In a key step to secure semiconductor manufacturing data traversing the supply chain, SEMI in mid-January published SEMI E187, a specification designed to help protect semiconductor manufacturing data. The publication marks the first time that SEMI Taiwan has lead the development of an international standard and reflects the vital need for cybersecurity in Taiwan’s semiconductor industry and across the global supply chain. Future work of the SEMI Taiwan Cybersecurity Committee and Fab and Equipment Information Security Task Force will include promoting the comprehensive implementation of information security.
The SEMI E187 Specification for Cybersecurity of Fab Equipment covers four key areas:
Computer Operation Systems
- Operating systems
- Documentation
Network
- Support secure transmission protocols
- Documentation
Endpoint Protection
- Vulnerability mitigation
- Malware scanning
- Access control
- Documentation
Monitoring
- Log management
Terry Tsao, Global Chief Marketing Officer at SEMI and President of SEMI Taiwan (center) announced the January 2022 launch of the SEMI E187 – Specification for Cybersecurity of Fab Equipment at SEMICON Taiwan 2021.
Dr. James Tu, Head of Corporate Information Security at TSMC and Chairman of the SEMI Taiwan Cybersecurity Committee, said that the SEMI E187 specification will not only help semiconductor manufacturers safeguard their own information but aid their upstream and downstream partners to collectively enhance information security.
SEMI E187 offers basic rules to follow for developing semiconductor equipment cybersecurity protections, though companies can also use the specification as cybersecurity requirements in equipment procurement contracts.
The next step for the SEMI Taiwan Cybersecurity Committee is to focus on the following four key areas.
- Creating the framework and channels to promote the specification
- Building awareness of the specification
- Promoting the evaluation of information security and maturity
- Developing a long-term plan that assesses the risks of information security across the semiconductor manufacturing supply chain and establishing a long-term cybersecurity strategy
Other initiatives will include the following:
- Developing regulations and rules
- Establishing certification and accreditation systems
- Certifying and accrediting equipment suppliers
The SEMI Taiwan Cybersecurity Committee plans to expand the scope of the specification to include more high-technology industries and offer training and seminars on information security-related topics.
SEMI Taiwan invites companies to become a SEMI member and participate in the SEMI Taiwan Fab and Equipment Information Security Task Force. Please visit the SEMI Standards webpage.