U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

PUBLICATIONS

Implementing the Risk Management Framework for Additive Manufacturing Security: A Model-based Approach

Published

Author(s)

Duncan Gibbons, Joshua Lubell, Paul Witherell

Abstract

Metal additive manufacturing machines are complex and inherently digital and often cyber-physical systems. As the adoption of this manufacturing technology increases and it becomes increasingly industrialized, concerns about security are evermore prevalent. Both cyber and non-cyber related attacks on critical infrastructure such as additive manufacturing production systems are causes for concern for industry and government. Both the public and private sectors need to focus on securing their information systems to reduce the risk of security attacks and their adverse effects. This research aims to apply the National Institute of Standards and Technology's Risk Management Framework to the metal additive manufacturing production scenario. The Risk Management Framework defines a rigorous, yet flexible and repeatable, process for managing security risk. A model-based assessment approach is proposed to leverage the digital nature of this manufacturing technology. A case study is performed to demonstrate this approach for a commercial laser powder bed fusion machine in its operating environment. This case study focuses on the technological security risks. This study demonstrates how a model-based approach maximizes the benefits of the Risk Management Framework by improving information and decision traceability for addressing metal additive manufacturing security risks.
Proceedings Title
Proceedings of the ASME 2024 International Design Engineering Technical Conferences and Computers and Information in Engineering Conference
Conference Dates
August 25-28, 2024
Conference Location
Washington, DC, US
Conference Title
ASME 2024 International Design Engineering Technical Conferences and Computers and Information in Engineering Conference
Pub Type
Conferences

Download Paper

Local Download

Keywords

Additive Manufacturing, Information Security, Risk Management
Systems integration, Risk management and Additive manufacturing

Citation

Gibbons, D. , Lubell, J. and Witherell, P. (2024), Implementing the Risk Management Framework for Additive Manufacturing Security: A Model-based Approach, Proceedings of the ASME 2024 International Design Engineering Technical Conferences and Computers and Information in Engineering Conference, Washington, DC, US, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=957817 (Accessed November 21, 2024)

Issues

If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.

Created October 25, 2024