TSMC Strengthens "Specification for Cybersecurity of Semiconductor Equipment", Realizing Mutual Industry Benefits
TSMC is dedicated to fulfilling the commitments of its "Information Security Declaration". In response to the Company’s development toward smart manufacturing, TSMC has initiated and promoted the global security standard “Specification for Cybersecurity of Fab Equipment” (SEMI E187) to enhance the cybersecurity of the semiconductor supply chain. In 2023, it was included as a tool procurement specification and verification mechanism, and established to ensure that suppliers comply with the standard before the introduction of any new equipment. Additionally, to accelerate the integration and networking efficiency of the entire factory system, TSMC has collaborated with the Semiconductor Equipment and Materials International Organization (SEMI) to define the "Cybersecurity Reference Architecture for Semiconductor Manufacturing Environment". This was first released at the SEMICON Taiwan international semiconductor exhibition in September and will be launched online in October. The architecture optimizes the cybersecurity management of semiconductor fabs and ensures production quality.
In the face of global challenges to information security in the semiconductor industry, TSMC continues to collaborate with supply chain partners to strengthen defense and resilience, safeguarding the overall security of the industry chain.
By Utilizing the Power of Procurement Contracts and Implementing Semiconductor Equipment Cybersecurity Standards , Enhancing Factory Security and Production Efficiency
With the increasing use of intelligent technologies in semiconductor manufacturing processes, TSMC collaborated with SEMI to compile the “SEMI E187 Reference Practice” for implementing semiconductor equipment cybersecurity standards in 2022. TSMC aimed at assisting the supply chain in enhancing cybersecurity awareness and meeting security protection requirements. In 2023, this standard was officially included as one of TSMC’s procurement contract requirements to further enhance the security of semiconductor factory operations, and a verification mechanism was established to ensure compliance with the standards in four areas – computer operation system, network security, endpoint device protection, and security monitoring and information security auditing, before the introduction of new equipment. This year, SEMI also collaborated with the Administration for Digital Industries of Taiwan’s Ministry of Digital Affairs to assist semiconductor equipment manufacturers in adopting verification checklists. Among them, Gallant Precision Machining Co., Ltd and Contrel Technology Co., Ltd became the world's first suppliers to be verified by a third-party as meeting the semiconductor equipment cybersecurity standards, demonstrating the implementation of international cybersecurity standards.
In addition, intelligent production increases the interconnection of machines, processing systems, and plant facilities in the factory, and TSMC has collaborated with SEMI to develop an information network security architecture for semiconductor manufacturing environment in order to create high-tech factories with both production efficiency and cybersecurity defense, and to maintain the industry's competitive advantage.
Compliance with semiconductor equipment cybersecurity standards has become a competitive advantage in the industry, especially as more intelligent technologies are applied to the manufacturing process. In the future, these standards will be combined with key factors such as AI and energy efficiency to create even higher quality products and services in collaboration with TSMC.
Achieving compliance with the semiconductor equipment cybersecurity standard meets TSMC's cybersecurity standards and enhances the cybersecurity protection of the supply chain.
Highlights of TSMC's Cybersecurity Protection Actions
Expanding the Influence Scope of Cybersecurity Standards and Implementing Industry Cooperation for Mutual Benefit
TSMC has proposed SEMI E187 standard as the world's first cybersecurity standard for semiconductor equipment. In September 2023, Leon Chang, department manager of TSMC, who serves as the leader of SEMI Cybersecurity Standard Working Group, received the "2023 SEMI International Standards Excellence Award" in September 2023 for his significant contribution to the development and promotion of the first semiconductor cybersecurity standard in the world. Following TSMC's supplier cybersecurity evaluation methodology, the SEMI Cybersecurity Committee launched the “SEMI Semiconductor Cybersecurity Risk Rating Service” this year to assist companies in quickly identifying cybersecurity vulnerabilities and monitoring the effectiveness of their protective measures. It is expected that over 1,000 companies will adopt the service by the end of the year. Through continuous improvement in security management, TSMC, government agencies, SEMI, and industry partners are jointly building a robust cybersecurity ecosystem, creating a key competitive advantage for Taiwan's semiconductor industry on the global stage.
TSMC collaborated with SEMI to establish and enhance the semiconductor equipment cybersecurity standards. TSMC exerted its influence on the supply chain and practiced sustainable development for the common good. By achieving compliance with the semiconductor equipment cybersecurity standards, TSMC's cybersecurity level is enhanced, and the supply chain's cybersecurity defense is further improved.