Semiconductor Equipment Security: Virus and Intellectual Property Protection Guidelines Harvey Wohlwend harvey.wohlwend ismi.sematech.org Advanced Materials Research Center, AMRC, International SEMATECH Manufacturing Initiative, and ISMI are servicemarks of SEMATECH, Inc. SEMATECH, the SEMATECH logo, Advanced Technology Development Facility, ATDF, and the ATDF logo are registered servicemarks of SEMATECH, Inc. All other servicemarks and trademarks are the property of their respective owners.
Two Key Elements of Security System Integrity due to Network integration of equipment is required Highly integrated network likely to get cyber attacks Cyber attacks are growing Intellectual Property (IP) due to Business integration of various roles process, yield, equipment engineering, industrial engineering, field service, equipment design, factory automation, etc. Joint Development OEMs and IC makers working in compensatory environments Automation Apps Removable Media Utility PC Vendor Systems Remote Diagnostics Direct to Tool Office PC Sources of Vulnerability
Shrinking Time to Vulnerabilities Vulnerability reported; Patch in progress Bulleting and patch available; No exploit Exploit code in public Worm in the world Days between patch and exploit 331 180 151 there is no more patch window," wrote Johannes Ullrich, Chief Research Officer at the SANS Internet Storm Center. "Defense in depth is your only chance to survive the early release of malware." SQL SQL 25 0 Zero Day Attack: Vulnerability exploited before it was reported to the rest of the security community Nimda Nimda Welchia/ Welchia/ Blaster Blaster Nachi ZoToB ZoToB Slammer Slammer Nachi
Virus Protection Guidelines An ISMI and member company working group reviewed the issues and requirements and established guidelines to address semiconductor equipment security for IC makers and equipment suppliers Established guidelines at factory network and equipment level Describe capabilities to successfully integrate equipment into an IC maker s intranet, including Guidelines based on standard capabilities Configuration guidelines for the IT personnel for components such as network equipment, computers, operating systems, and products Security design guidelines for equipment application architects and designers
IC Maker Guidelines Use firewalls in the IC maker factory network to control access Provide proxies for communications between equipment and factory Proxies provide virus protection capabilities Institute business process for local equipment users Backup and recovery procedures Scanning of removable media (memory sticks, floppies, CDs, etc.) Security requirements for mobile devices (laptops, PDA, tablets, etc.) Infrastructure for anti-virus protection
Equipment Supplier Guidance Institute business process Backup and recovery procedures Procedures and training for field service engineers Hardened computer configurations Strong password, non-blank password, etc. No public network shares Avoid installing or enabling unnecessary programs and services on equipment (e.g., telnet, ICMP, FTP) Support applications running with minimum privileges Wherever applicable, equipment runs independently of each other from network perspective Support logging and audit of security-related configuration changes Record all security related errors
Equipment Supplier Guidance (cont d) For new equipment, provide operating systems and anti-virus capabilities that are in the currently supported phase of their life cycle Security software upgrade support for equipment is optional and provided as a service for interested IC makers The service details include qualification and support for operating system, applications, and anti-virus capabilities The IC maker and the equipment supplier shall agree upon the frequency of security updates Network security layer 3 device for equipment (optional) Allow only controlled access to / from equipment Additional packet filtering and firewall technology for equipment Wireless: Not Allowed Equipment internal wireless networks / LAN replacements Wireless networks between equipment Wireless: Allowed Factory components (e.g., ID readers) and equipment
2007 Virus Protection Guidelines Update Best Known Methods Network Security Create equipment security model Create mapping of security to equipment groups, Port Security New equipment installation Move equipment to a known location, Virus Management Support network segmentation (links to network BKMs) Shut down unneeded network ports at the tool, Patch Management Identify patching candidates Create software upgrade plan,
Vulnerability Paths Field service laptops Remote diagnostics Automation apps Removable media HSMS enabled Process tool Factory with 100s of tools Direct to tool System Integrity Virus Protection vis-à-vis System Integrity 2007 update includes IC maker best known methods for cyber security, shows greater IC maker synergy and sharing IC makers have significantly matured in handling cyber attacks on equipment Most IC makers are using two or more methods to handle cyber security for equipment Utility PC Office PC Time to move on to other challenges
Equipment Security Roadmap 2004-2007 2007 Onwards 2005 ITRS Update We are at an inflection point
Ongoing Equipment Security Needs R&D is a key element of business and operating strategy in semiconductor industry IC maker focus on the process and end products OEM focus on the equipment for the process Collaboration is a mega trend Moving to a new technology node, shared cost model Results in more sharing of data, e.g., design data, recipe data, test data, equipment data, wafer characterization, contamination data, yield data, cycle time, etc. Operational challenges Environmental: System integrity due to cyber attacks Manufacturing: IP sharing due to defects, yield, throughput and reliability issues Financial: IP sharing due to joint development Challenge: How can IC makers and OEMs create a balance between protecting their investments and sharing IP for operations?
