Manufacturing Data Security Survey for IRDS FI Roadmap

Background and Security Questions

Background

The Factory Integration focus team within IRDS (Successor to the International Technology Roadmap for Semiconductors 2.0) is planning to upgrade its Security description to a sub-chapter. The goal is to better understand the needs, challenges and potential for Security in the microelectronics industry and its supply chain.

Your participation is greatly appreciated. If you provide your e-mail address at the end of this Survey, we can provide you with the consolidated results of the survey (with no participant names mentioned).

Question Title

* 1. Which of the following topics do you feel are the most important with respect to data and data system security in today’s microelectronics manufacturing ecosystem (choose top three priority topics and identify the order of your priorities)

	1st highest priority	2nd highest priority	3rd highest priority
Security measures to support data partitioning with IP protection to support cooperation between user, supplier, and/or OEM	Security measures to support data partitioning with IP protection to support cooperation between user, supplier, and/or OEM 1st highest priority	Security measures to support data partitioning with IP protection to support cooperation between user, supplier, and/or OEM 2nd highest priority	Security measures to support data partitioning with IP protection to support cooperation between user, supplier, and/or OEM 3rd highest priority
Security measures to support partitioning of IP between design and operation	Security measures to support partitioning of IP between design and operation 1st highest priority	Security measures to support partitioning of IP between design and operation 2nd highest priority	Security measures to support partitioning of IP between design and operation 3rd highest priority
Security measures to protect manufacturing IP from malicious and non-malicious exposure	Security measures to protect manufacturing IP from malicious and non-malicious exposure 1st highest priority	Security measures to protect manufacturing IP from malicious and non-malicious exposure 2nd highest priority	Security measures to protect manufacturing IP from malicious and non-malicious exposure 3rd highest priority
Security risk on firm/software update	Security risk on firm/software update 1st highest priority	Security risk on firm/software update 2nd highest priority	Security risk on firm/software update 3rd highest priority
Impact of deploying security counter measures on system performance (such as reduced performance, functionality or safety)	Impact of deploying security counter measures on system performance (such as reduced performance, functionality or safety) 1st highest priority	Impact of deploying security counter measures on system performance (such as reduced performance, functionality or safety) 2nd highest priority	Impact of deploying security counter measures on system performance (such as reduced performance, functionality or safety) 3rd highest priority
Security risk by authorized person with malicious intent, including active surveillance and attack (threft, corruption etc.)	Security risk by authorized person with malicious intent, including active surveillance and attack (threft, corruption etc.) 1st highest priority	Security risk by authorized person with malicious intent, including active surveillance and attack (threft, corruption etc.) 2nd highest priority	Security risk by authorized person with malicious intent, including active surveillance and attack (threft, corruption etc.) 3rd highest priority
Adoption of IT standards for identity and access management, (such as OAuth, SAML, LDAP), for human and non-human access, to facilitate single sign-on and central management on user accounts throughout Fab (including production equipment)	Adoption of IT standards for identity and access management, (such as OAuth, SAML, LDAP), for human and non-human access, to facilitate single sign-on and central management on user accounts throughout Fab (including production equipment) 1st highest priority	Adoption of IT standards for identity and access management, (such as OAuth, SAML, LDAP), for human and non-human access, to facilitate single sign-on and central management on user accounts throughout Fab (including production equipment) 2nd highest priority	Adoption of IT standards for identity and access management, (such as OAuth, SAML, LDAP), for human and non-human access, to facilitate single sign-on and central management on user accounts throughout Fab (including production equipment) 3rd highest priority
Implementing security measures to legacy production equipment and components	Implementing security measures to legacy production equipment and components 1st highest priority	Implementing security measures to legacy production equipment and components 2nd highest priority	Implementing security measures to legacy production equipment and components 3rd highest priority
Security measure to facilitate supply chain traceability with data integrity and security	Security measure to facilitate supply chain traceability with data integrity and security 1st highest priority	Security measure to facilitate supply chain traceability with data integrity and security 2nd highest priority	Security measure to facilitate supply chain traceability with data integrity and security 3rd highest priority

Other (please specify)

Question Title

* 2. What do you do today for the topic you identified in Q1? Do you reference or follow any standards? Do you use any commercial software?

