High-end CNC machines can't be moved without manufacturers' permission


On Practical Machinst, there's a fascinating thread about the manufacturer's lockdown on a high-priced, high-end Mori Seiki NV5000 A/40 CNC mill. The person who started the thread owns the machine outright, but has discovered that if he moves it at all, a GPS and gyro sensor package in the machine automatically shuts it down and will not allow it to restart until they receive a manufacturer's unlock code.

Effectively, this means that machinists' shops can't rearrange their very expensive, very large tools to improve their workflow from job to job without getting permission from the manufacturer (which can take a month!), even if their own the gear.

According to posts in the thread, many manufacturers have introduced this lockdown feature because their goods have found their way into Iran, violating the embargo. So now these machines can't be moved at all without the manufacturer's knowledge and consent, a situation that the manufacturers have turned into a business-opportunity by using the technology to assist in repossessing machines from delinquent lease-payers -- and requiring permission for privilege of deciding where to place their key capital assets.

I'm interested in the security implications of this. Malware like Stuxnet attacked embedded systems on computerized machines, causing them to malfunction in subtle ways. A subtly weakened or defective part from a big mill like the NV5000 might find its way into a vehicle or a high-speed machine, with disastrous consequences.

And since the mills are designed to be opaque to their owners, and to actively prevent their owners from reverse-engineering them (lest they disable the gyro/GPS), an infection would be nearly impossible to detect. Criminals and saboteurs are a lot less worried about voiding the warranty on your $100K business-asset than you are, and that asymmetry, combined with the mandate for opacity in the operations, presents a serious risk to machine shops and their customers (and their customers' users -- that is, everyone).

Thread: Mori/Ellison gyroscope unlocking

Notable Replies

  1. shutz says:

    Every owner of such a CNC machine should contact the manufacturer every day (or even more often) to request permission (and an unlock code) to move the machine (even if it's just a couple of feet.)

    Once the manufacturers get annoyed at all the time and money spent in responding to these requests, they might reconsider (and, for example, only disable the machines if they report their location as "somewhere in Iran".)

  2. High-end proprietary CNC machines can't be moved...

    And of course, there's a great "open" response to this - the Mech Mate: http://www.mechmate.com. Hundreds of enthusiasts around the world have built their own CNC machines, presumably without the burden of the "rights management" features that come in the closed versions wink

    I'm a big fan of the MechMate community and my father-in-law has built one of these in his shop over the past few years. Here's a video I took a while back showing the machine in action. http://www.youtube.com/watch?v=lU3-6AapV3I.

    He owns and operates a cabinet making business - woodforyou.net - so he's highly motivated to get this just right. The cost advantages for him are huge.

  3. It's basically an export control issue. Governments want to be able to enforce bans and embargoes, so the companies are required to install such sensor packages. Also, the 1-month issue, as clearly explained in the thread, is about someone having a contract with a terrible service company. The Mfg rep weighed in very quickly with a "call me and I'll have that straightened out for you immediately" post.

    Remember, we're not talking about garden gnomes or 3D printers. These machines are the real thing. Pick the right two, and you can very quickly be up and producing 50-100 machine guns a day. Real ones, not plastic zip guns. Or pump impellers for uranium enrichment plants, or nuclear weapon components, you name it.

    Or, of course, excellent and non-controversial things like anti-lock brake components. The point is, the issue is about more than just companies being jerks.

  4. I've been in the trade of repairing these machines for the last 20 years. This is becoming very common. Reason is simple: the machines are VERY expensive to repair and come with full coverage warranties. When a customer moves the machine, it needs to be fully recalibrated otherwise it could crash in on itself. Taking a chip out of the table, screwing up the head, causing any board to fry, these are all HUGE expenses a manufacturer has to cover. When your part time, semi-retired, forklift driver moves the machine and damages it, guess who gets the brunt of the cost. More often than not, the company who has the machine never wants to pay for legitimate (and self-inflicted) damage, they are very quick to blame the manufacturer and let them flip the bill.

  5. I'm the one who originally Tweeted about the Practical Machinists thread last night, the one that evidently inspired Cory to write this post.

    I find his take on it extremely sensationalistic however.

    1- There is zero evidence that DMG/Mori Seiki uses the ITAR interlocks as some sort of a "business opportunity." In fact, they don't even install the interlocks on their US built CNC machines destined for use in the US marketplace. Only the Japanese and German built machines have the ITAR interlock.

    2- I've yet to see a single report of the ITAR interlock being used to enforce the terms of a financing deal. In fact, since the interlock requires machine movement to trip, I don't see how it would be an effective tool to that end. Furthermore, DMG/Mori is not in the financing business; that's between the bank and the machine owner. Given that I'm in the market (eventual) for a nice CNC mill that will be financed, I would love to see a link to Cory's evidence of such!

    3- The notion that the CNC mill interlock is somehow indicative of the machine being "closed" and "obscured" to the point where it could somehow be infected with a virus to make defective parts is patently absurd. Such a virus would need to know the details of the G-code program being used to cut the part well enough to know what functions could be fudged without obvious detection. Furthermore, any life-safety or mission-critical component ever made goes through numerous inspections after it comes off a CNC mill. Nobody, and I mean absolutely nobody, is taking parts spit fresh out of a CNC center and slapping them into life-safety stuff without numerous and highly documented quality inspections performed off the machine.

    More importantly, CNC machines on par with something from DMG/Mori are not purchased by clueless consumers. While DMG/Mori machine are at the top of the class in precision, repeatability and speed, the market isn't graded on a bell curve. There is significant competition in this class of tool from the likes of Makino, Okuma, Fanuc, Brother, Citizen, Tornos... Technology has even allowed some of the second tier machine makers to start reliably churning out extremely high precision levels that once required buying super high-end gear (Mazak, Haas VM-SS class mills). Machinists are damn near OSS/Linux levels of crotchety and paranoid; if DMG/Mori was using the ITAR interlock to push people around, they would lose marketshare near instantly.

    In the end, I think the ITAR interlocks are an interesting feature. It is absolutely something worthy of chewing on with discussion. The amount of unsubstantiated sensationalism Cory presents in this post though, really strains credulity. In fact, it makes me question just how accurate and reasoned the rest of his body of work is now that I've squared his hyperbole up with a subject I know something about.

Continue the discussion bbs.boingboing.net

52 more replies

Participants