac, a company dedicated to the battle against fraudulent 3D-printed products.

Flank took up the forgery fight when it became clear that traditional protective measures—such as holograms or laser etching — were losing their luster against the arsenal of the modern faker, who is increasingly adept at replicating such protections.

“Overt measures, the things you see, are very reassuring to the customer and in general utterly ineffective,” she says.

UPS's partner Fast Radius will open a 3D printing factory in a UPS facility in Singapore by the end of this year, expanding the UPS on-demand 3D printing network to Asia and enabling customers to increase their supply chain efficiency with additive manufacturing. Click here to read more.

UPS’s partner Fast Radius will open a 3D printing factory in a UPS facility in Singapore by the end of 2016, expanding the UPS on-demand 3D printing network to Asia. Click image above to read more.

By contrast, Flank’s anti-piracy system uses full-spectrum spectroscopy to scan for a chemical fingerprint using light.

A pocket spectrometer bounces light through the object, detecting the fingerprint and checking it against the manufacturer’s database.

“Think about 3D printing as a sandwich, with bread in layers,” Flank says. “We sneak a little bit of jelly in under the last piece of bread.”

This extra “jelly” doesn’t cover the entire layer, just a little spot. And it’s hidden below the surface during the standard 3D fabrication process.

For a 3D printer using two materials — for example, ABS and PLA filaments or inks — the jelly might involve using PLA in a region where only ABS is common.

InfraTrac’s method requires the manufacturer to use more than one material to create a fingerprint that is embedded within the digital design file.

The fingerprint is stored in a database, and the object can then be scanned and validated at any point further down the supply chain.

[Also on Longitudes: The Challenge of Transformation]

Securing the digital supply chain

Consumer products are one thing, but what about 3D-printed parts for wind turbines, industrial robots or cars?

As additive manufacturing becomes more prevalent in the manufacturing industry, part legitimacy is a real concern. treasure-2

For example, imagine a future when automakers have digitized their entire parts catalogs.

Instead of ordering hard-to-find parts, any garage (with the proper advanced manufacturing technology) could print and fit that same part while the customer waits.

This sounds appealing in terms of saving time for consumers, but without adequate fraud protection, automakers have little incentive to make such a digital library available.

The aftermarket for auto parts is already sizable at $318.2 billion, and attempts by the automotive industry to prevent off-brand replication have failed.

Here, a system like InfraTrac’s could be the needed foil for counterfeiters. Engines are already highly dependent upon computers for operation.

So as costs fall and technology continues to shrink in size, a version of InfraTrac’s technology incorporated into a car’s operating system might verify legitimately purchased and locally printed digital files.

At present, InfraTrac is working with customers in the aerospace, automotive, medical, and defense industries.

Counterfeiting not for profit

3D printing may be at the core of the next industrial revolution (aka Industry 4.0), but susceptibility to hacking is one distinct barrier to the technology reaching full industrialization.

Manufacturers must be able to trace parts, such as the critical components for aircraft or medical devices, and prevent the use of counterfeit parts — but they must also be impervious to cyberattacks on design and process integrity.

Several weak points, or attack vectors, should be considered to ensure resiliency. wheel-2

For example, industrial control systems (ICS) monitor and control industrial processing.

Within Industry 4.0, 3D printers are increasingly likely to be connected to this network, and hacking these systems is way easier than it should be.

In his recent talk, industrial cybersecurity professional Brad Hegrat describes it this way: “It’s like picking on the small kid at kindergarten.

It’s real easy to do, but if you’ve got a soul, you’ll probably feel bad about it afterwards.”

Materials scientist and New York University Engineering professor Nikhil Gupta, working with NYU’s cybersecurity group, has ideas to shore up these systems.

“We’re looking at what can go wrong,” he says. “Malicious and deliberate modification of the print orientation or the introduction of defects are two possible attacks which may have devastating impact.”

The severity of those impacts, of course, depends on where the parts would be used (in an aircraft engine, for example).

Manufacturers currently use nondestructive testing (NDT) — including ultrasonic testing and CT scans — of critical components to identify such flaws before their impact reaches any magnitude.

“But small defects may be introduced into the part which cannot be detected by typical NDT inspection,” Gupta warns.

Gupta proposes improvements beyond monitoring the build process to determine unauthorized tampering. cat-and-mouse-2

This would mean having control of both the design file and printing parameters, as changes in settings like power or temperature can result in flawed components.

“Cybersecurity is a cat-and-mouse game,” says Gupta, who suggests that the manufacturing industry look to the financial-services world for lessons on how to improve resilience.

In a worst-case scenario, systems should assume the network is already breached and build in authentication between core components — for example, between the material and printer, or the design file and finished item.

[Also on Longitudes: Running on Data]

Made to be broken

Whether hardware or software, black hat or white hat, hacking comes down to pushing the boundaries of what a particular thing is supposed to do.

This mind-set occasionally overlaps with an active sector of the 3D-printing community, which naturally includes hackers.

And this highlights an important issue: Hackers see any method of protecting something as a challenge.

When it comes to cracks, the race to break software copy protection on the first day of release receives the 0-day moniker.

This is a badge of pride in the warez, or unauthorized release (read: piracy), community.

But InfraTrac may just be the technology to stop 3D-printing hacker pirates.

“The near-infinite number of choices of taggants,” Flank says, coupled with the complexity of peanut-butter-and-jelly combos, means that fakery is a nigh on impossible feat.

3D printing may not be an integral part of most people’s lives — or most manufacturing processes, for that matter—yet.

But given the pace of progress and the noted ability of some to use technology maliciously, one threat may trump all others: complacency.

“If we ignore it, will it go away?” Flank says, is an all-too-common sentiment in any industry. But ignorance in this case could mean inadvertent counterfeit bliss. goldbrown2

*Images courtesy of Redshift

This article originally appeared on Autodesk’s Redshift, a site dedicated to inspiring designers and creators.


Every morning, wake up to the blog that gives you the latest trends shaping tomorrow.

Sepia Tone Filter: https://www.tuxpi.com/photo-effects/sepia-tone
Michael Petch is the author of several books on 3D-printing technology and a regular speaker at international conferences.

Click the RSS icon to subscribe to future articles by this author. RSS Feed


  1. outdoor wireless security camera review

    Once a site application continues to be authentically certified, it needs to be displayed where it is usually seen.
    Tests using scanners are helpful, but people-driven testing tools tend to be
    more effective for preventing sabotage, malicious attacks,
    siphoning along with threats. Speeds usually are not up for the claimed 500MBps and therefore are normally
    much better 100MB or less.

    m habitually too slothful to alter the wallpapers inside cellphones subsequently using the time that I.
    Security holes are typical in nearly every wireless network, so regular exams are essential when you
    have confidential business or information that is personal being carried over your network.

  2. Mike G.

    Proof of valid component is important to make sure the owners are being duly compensated for their products, but would it get to the point where the product fails to function without a valid part (i.e. Laser Printers and Ink Cartridges)? What happens if the verification fingerprint is required to be changed every cycle or your engine won’t start, for example? What would the costs be?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s