	Following Standards	Using commercial software
For the 1st priority topic	For the 1st priority topic Following Standards	For the 1st priority topic Using commercial software
For the 2nd priority topic	For the 2nd priority topic Following Standards	For the 2nd priority topic Using commercial software
For the 3rd priority topic	For the 3rd priority topic Following Standards	For the 3rd priority topic Using commercial software

Doing other than following Standards or using commercial software(please specify)

Question Title

* 3. What is your level of success in addressing security issue today in relation to topics chosen in Q1?

	No success	Very limited success	Limited success	Modest success	Successful	Very successful
For the 1st priority topic	For the 1st priority topic No success	For the 1st priority topic Very limited success	For the 1st priority topic Limited success	For the 1st priority topic Modest success	For the 1st priority topic Successful	For the 1st priority topic Very successful
For the 2nd priority topic	For the 2nd priority topic No success	For the 2nd priority topic Very limited success	For the 2nd priority topic Limited success	For the 2nd priority topic Modest success	For the 2nd priority topic Successful	For the 2nd priority topic Very successful
For the 3rd priority topic	For the 3rd priority topic No success	For the 3rd priority topic Very limited success	For the 3rd priority topic Limited success	For the 3rd priority topic Modest success	For the 3rd priority topic Successful	For the 3rd priority topic Very successful

Question Title

* 4. Please quantify the risk in the topical area with no security?

	Very Low	Low	Medium	High	Very High
For the 1st priority topic	For the 1st priority topic Very Low	For the 1st priority topic Low	For the 1st priority topic Medium	For the 1st priority topic High	For the 1st priority topic Very High
For the 2nd priority topic	For the 2nd priority topic Very Low	For the 2nd priority topic Low	For the 2nd priority topic Medium	For the 2nd priority topic High	For the 2nd priority topic Very High
For the 3rd priority topic	For the 3rd priority topic Very Low	For the 3rd priority topic Low	For the 3rd priority topic Medium	For the 3rd priority topic High	For the 3rd priority topic Very High

Question Title

* 5. Please quantify the risk in the topical area with currently implemented security?

	Very Low	Low	Medium	High	Very High
For the 1st priority topic	For the 1st priority topic Very Low	For the 1st priority topic Low	For the 1st priority topic Medium	For the 1st priority topic High	For the 1st priority topic Very High
For the 2nd priority topic	For the 2nd priority topic Very Low	For the 2nd priority topic Low	For the 2nd priority topic Medium	For the 2nd priority topic High	For the 2nd priority topic Very High
For the 3rd priority topic	For the 3rd priority topic Very Low	For the 3rd priority topic Low	For the 3rd priority topic Medium	For the 3rd priority topic High	For the 3rd priority topic Very High

Question Title

* 6. What do you feel are the biggest gaps for each high priority topics chosen in Q1? What do you need or require?

For the 1st priority topic

For the 2nd priority topic

For the 3rd priority topic

Question Title

* 7. Are there gaps or opportunities with the high priority security topics chosen in Q1 specifically related to big data systems?

	Gaps	Opportunities	Both	Neither
For the 1st priority topic	For the 1st priority topic Gaps	For the 1st priority topic Opportunities	For the 1st priority topic Both	For the 1st priority topic Neither
For the 2nd priority topic	For the 2nd priority topic Gaps	For the 2nd priority topic Opportunities	For the 2nd priority topic Both	For the 2nd priority topic Neither
For the 3rd priority topic	For the 3rd priority topic Gaps	For the 3rd priority topic Opportunities	For the 3rd priority topic Both	For the 3rd priority topic Neither

Question Title

* 8. Are there any SW applications or capabilities that would be impacted by implementing security measures? (If so give brief example…)

What kind of SW applications or capabilities is likely to be impacted?

What types of security measures are likely to be high impact on SW applications'/capabilities' functionality or performance

Question Title

* 9. Which description would most accurately describe your company?

Microelectornic device manufacturer

Microelectornic device production equippment supplier

Software supplier

Security solution provider

Consultant

Academia

Other (please specify)

Question Title

* 10. Thank you for your cooperation!! Do you want a copy of the consolidated survey results?

If YES, please provide your e-mail address in the Box below