Semiconductor Equipment Security: Virus Protection Guidelines

Similar documents
Semiconductor Equipment Security: Virus and Intellectual Property Protection Guidelines Harvey Wohlwend harvey.wohlwend ismi.sematech.

Semiconductor Equipment Security Guidelines Virus Protection

Implementing Security Update Management

AT&T Global Network Client for Windows Product Support Matrix January 29, 2015

ABB s approach concerning IS Security for Automation Systems

COMPARISON OF FIXED & VARIABLE RATES (25 YEARS) CHARTERED BANK ADMINISTERED INTEREST RATES - PRIME BUSINESS*

COMPARISON OF FIXED & VARIABLE RATES (25 YEARS) CHARTERED BANK ADMINISTERED INTEREST RATES - PRIME BUSINESS*

Glasnost or Tyranny? You Can Have Secure and Open Networks!

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Blackboard Collaborate Web Conferencing Hosted Environment Technical Infrastructure and Security

i-pcgrid Workshop 2015 Cyber Security for Substation Automation The Jagged Line between Utility and Vendors

CYBER SECURITY. Is your Industrial Control System prepared?

Network Instruments white paper

HACKING RELOADED. Hacken IS simple! Christian H. Gresser

Analysis One Code Desc. Transaction Amount. Fiscal Period

Case 2:08-cv ABC-E Document 1-4 Filed 04/15/2008 Page 1 of 138. Exhibit 8

Is Your Network a Sitting Duck? 3 Secrets to Securing Your Information Systems. Presenter: Matt Harkrider. Founder, Alert Logic

Deep Security/Intrusion Defense Firewall - IDS/IPS Coverage Statistics and Comparison

Industrial Security for Process Automation

System Security Policy Management: Advanced Audit Tasks

The dramatic growth in mobile device malware. continues to escalate at an ever-accelerating. pace. These threats continue to become more

Designing a security policy to protect your automation solution

Incident Response. Proactive Incident Management. Sean Curran Director

Enhanced Vessel Traffic Management System Booking Slots Available and Vessels Booked per Day From 12-JAN-2016 To 30-JUN-2017

Cyber Risk Mitigation via Security Monitoring. Enhanced by Managed Services

Course: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems

SANS Top 20 Critical Controls for Effective Cyber Defense

How To Secure Your System From Cyber Attacks

Deep Security Intrusion Detection & Prevention (IDS/IPS) Coverage Statistics and Comparison

Honeywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014

Cisco & Big Data Security

CONSTRUCTION AND MANAGEMENT OF A SECURE NETWORK IN SPRING-8

Cybersecurity considerations for electrical distribution systems

Dragonfly: Energy Companies Under Sabotage Threat Symantec Security Response

Current counter-measures and responses by CERTs

Secure Your Mobile Workplace

Cisco Security Agent (CSA) Network Admission Control (NAC)

Release of the Draft Cybersecurity Procurement Language for Energy Delivery Systems

Best Practices for DanPac Express Cyber Security

What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things.

Ashley Institute of Training Schedule of VET Tuition Fees 2015

Managing Vulnerabilities for PCI Compliance White Paper. Christopher S. Harper Managing Director, Agio Security Services

BUILDING A SECURITY OPERATION CENTER (SOC) ACI-BIT Vancouver, BC. Los Angeles World Airports

SECURITY BEST PRACTICES FOR CISCO PERSONAL ASSISTANT (1.4X)

Check Point and Security Best Practices. December 2013 Presented by David Rawle

Deep Security Vulnerability Protection Summary

Are you prepared to be next? Invensys Cyber Security

LAMAR STATE COLLEGE - ORANGE INFORMATION RESOURCES SECURITY MANUAL. for INFORMATION RESOURCES

Certification Programs

ensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster

AgriLife Information Technology IT General Session January 2010

Zscaler Cloud Web Gateway Test

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management

Defending Against Data Beaches: Internal Controls for Cybersecurity

Computer Security CS 426 Lecture 36. CS426 Fall 2010/Lecture 36 1

13 Ways Through A Firewall What you don t know will hurt you

13 Ways Through A Firewall

Olav Mo, Cyber Security Manager Oil, Gas & Chemicals, CASE: Implementation of Cyber Security for Yara Glomfjord

