semiconductor equipment security virus and intellectual property protection guidelines l.
Skip this Video
Loading SlideShow in 5 Seconds..
Semiconductor Equipment Security: Virus and Intellectual Property Protection Guidelines PowerPoint Presentation
Download Presentation
Semiconductor Equipment Security: Virus and Intellectual Property Protection Guidelines

Loading in 2 Seconds...

play fullscreen
1 / 15

Semiconductor Equipment Security: Virus and Intellectual Property Protection Guidelines - PowerPoint PPT Presentation

  • Uploaded on

Semiconductor Equipment Security: Virus and Intellectual Property Protection Guidelines Anant Raman anant.raman Harvey Wohlwend harvey.wohlwend

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'Semiconductor Equipment Security: Virus and Intellectual Property Protection Guidelines' - Ava

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
semiconductor equipment security virus and intellectual property protection guidelines

Semiconductor Equipment Security: Virus and Intellectual Property Protection Guidelines

Anant Raman


Harvey Wohlwend


Advanced Materials Research Center, AMRC, International SEMATECH Manufacturing Initiative, and ISMI are servicemarks of SEMATECH, Inc. SEMATECH, the SEMATECH logo, Advanced Technology Development Facility, ATDF, and the ATDF logo are registered servicemarks of SEMATECH, Inc. All other servicemarks and trademarks are the property of their respective owners.

two key elements of security

Vendor Systems

  • Automation Apps
  • Direct to Tool
  • Removable Media
  • Office PC
  • Remote Diagnostics
  • Utility PC
Two Key Elements of Security
  • System Integrity due to:
    • Network integration of equipment is required
    • Highly integrated network likely to get cyber attacks
    • Cyber attacks are growing
  • Intellectual Property (IP) due to:
    • Business integration of various roles – process, yield, equipment engineering, industrial engineering, field service, equipment design, factory automation, etc.
    • Joint Development – OEMs and IC Makers working in “compensatory” environments

Sources ofVulnerability

shrinking time to vulnerabilities
Shrinking Time to Vulnerabilities


reported; Patch in progress

Bulleting andpatch available;

No exploit

Exploit code in


Worm in the world

Days between patch and exploit

“… there is no more patch window," wrote Johannes Ullrich, Chief Research Officer at the SANS Internet Storm Center. "Defense in depth is your only chance to survive the early release of malware."





Zero Day Attack: Vulnerability exploited before it was reported to the rest of the security community




Welchia/ Nachi


SQL Slammer

virus protection guidelines
Virus Protection Guidelines
  • ISMI and Member Company Working Group reviewed the issues and requirements and established guidelines to address semiconductor equipment security for IC Makers and Equipment suppliers
    • Established guidelines at factory network and equipment level
  • Describe capabilities to successfully integrate equipment into an IC Maker’s intranet, including:
    • Guidelines based on standard capabilities
    • Configuration guidelines for the IT personnel for components such as network equipment, computers, operating systems, and products
    • Security design guidelines for equipment application architects and designers
ic maker guidelines
IC Maker Guidelines
  • Use firewalls in the IC Maker factory network to control access
  • Provide proxies for communications between equipment and factory
    • Proxies provide virus protection capabilities
  • Institute business process for local equipment users
    • Backup and recovery procedures
    • Scanning of removable media (memory sticks, floppies, CDs, etc.)
    • Security requirements for mobile devices (laptops, PDA, Tablets, etc.)
    • Infrastructure for anti-virus protection
equipment supplier guidance
Equipment Supplier Guidance
  • Institute business process
    • Backup and recovery procedures
    • Procedures and training for field service engineers
  • Hardened computer configurations
    • Strong password, non-blank password, etc.
    • No public network shares
    • Avoid installing or enabling unnecessary programs and services on equipment (e.g., telnet, ICMP, FTP)
    • Support applications running with minimum privileges
    • Wherever applicable, equipment runs independently of each other from network perspective
    • Support logging and audit of security related configuration changes
    • Record all security related errors
equipment supplier guidance cont d
Equipment Supplier Guidance (cont’d)
  • For new equipment, provide operating systems and anti-virus capabilities that are in the currently supported phase of their life cycle
  • Security software upgrade support for equipment is optional and provided as a service for interested IC Makers
    • The service details include qualification and support for operating system, applications, and anti-virus capabilities
    • The IC Maker and the equipment supplier shall agree upon the frequency of security updates
  • Network security layer 3 device for equipment (optional)
    • Allow only controlled access to / from equipment
    • Additional packet filtering and firewall technology for equipment
  • Wireless: Not Allowed
    • Equipment internal wireless networks / LAN replacements
    • Wireless networks between equipment
  • Wireless: Allowed
    • Factory components (e.g., ID readers) and equipment
2007 virus protection guidelines update
2007 Virus Protection Guidelines Update
  • Best Known Methods
    • Network Security
      • Create equipment security model
      • Create mapping of security to equipment groups, …
    • Port Security
      • New equipment installation
      • Move equipment to a known location, …
    • Virus Management
      • Support network segmentation (links to network BKMs)
      • Shut down unneeded network ports at the tool, …
    • Patch Management
      • Identify patching candidates
      • Create software upgrade plan, …
Virus Protection Vis-à-vis System Integrity

