Semiconductor Equipment Security: Virus and Intellectual Property Protection Guidelines Anant Raman anant.raman intel.com Harvey Wohlwend harvey.wohlwend ismi.sematech.org Advanced Materials Research Center, AMRC, International SEMATECH Manufacturing Initiative, and ISMI are servicemarks of SEMATECH, Inc. SEMATECH, the SEMATECH logo, Advanced Technology Development Facility, ATDF, and the ATDF logo are registered servicemarks of SEMATECH, Inc. All other servicemarks and trademarks are the property of their respective owners.
Vendor Systems • Automation Apps • Direct to Tool • Removable Media • Office PC • Remote Diagnostics • Utility PC Two Key Elements of Security • System Integrity due to: • Network integration of equipment is required • Highly integrated network likely to get cyber attacks • Cyber attacks are growing • Intellectual Property (IP) due to: • Business integration of various roles – process, yield, equipment engineering, industrial engineering, field service, equipment design, factory automation, etc. • Joint Development – OEMs and IC Makers working in “compensatory” environments Sources ofVulnerability
Shrinking Time to Vulnerabilities Vulnerability reported; Patch in progress Bulleting andpatch available; No exploit Exploit code in public Worm in the world Days between patch and exploit “… there is no more patch window," wrote Johannes Ullrich, Chief Research Officer at the SANS Internet Storm Center. "Defense in depth is your only chance to survive the early release of malware." 331 180 151 25 Zero Day Attack: Vulnerability exploited before it was reported to the rest of the security community 0 Blaster ZoToB Welchia/ Nachi Nimda SQL Slammer
Virus Protection Guidelines • ISMI and Member Company Working Group reviewed the issues and requirements and established guidelines to address semiconductor equipment security for IC Makers and Equipment suppliers • Established guidelines at factory network and equipment level • Describe capabilities to successfully integrate equipment into an IC Maker’s intranet, including: • Guidelines based on standard capabilities • Configuration guidelines for the IT personnel for components such as network equipment, computers, operating systems, and products • Security design guidelines for equipment application architects and designers
IC Maker Guidelines • Use firewalls in the IC Maker factory network to control access • Provide proxies for communications between equipment and factory • Proxies provide virus protection capabilities • Institute business process for local equipment users • Backup and recovery procedures • Scanning of removable media (memory sticks, floppies, CDs, etc.) • Security requirements for mobile devices (laptops, PDA, Tablets, etc.) • Infrastructure for anti-virus protection
Equipment Supplier Guidance • Institute business process • Backup and recovery procedures • Procedures and training for field service engineers • Hardened computer configurations • Strong password, non-blank password, etc. • No public network shares • Avoid installing or enabling unnecessary programs and services on equipment (e.g., telnet, ICMP, FTP) • Support applications running with minimum privileges • Wherever applicable, equipment runs independently of each other from network perspective • Support logging and audit of security related configuration changes • Record all security related errors
Equipment Supplier Guidance (cont’d) • For new equipment, provide operating systems and anti-virus capabilities that are in the currently supported phase of their life cycle • Security software upgrade support for equipment is optional and provided as a service for interested IC Makers • The service details include qualification and support for operating system, applications, and anti-virus capabilities • The IC Maker and the equipment supplier shall agree upon the frequency of security updates • Network security layer 3 device for equipment (optional) • Allow only controlled access to / from equipment • Additional packet filtering and firewall technology for equipment • Wireless: Not Allowed • Equipment internal wireless networks / LAN replacements • Wireless networks between equipment • Wireless: Allowed • Factory components (e.g., ID readers) and equipment
2007 Virus Protection Guidelines Update • Best Known Methods • Network Security • Create equipment security model • Create mapping of security to equipment groups, … • Port Security • New equipment installation • Move equipment to a known location, … • Virus Management • Support network segmentation (links to network BKMs) • Shut down unneeded network ports at the tool, … • Patch Management • Identify patching candidates • Create software upgrade plan, …
Virus Protection Vis-à-vis System Integrity 2007 update includes IC Maker Best Known Methods for cyber security, shows greater IC Maker synergy and sharing Documentation shows that IC Makers have significantly matured in handling cyber attacks on equipment Most IC Makers are using two or more methods to handle cyber security for equipment Factory with 100s of tools Vulnerability Paths System Integrity Field service laptops Removable media HSMS enabled Process tool Remote diagnostics Automation apps Direct to tool Time to move on to other challenges Utility PC Office PC
Equipment Security Roadmap 2004-2007 2007 Onwards 2007 ITRS Update We are at an inflection point
Ongoing Equipment Security Needs • R&D is a key element of business and operating strategy in semiconductor industry • IC Maker focus on the process and end products • OEM focus on the equipment for the process • Collaboration is a mega trend • Moving to a new technology node, shared cost model • Results in more sharing of data, e.g., design data, recipe data, test data, equipment data, wafer characterization, contamination data, yield data, cycle time, etc. • Operational challenges • Environmental: System Integrity due to cyber attacks • Manufacturing: IP sharing due to defects, yield, throughput and reliability issues • Financial: IP sharing due to joint development • Challenge: How can IC Makers and OEMs create a balance between protecting their investments and sharing IP for operations?
