ASME CIE Cybersecurity in Manufacturing Webinar # 2

Official ASME Group

Computers & Information In Engineering

Computers and Information in Engineering Division (CIE) is a forum for understanding the application of emerging technologies that impact critical engineering issues of representation, product design...
See More
Edit Post Mode
Cancel

Enter the date that this post should be published.

Are you sure?

Are you sure you want to delete this file? This action is irreversible.

  • ASME CIE Cybersecurity in Manufacturing Webinar # 2

    ASME CIE Cybersecurity in Manufacturing Webinar # 2

    Friday, December 18th at 11:00am EST

     

    We are pleased to invite you to the second ASME CIE division’s Cybersecurity in Manufacturing Webinar. Joshua Lubell from National Institute of Standards and Technology (NIST) will present on “Protecting Additive Manufacturing Information when Encryption is Futile: A Case Study Employing NIST Cyber Risk Management Guidance”. The abstract and speaker bio are included below.

     

    The meeting details are as follows:

    Zoom meeting Link: https://purdue-edu.zoom.us/j/98273374626?pwd=T0VmSDAxMUR3L296YlR2MDg4ekp2UT09

    Meeting ID: 982 7337 4626

    Passcode: 618276

     

    Best regards,

    Jitesh Panchal, Chair, ASME Computers and Information in Engineering (CIE) Division

    Yan Wang, Awards Chair, ASME Computers and Information in Engineering (CIE) Division

     

     

    Protecting Additive Manufacturing Information when Encryption is Futile: A Case Study Employing NIST Cyber Risk Management Guidance

     

    Abstract: Recent research shows how a side-channel attack on a Fused Deposition Modeling (FDM) 3D printer can bypass encryption-based defenses to obtain proprietary design information. This result has critical implications for manufacturing supply chains. Three widely used and complementary cyber risk management specifications from NIST can help point the way for manufacturers in protecting against such attacks - when the usual defenses are inadequate. These specifications are the "Framework for Improving Critical Infrastructure Cybersecurity" (commonly known as the Cybersecurity Framework), "Security and Privacy Controls for Information Systems and Organizations" (Special Publication (SP) 800-53), and "Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations" (SP 800-171). This talk provides an overview of the three specifications, discussing what each provides. Following the overview, I then show how a manufacturer can use the specifications together to determine the appropriate security measures to implement for protection against the side-channel attack scenario.

     

    Bio: Joshua Lubell is a computer scientist whose work focuses on smart manufacturing systems cybersecurity.  His technical interests include markup languages and information modeling. His Baseline Tailor software tool for security control selection won an award from Government Computer News.  He is also a past winner of the Department of Commerce Silver Medal for his leadership in developing ISO 10303-203, a standard for representation and exchange of computer-aided designs.  Other past awards include the NIST Bronze Medal for creating data models to support the life cycle of engineered equipment, and the PDES, Inc. Bryan K. Martin Technical Excellence Award for contributions to the ISO 10303 modular architecture and implementation methods.

Please log in to comment

Comments (0)

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Your avatar