Security in 3D Printing: Key Factors to Consider

User Profile Image

Arjen Dirks

January 28, 2025

3D printing is an integral part of the industrial manufacturing and the product development landscape. Safeguarding sensitive design files, ensuring compliance with data privacy laws, and maintaining the integrity of production systems, are all critical aspects that need to be taken into consideration.

Recent security incidents, including data breaches and IP theft, have highlighted vulnerabilities within the industry. UltiMaker is committed to tackling these challenges by offering an end-to-end ecosystem designed with security in mind, while allowing customers the freedom to integrate with their own solutions.

We will focus on 3 main aspects: software, hardware, and the UltiMaker ecosystem. But first, we need to cover the main security risks of 3D printing:

Security risks:

  • Loss of confidential information such as print files and personal data stored in UltiMaker’s systems.
  • Business process interruption if UltiMaker printers can no longer operate.
  • Compromised devices or applications can act as stepping stones into customer systems and infrastructure.
  • Reduction of print quality which could affect customer processes that rely on parts printed via UltiMaker systems.
  • Unauthorized usage of customer data, products and services.

Software Security: A Critical Foundation

In the world of professional 3D printing, where proprietary designs and sensitive workflows are at stake, robust software security is essential.

UltiMaker aligns its security practices with globally recognized standards and regulations, including ISO/IEC 27001 for Information Security Management, ISA/IEC 62443-4-2 for industrial cybersecurity, and the General Data Protection Regulation (GDPR) to ensure that customer data is processed transparently, securely, and without third-party interference.

Furthermore, all S series and Factor 4 printers are manufactured in Europe, adhering to strict EU manufacturing and data handling standards. By anchoring its operations in the EU, UltiMaker provides customers with a secure environment for sensitive data and production workflows.

Secure by Design

  • Principle of Least Privilege (PoLP): Applied across UltiMaker Digital Factory and Cura Enterprise, PoLP restricts access based on roles (admin, member, and guest), ensuring only authorized users can perform sensitive operations.
  • Third-Party Security Assessments: UltiMaker has conducted independent audits to identify vulnerabilities and prioritize fixes for medium and high-risk issues.
  • No Network Security Dependency: UltiMaker printers are designed with support for offline use.
    • Note: While there are no limitations for users running printers while not connected to the internet, users would greatly benefit from the features that come with Digital Factory.
  • Digital Factory Integration: Connecting printers to UltiMaker Digital Factory enhances security by enabling firewalls and authentication. Unauthorized users on local networks are effectively blocked.

Encryption and Data Integrity

  • TLS 1.3 Encryption: Data transmitted between UltiMaker Cura, printers, and Digital Factory is encrypted to protect against interception.
  • Integrity Checks: Firmware updates undergo rigorous integrity verification, preventing unauthorized alterations.

Known Vulnerabilities and Mitigation

UltiMaker offers a comprehensive range of support documentation and recommendations on how to securely use our solutions:

  • Local Network Vulnerabilities: Connections between Cura and printers over a local network are not encrypted. Customers are advised to use Digital Factory and activate printer firewalls for secure communication.
  • Proactive Mitigation: Known vulnerabilities, such as CVE-2021-34086 and CVE-2021-34087, are mitigated through best practices, including local firewalls and network segmentation.

Regular Updates and Maintenance

  • Frequent Updates: Cura updates occur every three to six months, including patches for identified vulnerabilities. UltiMaker Cura Enterprise receives two updates a year and each update is supported for 12 months after release including security patches and critical bug fixes.
  • Cloud Platform Security: Digital Factory undergoes continuous improvements and secure deployments via the Google Cloud Platform, leveraging its robust security infrastructure. Note that UltiMaker does not use any consumer services from Google and has contracts in place to ensure all UltiMaker data are kept private.

Hardware Security: Reliability and Trust

Hardware security and manufacturing practices are critical for ensuring the integrity of the devices and their outputs. With the potential risks of tampering, unauthorized access, and compromised production, hardware security ensures the physical and operational integrity of the printer and prevents disruptions caused by malicious actors or errors minimizing risks associated with supply chain vulnerabilities.

UltiMaker combines European manufacturing excellence, rigorous quality standards, and robust hardware to ensure the highest possible degree of security and quality in its manufacturing processes by incorporating tamper-resistant designs, secure firmware and compliance with regulations like the Machinery Directive (2006/42/EC).

Secure and Transparent Manufacturing in Europe

  • Manufactured in the Netherlands: UltiMaker S series and Factor series printers are produced under strict quality assurance protocols in Europe ensuring compliance with some of the most rigorous safety standards globally.
  • ISO 9001 Certification: Adherence to this standard guarantees a high level of consistency, reliability, and quality in every machine.
  • ISO 14001 Certification: Demonstrates a commitment to sustainable manufacturing practices, ensuring that security measures are integrated without compromising environmental responsibility.

Physical Hardware Security

  • Tamper Resistance: UltiMaker printers are designed for trusted environments but include features to minimize unauthorized physical access, such as:
    • Restricted access to certain settings via PIN codes (S series and Factor series printers).
    • Secure firmware updates signed with private GPG keys to verify authenticity and prevent malicious installations.
  • Firewall Integration: S series and Factor series printers, allow administrators to activate a built-in firewall, adding an additional layer of security by limiting access to authorized users.
  • Separation of Critical Functions: Printers differentiate between process data (how an object is printed) and product data (the design itself), ensuring sensitive information is safeguarded even during physical access.

