Ensuring Your Semiconductor Test Equipment Is Protected From Rising Cybersecurity Threats

Cybersecurity threats pose risks to your business every day and can attack every aspect of your operation, and these threats are only increasing. According to IBM Security’s Cost of a Data Breach Report, in 2021, the average total cost of a data breach increased by nearly 10% year over year, from $3.86M to $4.24M – the largest single year cost increase in the last seven years.

Source: IBM Security: Cost of a Data Breach Report 2021

These cybersecurity breaches can have devastating short-term and long-term effects on a business. According to Comparitech:

• A ransomware attack was executed on the Colonial Pipeline by a Russian hacking group known as DarkSide, forcing them to shut down their pipeline system, and requiring the Department of Energy to assist with moving fuel supplies to mitigate the impact on consumers.
• Chemical distribution company Brenntag paid a $4.4 million ransom in Bitcoin to DarkSide to receive a decryptor for encrypted files and prevent the public release of stolen data.
• Acer was attacked by the REvil ransomware group, which demanded a $50 million ransom.
• The meat supplier JBSUSA paid an $11 million ransom in response to a cyberattack that led to the shutdown of its entire US beef processing operation.

As ransomware attacks have become more profitable, they are increasingly sophisticated, capable of silently spreading, avoiding detection, encrypting data, and becoming nearly impossible to reverse engineer. Companies are realizing the importance of protecting their systems and data and are making it a priority when making business decisions.

In fact, in a June 21, 2022 press release, Gartner unveiled its top eight cybersecurity predictions for 2022-23, saying, “By 2025, 60% of organizations will use cybersecurity risk as a significant determinant for selecting business engagements.”

The standards are evolving

SEMI, the global industry association serving the product design and manufacturing chain for the electronics industry, recently published SEMI standards for cybersecurity. SEMI 6506 is a specification for the cybersecurity of fab equipment and SEMI 6566 is a specification for malware-free equipment integration.

Security requirements are specified in SEMI 6506 for four major components of fab equipment including:

• Computer operating system security
  • Mainstream support: the operating system vendor provides security updates for any vulnerabilities that emerge, adds new features, releases design changes, and supports warranty claims. It is also called full support.
  • Extended support: the operating system vendor stops adding new features and terminates complimentary support but still provides vulnerability fixes and patches. It is also called maintenance support.
• Network security: there are a number of different approaches to hardening a system and its network to reduce the attack surfaces for malware. This can include, but is not limited to, configuring the system and its network to avoid common pitfalls, turning off unnecessary functionality, and ensuring issues identified by the equipment supplier have been addressed with patches.
• Endpoint security: an endpoint is a computing device among the fab equipment that connects to a network and communicates within the network. Endpoint protection is a solution deployed on endpoint devices to prevent file-based malware attacks, detect malicious activity, and provide the investigation and remediation capabilities needed to respond to dynamic security incidents and alerts.
• Security monitoring: aids in troubleshooting when an issue occurs by providing information about which users were working within the system during that time period. This capability also helps expose any misconfigurations or other potential threats introduced in the fab equipment.

SEMI 6566 is a specification for malware-free equipment integration. This standard defines the protection of systems and processes to ensure the integrity of production equipment, specifically defining the requirements for:

• Controlling access to production equipment via networks and removable media
• Production equipment installation
• Production equipment upgrade and support tasks
• Production equipment restoration, such as HDD or computer component replacement

As the world becomes more and more connected, and ransomware attacks become more prevalent, Teradyne understands and is committed to implementing these standards, as well as a number of other cybersecurity measures to ensure our customers are protected. Our comprehensive cybersecurity program for our semiconductor test products ensures that we are doing everything in our power to eliminate the possibility of a cybersecurity attack by anticipating possible threats and proactively developing solutions to ensure issues are quickly mitigated should they occur.

Teradyne’s cybersecurity program enables customers to protect their Teradyne semiconductor testers and assess vulnerabilities built upon three foundational pillars that comply with the published SEMI standards.

• Process and tools for vulnerability assessment and management.
• Standards for secure product and solution definition, development, manufacturing, and support.
• Secure design principles and coding practices implemented across product development.

Cybersecurity built into product design process

With every shipment of Teradyne semiconductor test products, you can be sure that the product you’re receiving has been thoroughly tested and hardened before it arrives at your facility.

Anti-virus scanning: Teradyne provides a certificate in the process documentation confirming that every computer that ships with a semiconductor tester has been scanned using anti-virus software.

Image hardening prior to product shipment: The National Institute of Standards and Technology (NIST) at the U.S. Department of Commerce defines image hardening as “a process intended to eliminate a means of attack by patching vulnerabilities and turning off non-essential services.”

Teradyne’s semiconductor testers work within our customers’ ecosystem, and we focus on two types of system hardening.

The imaging work performed prior to product shipping to our customers creates a benchmark that enables a Security Content Automation Protocol (SCAP) scan. SCAP scans compare the system scanned against a baseline to find compliance or non-compliance of a system. The SCAP scans and all of our cybersecurity protection measures comply with the recently published SEMI standards.

You can be confident that every Teradyne semiconductor system, whether it’s the J750Ex-HD, UltraFLEX, UltraFLEXplus, ETS-88, or ETS800 has gone through Teradyne’s cybersecurity processes to ensure known vulnerabilities have been mitigated.

Cybersecurity continues to evolve

Teradyne’s cybersecurity program is continuously evolving to include best practices in the event of a security incident, which can originate from many different sources. We have processes in place and a cross functional team of experts that will react promptly to identify, contain, and remediate risk in the event of a cybersecurity incident.

Our incident management response process includes these defined steps.

• Escalation: process to communicate relevant information to stakeholders, including the customer, in a timely and effective manner.
• Investigation: root cause analysis, solution design, and implementation.
• Resolution: verification and validation of the solution.
• Prevention: incident tracking and building of a knowledgebase to improve the integrity of the product.
• Customer communication: organized plan including initial response, containment, report completion, and closure.

This process enables Teradyne to quickly respond to and resolve cybersecurity issues should they arise.

SEMI summed up cybersecurity in this way: “The nature of semi manufacturing supply chains requires standards for mitigating potential threats. By preventing the introduction of external threats into the manufacturing ecosystem, device manufacturers and equipment suppliers will benefit from clear mutual expectations and improved equipment reliability and uptime.”

By implementing a comprehensive cybersecurity strategy for our semiconductor test products, Teradyne is proactively working to mitigate risk, and should an issue occur, a comprehensive security incident response process is in place to quickly identify, contain, and remediate the issue. As an industry leader in developing test solutions for emerging technologies, Teradyne is committed to ensuring the semiconductor manufacturing process is optimized for our customers and cybersecurity issues are proactively addressed should an issue arise.