{"title":"Myths and Misconceptions in Additive Manufacturing Security: Deficiencies of the CIA Triad","authors":"M. Yampolskiy, J. Gatlin, M. Yung","doi":"10.1145/3462223.3485618","DOIUrl":null,"url":null,"abstract":"It is natural, as the demand for Additive Manufacturing (AM) Security grows, to adopt established approaches from other security research areas. However, such \"imports,'' if not done carefully, can be misleading, and sometimes even counterproductive, and thus may negatively affect actual security of AM. We argue that this is the case for the CIA triad (Confidentiality, Integrity, Availability), a fundamental model of data security. To this end, we present arguments showing that the CIA triad cannot substitute concrete threat categories already established in AM. AM is an area which is not \"pure data,\" but rather an area involving software, data files, and transforming data into physical artifacts, where established threats in this ecosystem include: Technical Data Theft, Sabotage, and Illegal Part Manufacturing.","PeriodicalId":113006,"journal":{"name":"Proceedings of the 2021 Workshop on Additive Manufacturing (3D Printing) Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-11-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2021 Workshop on Additive Manufacturing (3D Printing) Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3462223.3485618","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 5
Abstract
It is natural, as the demand for Additive Manufacturing (AM) Security grows, to adopt established approaches from other security research areas. However, such "imports,'' if not done carefully, can be misleading, and sometimes even counterproductive, and thus may negatively affect actual security of AM. We argue that this is the case for the CIA triad (Confidentiality, Integrity, Availability), a fundamental model of data security. To this end, we present arguments showing that the CIA triad cannot substitute concrete threat categories already established in AM. AM is an area which is not "pure data," but rather an area involving software, data files, and transforming data into physical artifacts, where established threats in this ecosystem include: Technical Data Theft, Sabotage, and Illegal Part Manufacturing.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
