“The future of Air Force logistics will find Airmen tapping into a secure digital network of archived additive manufacturing specifications, allowing for the 3D-printed creation of a weapons system component whenever and wherever needed.” General Pawlikowski, AFMC Commander, AFA Conference Sept 2017.
Blockchain is a distributed ledger that provides a way for information to be recorded and shared within a network or organization. The information could represent transactions, contracts, assets, identities, or anything else that can be described in digital form. Entries are permanent, transparent, and searchable, which makes it possible for a network to view transaction histories in their entirety. Each update constitutes a new “block” added to the end of the “chain.” A protocol manages how new edits or entries are initiated, validated, recorded, and distributed. With the ever-increasing need for authenticity and security, blockchain may provide the backbone enabling Additive Manufacturing (AM) of the future.
Guardtime Federal’s Keyless Signature Infrastructure (KSI) is a unique, permission-based participation, and independently verifiable calendar hash Blockchain to prove data integrity in perpetuity. Data records can only be added to the calendar hash Blockchain, never removed. Each new record is cryptographically linked to all previous records through the progression of the calendar hash Blockchain. Since records are cryptographically linked and nonreversible, it is impossible for one party to manipulate previous records without breaking the overall consistency of the database. Data participates in the calendar hash Blockchain through an adaptive and distributed architecture for a reliable, resilient system that produces an immutably timestamped Keyless Signature of the data item. Data is independently verifiable at the point of consumption through the widely-witnessed/distributed calendar hash Blockchain. This makes Keyless Signatures ideal for the recording of events, medical records, AM part provenance, transaction processing (smart contracts), and proving data provenance.
There is growing anxiety about supply chain management for defense systems, which increasingly use commercial-off-the-shelf components for warfighter systems. The concern is that these components may contain deliberate vulnerabilities that could be exploited by an adversary at the time of his choosing. This threat was sensationalized in the novel Ghost Fleet, in which China disabled the entire fleet of F-35 aircraft using an intentionally embedded flaw in a commodity circuit card. Thus, this issue is one of provenance, or the ability to establish the origin and traceable ownership of an asset. Keyless Signatures offer a solution that could establish the provenance of every circuit board, processor, and software component from “cradle to cockpit.” The card design firm could use Keyless Signatures to log every design iteration of a circuit. Manufacturers could log the model and serial number of every card it produced. Finally, distributors could log the sale of batches of circuits to system integrators, who could log the allocation of circuits to specific aircraft assemblies, and so on. In this context, Keyless Signatures create a permanent record for the transfer of assets between owners, thereby establishing provenance. Such a system also has clear benefits for both DoD and industry beyond a system’s production phase. Many weapon systems are designed with service lives of 30 years or more. As a result, replacing obsolete parts becomes more difficult with time. In addition to helping DoD to support legacy systems, resellers would have an economic incentive to track specifically identified COTS components with Keyless Signatures to maintain their provenance, which in turn increases their value.
From the creation of the additive manufacturing (AM) design to final production on the shop floor, AM files can be easily transmitted with the click of a mouse. The digital nature of AM means that parts and products are easier to share and transmit, enabling the creation of digital supply networks and supply chains. Additionally, it creates the opportunity to make AM part development fully documentable and attributable. In the absence of a strong data- protection framework, a digital design-and-manufacture process creates the potential for tampering or data theft.
As the digital thread extends connectivity deep into manufacturing supply chains, cybersecurity must be an integral part of any successful manufacturing roadmap. Seamless movement of design and manufacturing data across networks presents both a great opportunity and new risks. AM is one area which it can be especially vulnerable with AM’s reliance on digital workflows, connectivity, and the impact on multiple parties through the supply chain. AM represents the intersection of the digital and physical world, and organizations looking to apply AM must protect their digital assets. Cyber risks extend to both the physical and logical objects associated with the entire AM process.
To fully realize the benefits of AM within a defined distribution network, secure data transport should be addressed. Secure transport with controlled access is necessary, but not sufficient. These areas that need to be addressed are authorization, authentication, traceability, and tracking. Cyber plans that do not take these elements into account should be thought of as incomplete.
The digital thread emphasizes connectivity inherent in fully realized AM processes, and thus the unique cyber risks the process faces beyond those of conventional manufacturing. Cyber risks can affect AM-enabled production and machine functionality in a variety of ways.
Creating a KSI based transaction system can provide per part provenance and traceability across a distributed network. KSI permits each transaction of record to be recorded in a shared, distributed ledger where authorized parties can query transactions for authorization and traceability of provenance back to source requirements. All traceability is established on a per-part basis as parts flow through the digital and physical distribution network. A taggant marks the part, allowing the physical item to be queried via smartphone to establish full traceability of a part. Provenance of the part can carry forward into service through the end of life, providing additional opportunities to reduce life-cycle costs in a variety of areas. Keyless Signatures for AM has the potential to serve as a backbone and security layer for AM. This process establishes data integrity, process integrity, and performance integrity thus creating “trust” through the immutable Keyless Signatures for distributed communities.