Securing 3D Printer Firmware Updates with The Update Framework

• Jack Cartwright, Computer Engineering, University of Delaware

• Nektarios Tsoutsos, Electrical and Computer Engineering, University of Delaware

3D printing is becoming an increasingly common form of manufacturing process. It is already very common for at home hobbyist projects and makers, but as the technology is further refined and business models are updated to take advantage of new manufacturing processes, 3D printing will become more and more common in mass production. Safety critical components such as those in health care or aerospace are no exception. This raises security concerns, as now a compromised 3D printer may create malicious product failures that could lead to injury. An important part of maintaining the security of any system is the ability to update it in order to fix any problems that may arise. Security considerations must be given to the update logic itself, too, otherwise a system can be trivially compromised with a malicious update. Generally, cryptographic signatures are used to verify updates and reject updates that aren’t verified by a trusted party. Even still, a simple signature scheme is still vulnerable to many forms of attack, such as rollback attacks, and isn’t resistant to key compromise.

The Update Framework (TUF) is a specification that provides a much more robust signing scheme. TUF is very flexible and imposes minimal restrictions on how it can be implemented, while retaining security from a wide range of attacks. Existing, widely available implementations of the TUF are, however, written in high level languages such as Python not suited to running in a constrained environment such as on a 3D printer. Our solution is to implement TUF into the open source Marlin 3D printer firmware to allow for securing 3D printer updates with TUF.