TSMC initiates and assists SEMI to establish “Specification for Cybersecurity of Fab Equipment” to strengthen semiconductor supply chain information security.

TSMC Initiates and Assists SEMI to Establish “Specification for Cybersecurity of Fab Equipment” to Strengthen Semiconductor Information Security

Leon Chang
Y.C. Huang
Jill Wang

TSMC is committed to safeguarding the information security of its customers and partners. As the semiconductor manufacturing process accelerates the introduction of smart manufacturing technology, TSMC initiated and assisted to establish “Specification for Cybersecurity of Fab Equipment” to enhance the information security awareness and the protection level of the supply chain. The standards were published during SEMICON Taiwan in December 2021.

TSMC took the lead in promoting the “Specification for Cybersecurity of Fab Equipment” to raise overall supply chain security, build supply chain resilience through cybersecurity, and achieve corporate social responsibility with suppliers.

- Dr. James Tu, Head of Corporate Information Security at TSMC and the Inaugural Chairman of SEMI Cybersecurity Committee

Called on Industry Experts to Set Standards to Enhance Information Security Protection

As an integral part of the global semiconductor supply chain, TSMC actively strives to improve information security and confidential information protection mechanisms. TSMC worked with SEMI in 2018 to establish the "Taiwan Fab & Equipment Information Security Task Force" and took the lead in defining the specifications for fab equipment cybersecurity. After more than three years of research and design, the task force formulated general specifications in four categories: computer operation system, network security, endpoint device protection, security monitoring and information security auditing. This provides semiconductor equipment suppliers with consistent compliance guidelines to jointly improve the overall Information security protection level of the industry supply chain.

Four Categories of “Specification for Cybersecurity of Fab Equipment”

Four Categories of “Specification for Cybersecurity of Fab Equipment”

Diversified Promotion Mechanisms for Continuous Improvement of Supply Chain Information Security Management

In addition to strengthening the information security measures of the global semiconductor supply chain, TSMC has also continued to improve its own supply chain information security management strategy. This includes designing supplier information security assessment and evaluation standards with reference to covering 12 categories and 135 inspection items and assisting suppliers effectively evaluate information security maturity and improvement goals. TSMC also publishes the "TSMC Supplier Chain Security Newsletter" quarterly to share practical experience and provides on the "TSMC Supplier Sustainability Academy" platform (Supply Online 360) to deepen suppliers’ awareness and practice of information security protection.

Global enterprises face severe challenges in information security. TSMC is committed to solving the problem of information security protection in the semiconductor industry, and has expanded its promotion to the supply chain, working with industry partners to implement corporate sustainability!

- J.K. Lin, Senior Vice President of Information Technology and Materials Management & Risk Management at TSMC

TSMC will continue to improve its information security and proprietary information protection mechanisms through promoting “Specification for Cybersecurity of Fab Equipment”, effectively improving the information security of the overall supply chain and implementing -compliant corporate sustainability goals.

TSMC Promotion Schedule for the Information Security Mechanism

TSMC Promotion Schedule for the Information Security Mechanism