NIST Researcher Describes 'EasyTrust' for Digital Data Defense in Manufacturing

NIST has aided manufacturing's transition from paper-based representations – like 2D blueprints – to digital representations, such as 3D graphics, as well as their digital flow – or "digital thread" – across manufacturing processes. But this digital transition has also given rise to digital threats, which seek to maliciously change designs and corrupt files. NIST has worked with stakeholders to develop a forthcoming web-based application called "EasyTrust," which will provide easy to implement solutions for countering and mitigating threats.

Based on these efforts, the National Science Foundation invited NIST's Sylvere Krima to participate in a panel session on trusting digital information in its June 2022 workshop on Safeguarding Critical System Supply Chains Against Compromise.

The panel addressed the problem with ensuring trust. Krima pointed out that solutions exist, but are very complex, hard to understand, and expensive to implement, deploy, maintain. He also said that 75 percent of the 250,000 manufacturers in the U.S. have 20 employees or less. Smaller companies often do not have resources to invest in building and ensuring trust. Providing all with access to easy to implement solutions was the motivation for NIST's EasyTrust project, stated Krima.

The panel also discussed the costs of inaction – which Krima noted are high. It is more than tampering with a part that causes a dishwater not to work, he said. It may result in a faulty part that leads to an aircraft losing power at 10,000 feet.

Additionally, the panel considered solutions ensuring safety. However, a state of complete safety is unachievable, said Krima. Manufacturers are facing state sponsored adversaries, with significant means. Meeting these threats means having mitigation strategies and technical solutions for protecting data.