Equipment IP Protection IP Protection Requirements for member companies have been collected and jointly analyzed Key observations from requirements: IP protection currently enforced by business process such as NDAs with scant technology support Only a few objects need to be protected (limited depth scope) Role-based security needed for specific IP-laden objects Didn t focus on tool operations (limited breadth scope) Some areas are more applicable than others Some timeframes are more applicable than others There are many Use Cases Tool Down/Repair, ICM ICM Collaboration, ICM to foundry, ICM Nth & N+1th Gen separation Approach: Created a multi-faceted security framework using e-diagnostics security architecture Tiered architecture provides rich set of comprehensive security capabilities The need for risk and control management is increasing IP protection guidelines are based on business requirements
Equipment IP Protection Strategy Key Concept: IP protection needs to be part of equipment software and not only a business process Identify key software security technologies such as role-based security Leverage existing software security architecture in equipment area (e-diagnostics lineage) Identify Use Cases for different business models, e.g., IC Maker-IC Maker collaborations IC Maker-Supplier collaborations IC Maker (N+1)th & Nth process generation handling IC Maker- Foundry collaborations Tool end-of-life Identify functional areas and times where IP protection is not relevant Pilot IP protection guidelines through OEM implementation Educate and reinforce industry needs for IP protection and current risks Supplier implications: Incremental change required to the equipment controls software to add role-based security to a small set of files and directories User / group access to IP based on Need to Know Sharing / control of IP is automated through software (as opposed to manual) and can be dynamic depending upon business conditions Automatic software-based user accounting and auditing Ability to turn off security when not needed, but in controlled manner Technology is available today to solve equipment IP problems!
2007 Equipment Security Summary Objective: Strengthen the Equipment Virus Protection Guidelines due to complex network connectivity requirements Drive the need to protect IP within equipment among IC makers and create industry-level guidelines Benefits: Protects stakeholder financial investments in the technology Enables factory-wide standardized IP protection and cyber security Strengthen the enforcement of NDA through technology Provides clear operating procedures for IP protection and cyber security for situations such as troubleshooting, joint design, technology transfer, sub-contracting, etc. Need for Cyber Security Need for Equipment IP Protection Automation Apps Vendor Systems Direct to Tool Removable Media Office PC Utility PC Remote Diagnostics ISMI Guidelines Provided! 2007 Project Focus
Summary e-manufacturing and collaboration era brings need for enhanced security e-diagnostics Guidelines define security framework Interface A standards define equipment-level security (SEMI E132 Equipment Client Authentication and Authorization) Interface C defines moving data securely from the factory to supporting organizations ISMI Virus Protection Guidelines published, ismi.sematech.org/docubase/abstracts/4567ceng.htm ISMI IP Protection Guidelines being published Development of security framework is central to the solution space Need collaboration from all ICMs and OEMs