CYBER SECURITY Is your Industrial Control System prepared? Presenter: Warwick Black Security Architect SCADA & MES Schneider-Electric

Information Security Policy

DeltaV System Cyber-Security

Disaster Recovery & Business Continuity Dell IT Executive Learning Series

SCADA and Security Are they Mutually Exclusive? Terry M. Draper, PE, PMP

IT Security Incident Management Policies and Practices

Cyber Essentials KAMI VANIEA 2

CMS Operational Policy for Infrastructure Router Security

Basics of Internet Security

Continuous compliance through good governance

Computer Security: Principles and Practice

Critical Controls for Cyber Security.

Cyber Essentials Scheme

Vulnerability Audit: Why a Vulnerability Scan Isn t Enough. White Paper

CNA NetProtect Essential SM. 1. Do you implement virus controls and filtering on all systems? Background:

Oracle Database Security Myths

A!Team!Cymru!EIS!Report:!Growing!Exploitation!of!Small! OfCice!Routers!Creating!Serious!Risks!

Integrated Protection for Systems. João Batista Territory Manager

Managing internet security

Network Security: A Practical Approach. Jan L. Harrington

Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits)

Retention & Destruction

ANTIVIRUS BEST PRACTICES

Computer System Security Updates

Security Solutions to Meet NERC-CIP Requirements. Kevin Staggs, Honeywell Process Solutions

INTRUSION DETECTION SYSTEMS and Network Security

Larry Wilson Version 1.0 November, University Cyber-security Program Critical Asset Mapping

Defense-in-Depth Strategies for Secure, Open Remote Access to Control System Networks

McAfee Endpoint Protection Products

Network Security Guidelines. e-governance

CMPT 471 Networking II

The Protection Mission a constant endeavor

Protect Yourself in the Cloud Age

Comparison of Firewall, Intrusion Prevention and Antivirus Technologies

TECHNICAL AUDITS FOR CERTIFYING EUROPEAN CITIZEN COLLECTION SYSTEMS

Transcription:

Semiconductor Equipment Security: Virus Protection Guidelines Harvey Wohlwend 512.356.7536 harvey.wohlwend ismi.sematech.org SEMATECH, the SEMATECH logo, AMRC, Advanced Materials Research Center, ATDF, the ATDF logo, Advanced Technology Development Facility, ISMI and International SEMATECH Manufacturing Initiative are servicemarks of SEMATECH, Inc. All other servicemarks and trademarks are the property of their respective owners.

Agenda Background Purpose / Scope Process Equipment Security Goals Security Risks / Source of Vulnerabilities IC Maker Guidelines OEM Guidelines Summary 11/28/2005 j://stdpres/template.pot Slide 2

Cyber Security Risks 80 70 60 50 40 30 20 10 0 Slammer Lovegate Sendmail Sobig Blaster Sasser Nachi # Instances Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec Jan'03 Feb Mar April May June July August September October November December SAS Virus Alerts # of High Risk Assessments Cyber threats are growing at alarming rate High rate of critical vulnerabilities (5-10 patches/quarter) Significant business impact during attacks Shrinking time between vulnerability and attacks (< 1 month) 11/28/2005 j://stdpres/template.pot Slide 3

Shrinking Time to Vulnerabilities Vulnerability reported; Patch in progress Bulleting and patch available; No exploit Exploit code in public Worm in the world Days between patch and exploit 331 180 151 there is no more patch window," wrote Johannes Ullrich, chief research officer at the SANS Internet Storm Center, "Defense in depth is your only chance to survive the early release of malware." Nimda Nimda SQL SQL Slammer Slammer Welchia/ Welchia/ Nachi Nachi 25 Blaster Blaster 0 Zero Day Attack: Vulnerability exploited before it was ZoToB ZoToB reported to the rest of the security community 11/28/2005 j://stdpres/template.pot Slide 4