2007 update includes IC Maker Best Known Methods for cyber security, shows greater IC Maker synergy and sharing

Documentation shows that IC Makers have significantly matured in handling cyber attacks on equipment

Most IC Makers are using two or more methods to handle cyber security for equipment

Factory with 100s of tools

Vulnerability Paths

System Integrity

Field service




HSMS enabled

Process tool





Direct to


Time to move on to other challenges





equipment security roadmap
Equipment Security Roadmap


2007 Onwards

2007 ITRS Update

We are at an inflection point

ongoing equipment security needs
Ongoing Equipment Security Needs
  • R&D is a key element of business and operating strategy in semiconductor industry
    • IC Maker focus on the process and end products
    • OEM focus on the equipment for the process
  • Collaboration is a mega trend
    • Moving to a new technology node, shared cost model
    • Results in more sharing of data, e.g., design data, recipe data, test data, equipment data, wafer characterization, contamination data, yield data, cycle time, etc.
  • Operational challenges
    • Environmental: System Integrity due to cyber attacks
    • Manufacturing: IP sharing due to defects, yield, throughput and reliability issues
    • Financial: IP sharing due to joint development
  • Challenge: How can IC Makers and OEMs create a balance between protecting their investments and sharing IP for operations?
equipment ip protection
IP Protection

Requirements for member companies have been collected and jointly analyzed

Key observations from requirements:

IP protection currently enforced by business process such as NDAs with scant technology support

Only a few objects need to be protected (limited depth-scope)

Role-based security needed for specific IP-laden objects

Don’t focus on tool operations (limited breadth-scope)

Some areas are more applicable than others

Some timeframes are more applicable than others

There are many Use Cases – Tool Down/Repair, ICM–ICM Collaboration, ICM to foundry, ICM Nth & N+1th Gen separation

Approach: To create a multi-faceted security framework using

e-Diagnostics security architecture

Tiered architecture provides rich set of comprehensive security capabilities

Status: Revision 0 guidelines created

Equipment IP Protection

IP protection guidelines are based on business requirements

equipment ip protection strategy
Equipment IP Protection Strategy
  • Key Concept: IP protection needs to be part of equipment software and not only a business process
  • Identify key software security technologies such as role-based security
  • Leverage existing software security architecture in equipment area (e-Diagnostics lineage)
  • Identify Use Cases for different business models, e.g.,
    • IC Maker-IC Maker collaborations
    • IC Maker-Supplier collaborations
    • IC Maker (N+1)th & Nth process generation handling
    • IC Maker- Foundry collaborations
    • Tool end-of-life
  • Identify functional areas and times where IP protection is not relevant
  • Pilot IP protection guidelines via OEM implementation
  • Educate and reinforce industry needs for IP protection and current risks
  • Supplier implications:
    • Incremental change required to the equipment controls software to add role-based security to a small set of files and directories
    • User / Group access to IP based on “Need to Know”
    • Sharing / Control of IP is automated through software (as opposed to manual) and can be dynamic depending upon business conditions
    • Automatic software-based user accounting and auditing
    • Ability to turn off security when not needed, but in controlled manner

Technology is available today to solve equipment IP problems!

2007 equipment security summary

Vendor Systems

  • Automation Apps
  • Direct to Tool
  • Removable Media
  • Office PC
  • Remote Diagnostics
  • Utility PC
2007 Equipment Security Summary


  • Strengthen the Equipment Virus Protection Guidelines due to complex network connectivity requirements
  • Drive the need to protect IP within equipment amongst IC Makers and create industry-level guidelines


  • Protects stakeholder financial investments in the technology
  • Enables factory-wide standardized IP protection and cyber security
  • Strengthen the enforcement of NDA through technology
  • Provides clear operating procedures for IP protection and cyber security for situations such as troubleshooting, joint design, technology transfer, sub-contracting, etc.

Need for Equipment IP Protection

Need for Cyber Security

ISMI Guidelines Provided!

Current Project Focus

  • e-Manufacturing and Collaboration era brings need for enhanced security
    • Interface A standards define equipment-level security
    • Interface C defines moving data securely from the factory to supporting organizations
    • ISMI Virus Protection Guidelines published
      • Gives guidance to equipment suppliers on expectations and requirements
      • Provides IC Maker Best Known Methods
    • ISMI IP Protection Guidelines being developed
  • Development of security framework is central to the solution space
  • Use Case development critical to overall success
  • Need collaboration from all – ICMs and OEMs