Velo3D’s Sapphire metal AM machines first to achieve US DoD’s green-level STIG compliance
December 7, 2023
Velo3D, Inc, based in Campbell, California, USA, has announced its Sapphire family of metal Additive Manufacturing machines are the first to achieve the US Department of Defense’s (DoD) Green-level Security Technical Implementation Guide (STIG) Compliance. The certification allows Sapphire machines to be connected to the DoD’s Secret Internet Protocol Router Network (SIPRNet), demonstrating to customers metal AM machines are protected against potential cyberattacks.
The rigorous qualification process was achieved through collaboration with a third party to generate compliance, vulnerability, and remediation reports from Sapphire machines that measure against security benchmarks. The testing process confirmed that all Velo3D machines provide the highest network, data, and software security, as well as vulnerability management, reducing the risk of security breaches. This includes Sapphire, Sapphire 1MZ, Sapphire XC, and Sapphire XC 1MZ.
Test results indicated Velo3D achieved an average score of 97% on its tests, exceeding the DoD’s threshold of 90% needed to achieve Green-level STIG compliance—the highest level offered.
“Our team at Velo3D strives to go above and beyond to meet our customers’ needs, so when customers that work with the DoD inquired about STIG compliance, we quickly went to work to achieve the highest level of certification available,” said Benny Buller, Velo3D founder and CEO. “I am proud of our team’s work in achieving this qualification and I am confident this will empower all our customers — but especially those that work with the DoD and other government agencies — to fully leverage the capabilities of our Additive Manufacturing technology without worrying about the risk of stolen intellectual property.”
In addition to being SIPRNet-ready, Velo3D Sapphire AM machines can now also connect to the DoD’s Non-classified Internet Protocol Router Network (NIPRNet). STIG compliance is required for DoD agencies and contractors that connect to both networks, as well as networks operated by other branch departments of the federal government.
Without STIG compliance, government agencies and contractors using metal Additive Manufacturing machines were required to keep them disconnected from network connections. This technique, commonly referred to as airgapping, can complicate the process of managing systems. In the case of Velo3D, engineers and AM operators could not fully leverage the capabilities of its fully integrated solution, which enables users to easily monitor the building of parts, analyse the data generated in the production process, and transfer build files to and from machines.
The certification enables engineers operating Velo3D machines to utilise all aspects of metal AM technology when manufacturing parts that are classified or International Traffic in Arms Regulation (ITAR) protected, without risking stolen intellectual property or other cyberattacks.
STIG compliance will also make it easier for defence contractors and agencies to purchase Sapphire machines as they will no longer have to obtain exceptions and other approvals that are required for non-compliant AM machines. Current Velo3D customers can upgrade their existing Sapphire machines to achieve STIG Green-level security, added the company.