Sources of Equipment Vulnerability Automation Applications Service Laptops Removable Media Direct to tool Direct Connections Utility PC Remote-Diagnostics Office PC Network connectivity and direct human interaction is main path of cyber infections 11/28/2005 j://stdpres/template.pot Slide 5

Purpose / Scope ISMI and Member Company Working Group reviewed the issues and requirements and established guidelines to address semiconductor equipment security for IC Makers and Equipment suppliers Establish guidelines at factory network and equipment level Describe capabilities to successfully integrate equipment into an IC Maker s Intranet, including: Guidelines based on standard capabilities Configuration guidelines for the IT personnel for components such as network equipment, computers, operating systems, and products Security design guidelines for equipment application architects and designers 11/28/2005 j://stdpres/template.pot Slide 6

Out of Scope Recommend products or services Endorse or advocate security business models Use cost estimations in the recommendations Recommend deviations from these guidelines based on individual company policies and practices 11/28/2005 j://stdpres/template.pot Slide 7

Goals: Protect Equipment from Unsolicited virus infections from any place in the network Network-based denial of service from worm-based attacks Exploitation of weaknesses in equipment computer software 11/28/2005 j://stdpres/template.pot Slide 8

IC Maker Guidelines Best Practices Use firewalls in the IC Maker Factory Network to control access Provide proxies for communications between equipment and factory Proxies provide virus protection capabilities Institute business process for local equipment users Backup and recovery procedures Scanning of removable media (memory sticks, floppies, CDs, etc.) Security Requirements for mobile devices (laptops, PDA,Tablets, etc.) Infrastructure for anti-virus protection 11/28/2005 j://stdpres/template.pot Slide 9

Equipment Supplier Guidance Institute business process Backup and recovery procedures Procedures and training for field service engineers Hardened Computer configurations Strong password, non-blank password, etc. No public network shares Avoid installing or enabling unnecessary programs and services on equipment (e.g., telnet, ICMP, FTP) Support applications running with minimum privileges Wherever applicable, equipment runs independently of each other from network perspective Support logging and audit of security related configuration changes Record all security related errors 11/28/2005 j://stdpres/template.pot Slide 10

Equipment Supplier Guidance (cont d) For new equipment, provide operating systems and anti-virus capabilities that are in the currently supported phase of their life cycle Security software upgrade support for equipment is optional and provided as a service for interested IC Makers. The service details include qualification and support for operating system, applications, and anti-virus capabilities The IC Maker and the equipment supplier shall agree upon the frequency of security updates Network Security layer 3 device for equipment (Optional) Allow only controlled access to/from equipment Additional packet filtering and firewall technology for equipment Wireless: Not Allowed Equipment internal wireless networks / LAN replacements Wireless networks between equipment Wireless: Allowed Factory components and equipment 11/28/2005 j://stdpres/template.pot Slide 11

Field service laptops Remote diagnostics Utility PC Vulnerability Paths Automation Apps Office PC Removable media HSMS enabled Process tool Factory with 100 s of tools Direct to tool SECURITY Safeguard against viruses Isolate, Segment, and Lockdown approach Isolate fab network from rest of company Segment tools and lock down Business processes to address removable media risk Keep current approach Keep patching equipment software to stay up-to date Use anti-virus to prevent infections Staying current system for tool management 11/28/2005 j://stdpres/template.pot Slide 12

Summary e-manufacturing era brings need for enhanced security Interface A standards define equipment level security Interface C defines moving data securely from the factory to supporting organizations ISMI Virus Protection Guidelines published Provides IC Maker best practices you should use Gives guidance to equipment suppliers on expectations and requirements Virus Protection, 04104567B-ENG, ismi.sematech.org/docubase/abstracts/4567beng.htm 11/28/2005 j://stdpres/template.pot Slide 13

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information