TSMC includes semiconductor equipment cybersecurity standards in its procurement specifications, strengthening the security of its manufacturing plants.
Dr. James Tu (fourth from the left), Head of Corporate Information Security, shares cybersecurity challenges and solutions at the 2023 SEMICON Taiwan Semiconductor Cybersecurity Global Summit. (Photo source: SEMI)
SEMI Global President and CEO Ajit Manocha presents the "2023 SEMI International Standards Excellence Award" to the winner of the cybersecurity standard working group – Leon Chang, Department Manager of IT Security Program at TSMC (right), at SEMICON Taiwan. (Photo source: SEMI)
TSMC suppliers Gallant Precision Machining Co., Ltd and Contrel Technology Co., Ltd have been awarded the SEMI E187 Compliance Verification Certificate by the Administration for Digital Industries of the Ministry of Digital Affairs. (Photo source: Industrial Technology Research Institute)

TSMC Strengthens "Specification for Cybersecurity of Semiconductor Equipment", Realizing Mutual Industry Benefits

TSMC has Upgraded the Security of its Factories by Requiring New Equipment to Comply with the Standards through Procurement Contracts, Strengthening the Cybersecurity Defense of its Supply Chain
Leon Chang
Jill Wang

TSMC is dedicated to fulfilling the commitments of its "Information Security Declaration". In response to the Company’s development toward smart manufacturing, TSMC has initiated and promoted the global security standard “Specification for Cybersecurity of Fab Equipment” (SEMI E187) to enhance the cybersecurity of the semiconductor supply chain. In 2023, it was included as a tool procurement specification and verification mechanism, and established to ensure that suppliers comply with the standard before the introduction of any new equipment. Additionally, to accelerate the integration and networking efficiency of the entire factory system, TSMC has collaborated with the Semiconductor Equipment and Materials International Organization (SEMI) to define the "Cybersecurity Reference Architecture for Semiconductor Manufacturing Environment". This was first released at the SEMICON Taiwan international semiconductor exhibition in September and will be launched online in October. The architecture optimizes the cybersecurity management of semiconductor fabs and ensures production quality.

In the face of global challenges to information security in the semiconductor industry, TSMC continues to collaborate with supply chain partners to strengthen defense and resilience, safeguarding the overall security of the industry chain.

- Dr. James Tu, Head of Corporate Information Security at TSMC and the Inaugural Chairman of SEMI Cybersecurity Committee

By Utilizing the Power of Procurement Contracts and Implementing Semiconductor Equipment Cybersecurity Standards , Enhancing Factory Security and Production Efficiency

With the increasing use of intelligent technologies in semiconductor manufacturing processes, TSMC collaborated with SEMI to compile the “SEMI E187 Reference Practice” for implementing semiconductor equipment cybersecurity standards in 2022. TSMC aimed at assisting the supply chain in enhancing cybersecurity awareness and meeting security protection requirements. In 2023, this standard was officially included as one of TSMC’s procurement contract requirements to further enhance the security of semiconductor factory operations, and a verification mechanism was established to ensure compliance with the standards in four areas – , , , and , before the introduction of new equipment. This year, SEMI also collaborated with the Administration for Digital Industries of Taiwan’s Ministry of Digital Affairs to assist semiconductor equipment manufacturers in adopting verification checklists. Among them, Gallant Precision Machining Co., Ltd and Contrel Technology Co., Ltd became the world's first suppliers to be verified by a as meeting the semiconductor equipment cybersecurity standards, demonstrating the implementation of international cybersecurity standards.

In addition, intelligent production increases the interconnection of machines, processing systems, and plant facilities in the factory, and TSMC has collaborated with SEMI to develop an information network security architecture for semiconductor manufacturing environment in order to create high-tech factories with both production efficiency and cybersecurity defense, and to maintain the industry's competitive advantage.

Compliance with semiconductor equipment cybersecurity standards has become a competitive advantage in the industry, especially as more intelligent technologies are applied to the manufacturing process. In the future, these standards will be combined with key factors such as AI and energy efficiency to create even higher quality products and services in collaboration with TSMC.

- Jason Chen, Chairman and President of Gallant Precision Machining Co., Ltd

Achieving compliance with the semiconductor equipment cybersecurity standard meets TSMC's cybersecurity standards and enhances the cybersecurity protection of the supply chain.

- Kung-Hsu Yeh, Vice General Manager of Contrel Technology Co., Ltd

Highlights of TSMC's Cybersecurity Protection Actions

Highlights of TSMC's Cybersecurity Protection Actions

Expanding the Influence Scope of Cybersecurity Standards and Implementing Industry Cooperation for Mutual Benefit

TSMC has proposed SEMI E187 standard as the world's first cybersecurity standard for semiconductor equipment. In September 2023, Leon Chang, department manager of TSMC, who serves as the leader of SEMI Cybersecurity Standard Working Group, received the "2023 SEMI International Standards Excellence Award" in September 2023 for his significant contribution to the development and promotion of the first semiconductor cybersecurity standard in the world. Following TSMC's supplier cybersecurity evaluation methodology, the SEMI Cybersecurity Committee launched the “SEMI Semiconductor Cybersecurity Risk Rating Service” this year to assist companies in quickly identifying cybersecurity vulnerabilities and monitoring the effectiveness of their protective measures. It is expected that over 1,000 companies will adopt the service by the end of the year. Through continuous improvement in security management, TSMC, government agencies, SEMI, and industry partners are jointly building a robust cybersecurity ecosystem, creating a key competitive advantage for Taiwan's semiconductor industry on the global stage.

TSMC collaborated with SEMI to establish and enhance the semiconductor equipment cybersecurity standards. TSMC exerted its influence on the supply chain and practiced sustainable development for the common good. By achieving compliance with the semiconductor equipment cybersecurity standards, TSMC's cybersecurity level is enhanced, and the supply chain's cybersecurity defense is further improved.

- Leon Chang, Department Manager of IT Security Program at TSMC and recipient of the 2023 SEMI International Standards Excellence Award