Semiconductor Equipment Security: Virus and Intellectual Property Protection Guidelines Anant Raman anant.raman intel.com Harvey Wohlwend harvey.wohlwend ismi.sematech.org
Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.
Semiconductor Equipment Security: Virus and Intellectual Property Protection Guidelines
Advanced Materials Research Center, AMRC, International SEMATECH Manufacturing Initiative, and ISMI are servicemarks of SEMATECH, Inc. SEMATECH, the SEMATECH logo, Advanced Technology Development Facility, ATDF, and the ATDF logo are registered servicemarks of SEMATECH, Inc. All other servicemarks and trademarks are the property of their respective owners.
reported; Patch in progress
Bulleting andpatch available;
Exploit code in
Worm in the world
Days between patch and exploit
“… there is no more patch window," wrote Johannes Ullrich, Chief Research Officer at the SANS Internet Storm Center. "Defense in depth is your only chance to survive the early release of malware."
Zero Day Attack: Vulnerability exploited before it was reported to the rest of the security community
Virus Protection Vis-à-vis System Integrity
2007 update includes IC Maker Best Known Methods for cyber security, shows greater IC Maker synergy and sharing
Documentation shows that IC Makers have significantly matured in handling cyber attacks on equipment
Most IC Makers are using two or more methods to handle cyber security for equipment
Factory with 100s of tools
Time to move on to other challenges
2007 ITRS Update
We are at an inflection point
Requirements for member companies have been collected and jointly analyzed
Key observations from requirements:
IP protection currently enforced by business process such as NDAs with scant technology support
Only a few objects need to be protected (limited depth-scope)
Role-based security needed for specific IP-laden objects
Don’t focus on tool operations (limited breadth-scope)
Some areas are more applicable than others
Some timeframes are more applicable than others
There are many Use Cases – Tool Down/Repair, ICM–ICM Collaboration, ICM to foundry, ICM Nth & N+1th Gen separation
Approach: To create a multi-faceted security framework using
e-Diagnostics security architecture
Tiered architecture provides rich set of comprehensive security capabilities
Status: Revision 0 guidelines created
IP protection guidelines are based on business requirements
Technology is available today to solve equipment IP problems!
Need for Equipment IP Protection
Need for Cyber Security
ISMI Guidelines Provided!
Current Project Focus