Hardware Integrity

  • Deterministic Performance: UltiMaker printers are built to handle unexpected events like power outages or mechanical obstructions without compromising safety. For instance:
    • Printers stop operations and provide detailed error messages when anomalies occur, such as blocked mechanics.
    • They remain functionally reliable after the issues are addressed, ensuring continued performance without lasting impacts.
  • Secure Firmware Updates: Firmware updates are regularly released and visible within our printers, Cura, and Digital Factory. Updates are verified using cryptographic signatures, guaranteeing integrity.

Trusted Supply Chain

  • Component Sourcing: UltiMaker prioritizes secure, high-quality components from trusted suppliers to mitigate risks of hardware vulnerabilities..
  • Local support: UltiMaker offers on site support through its extensive network of partner vendors ensuring that any potential issues are addressed efficiently minimizing workflow disruptions
  • Deterministic Performance: UltiMaker printers are built to handle unexpected events like power outages or mechanical obstructions without compromising safety. For instance:
    • Printers stop operations and provide detailed error messages when anomalies occur, such as blocked mechanics.
    • They remain functionally reliable after the issues are addressed, ensuring continued performance without lasting impacts.
  • Secure Firmware Updates: Firmware updates are regularly released and visible within our printers, Cura, and Digital Factory. Updates are verified using cryptographic signatures, guaranteeing integrity.

UltiMaker Ecosystem: A Comprehensive Solution

UltiMaker effectively combines aspects of vertical integration and an open system, leveraging the benefits of both models to deliver a versatile and user-friendly experience while maintaining flexibility and interoperability.

A vertically integrated system or ecosystem refers to the business model that provides end-to-end hardware, software and support encompassing a one-stop-solution, while an open system refers to any technology, platform or ecosystem that is designed to interact with other systems, devices or software which are managed by third-party entities.

For users seeking alternate options to integrate with the workflow, UltiMaker’s commitment to support open system solutions remains unchanged. We recognize that user freedom of choice, customization and community contributions are important factors for innovation in all application areas. We will never lock out functionality behind mandatory authorization controls that would limit user autonomy or restrict functionality by forcing users to only use proprietary tools.

The key components of UltiMaker’s ecosystem are hardware (UltiMaker’s 3D printers such as the S series and Factor series), software (Cura and Digital Factory), material integration (UltiMaker Marketplace), support and maintenance (through our comprehensive global support network, detailed documentation and ISO certified practices).

How the Ecosystem Works

  1. Design Phase: Users create or import 3D models into UltiMaker Cura. Advanced slicing algorithms prepare these designs for printing with optimized toolpaths and material settings.
  2. Workflow Management: Through UltiMaker Digital Factory, users can manage multiple printers, monitor print progress, and control access for team members. This ensures that only authorized personnel can initiate or modify print jobs.
  3. Secure Material Handling: Official UltiMaker material profiles downloaded from the UltiMaker Marketplace are pre-validated, reducing the risk of failed prints or subpar quality.
  4. Printing and Monitoring: Printers operate with deterministic performance, ensuring consistent results while offering real-time monitoring and control through Digital Factory.

Ecosystem in Action

To better understand how the ecosystem works let’s go over a couple of examples from a holistic perspective:

Example 1: Manufacturing – Tooling and Fixtures

In manufacturing, precision tooling and fixtures are essential. Manufacturers using UltiMaker can:

  1. Design a custom fixture in CAD software and slice it in UltiMaker Cura.
  2. Assign the print job to a specific printer via Digital Factory, ensuring authorized personnel manage the process.
  3. Use advanced materials, both first party (UltiMaker) and third-party materials (partner vendors) to produce durable, lightweight fixtures.
  4. Monitor the print remotely, minimizing downtime and ensuring on-time delivery for production.

Example 2: Medical – Patient-Specific Models

In the medical industry, patient-specific models are used for surgical planning and education:

  1. A hospital creates a 3D model of a patient’s anatomy from medical imaging data.
  2. Digital Factory ensures that only authorized medical staff can access and manage the print job, safeguarding sensitive patient information.
  3. By using materials validated in the Marketplace, the hospital can create detailed anatomical models, helping surgeons improve precision and outcomes.

Security and Scalability Across Industries

UltiMaker’s ecosystem delivers a unified, secure, and versatile platform for professional 3D printing, meeting the unique challenges of industries such as manufacturing, medical, and defense and is able to meet the unique demands of these sectors:

  • Manufacturing and Packaging: Secure workflow management ensures IP protection for proprietary designs.
  • Medical: Compliance with stringent data privacy regulations, such as GDPR, safeguards sensitive patient information.
  • Defense: Secure access controls and validated materials ensure adherence to strict security protocols in highly regulated environments.

Secure your Workflow with UltiMaker

Security is a cornerstone of professional 3D printing, ensuring not only the protection of intellectual property and data but also the reliability and integrity of production workflows. UltiMaker’s approach to security is rooted in its adherence to internationally recognized standards, robust software and hardware practices, and a fully integrated ecosystem designed for industrial applications.

From manufacturing excellence in Europe to GDPR compliance and rigorous software updates, UltiMaker goes beyond industry expectations to address the unique challenges faced by businesses in manufacturing, medical, defense, and other sectors. By prioritizing data security, software integrity, and hardware resilience, UltiMaker empowers organizations to innovate with confidence.

To learn more about how UltiMaker’s secure 3D printing solutions can support your business needs, contact one of our representatives today. Discover the confidence of printing with a partner that prioritizes security and reliability every step of the way.