TSMC Initiates and Assists SEMI to Establish “Specification for Cybersecurity of Fab Equipment” to Strengthen Semiconductor Information Security
TSMC is committed to safeguarding the information security of its customers and partners. As the semiconductor manufacturing process accelerates the introduction of smart manufacturing technology, TSMC initiated and assisted SEMI to establish “Specification for Cybersecurity of Fab Equipment” to enhance the information security awareness and the protection level of the supply chain. The standards were published during SEMICON Taiwan in December 2021.
TSMC took the lead in promoting the “Specification for Cybersecurity of Fab Equipment” to raise overall supply chain security, build supply chain resilience through cybersecurity, and achieve corporate social responsibility with suppliers.
Called on Industry Experts to Set Standards to Enhance Information Security Protection
As an integral part of the global semiconductor supply chain, TSMC actively strives to improve information security and confidential information protection mechanisms. TSMC worked with SEMI in 2018 to establish the "Taiwan Fab & Equipment Information Security Task Force" and took the lead in defining the specifications for fab equipment cybersecurity. After more than three years of research and design, the task force formulated general specifications in four categories: computer operation system, network security, endpoint device protection, security monitoring and information security auditing. This provides semiconductor equipment suppliers with consistent compliance guidelines to jointly improve the overall Information security protection level of the industry supply chain.
Four Categories of “Specification for Cybersecurity of Fab Equipment”
Diversified Promotion Mechanisms for Continuous Improvement of Supply Chain Information Security Management
In addition to strengthening the information security measures of the global semiconductor supply chain, TSMC has also continued to improve its own supply chain information security management strategy. This includes designing supplier information security assessment and evaluation standards with reference to international standards covering 12 categories and 135 inspection items and assisting suppliers effectively evaluate information security maturity and improvement goals. TSMC also publishes the "TSMC Supplier Chain Security Newsletter" quarterly to share practical experience and provides security-related training courses on the "TSMC Supplier Sustainability Academy" platform (Supply Online 360) to deepen suppliers’ awareness and practice of information security protection.
Global enterprises face severe challenges in information security. TSMC is committed to solving the problem of information security protection in the semiconductor industry, and has expanded its promotion to the supply chain, working with industry partners to implement corporate sustainability!
TSMC will continue to improve its information security and proprietary information protection mechanisms through promoting “Specification for Cybersecurity of Fab Equipment”, effectively improving the information security of the overall supply chain and implementing ESG-compliant corporate sustainability goals.