IP Protection Requirements for member companies have been collected and jointly analyzed Key observations from requirements: IP protection currently enforced by business process such as NDAs with scant technology support Only a few objects need to be protected (limited depth-scope) Role-based security needed for specific IP-laden objects Don’t focus on tool operations (limited breadth-scope) Some areas are more applicable than others Some timeframes are more applicable than others There are many Use Cases – Tool Down/Repair, ICM–ICM Collaboration, ICM to foundry, ICM Nth & N+1th Gen separation Approach: To create a multi-faceted security framework using e-Diagnostics security architecture Tiered architecture provides rich set of comprehensive security capabilities Status: Revision 0 guidelines created Equipment IP Protection IP protection guidelines are based on business requirements
Equipment IP Protection Strategy • Key Concept: IP protection needs to be part of equipment software and not only a business process • Identify key software security technologies such as role-based security • Leverage existing software security architecture in equipment area (e-Diagnostics lineage) • Identify Use Cases for different business models, e.g., • IC Maker-IC Maker collaborations • IC Maker-Supplier collaborations • IC Maker (N+1)th & Nth process generation handling • IC Maker- Foundry collaborations • Tool end-of-life • Identify functional areas and times where IP protection is not relevant • Pilot IP protection guidelines via OEM implementation • Educate and reinforce industry needs for IP protection and current risks • Supplier implications: • Incremental change required to the equipment controls software to add role-based security to a small set of files and directories • User / Group access to IP based on “Need to Know” • Sharing / Control of IP is automated through software (as opposed to manual) and can be dynamic depending upon business conditions • Automatic software-based user accounting and auditing • Ability to turn off security when not needed, but in controlled manner Technology is available today to solve equipment IP problems!
Vendor Systems • Automation Apps • Direct to Tool • Removable Media • Office PC • Remote Diagnostics • Utility PC 2007 Equipment Security Summary Objective: • Strengthen the Equipment Virus Protection Guidelines due to complex network connectivity requirements • Drive the need to protect IP within equipment amongst IC Makers and create industry-level guidelines Benefits: • Protects stakeholder financial investments in the technology • Enables factory-wide standardized IP protection and cyber security • Strengthen the enforcement of NDA through technology • Provides clear operating procedures for IP protection and cyber security for situations such as troubleshooting, joint design, technology transfer, sub-contracting, etc. Need for Equipment IP Protection Need for Cyber Security ISMI Guidelines Provided! Current Project Focus
Summary • e-Manufacturing and Collaboration era brings need for enhanced security • Interface A standards define equipment-level security • Interface C defines moving data securely from the factory to supporting organizations • ISMI Virus Protection Guidelines published • Gives guidance to equipment suppliers on expectations and requirements • Provides IC Maker Best Known Methods • ISMI IP Protection Guidelines being developed • Development of security framework is central to the solution space • Use Case development critical to overall success • Need collaboration from all – ICMs and OEMs