Zero-Trust Data Sharing Architectures Redefining Chip Manufacturing

Real-time security clearances are becoming increasingly common in the manufacturing of advanced-node semiconductors, where data sharing is both essential and a potential security threat.

Data security is a well-known issue in semiconductor manufacturing, but much of it is based on an outdated approach. In its place, zero-trust architectures [1] are now a requirement for new equipment and installations of data analytics platforms. Customers are demanding zero-trust to protect their sensitive data while selectively sharing it with partners. Nearly all experts view it as crucial for making real-time adjustments to processes to improve yield and reliability.

A zero-trust approach shifts IT security measures from static and network-based perimeters to dynamic, per-asset or per-resource perimeters. Zero-trust principles are utilized to design and implement industrial and enterprise infrastructure, as well as associated workflows. Unauthorized users are prevented from accessing data, while access for others is limited to just the data needed to perform a specific task or analysis.

Fig. 1: Perimeter-based security vs. asset-based security. Source: A. Meixner/Semiconductor Engineering

Zero trust architectures (ZTAs) are fast becoming a baseline requirement for any semiconductor data automation initiatives because they enable collaboration between multiple partners while preventing data leakage or theft. The partners can keep their data and algorithms completely separate, but still jointly address yield optimization, determine test pass/fail conditions, and maximize factory capacity with predictive maintenance.

“From our perspective, the main driver is that test and manufacturing data is now both mission-critical and highly shared,” said Aftkhar Aslam, CEO of yieldWerx. “Our platform routinely sits in the middle of fabs, OSATs, test houses, and end customers, so traditional perimeter security is no longer enough. We need to assume every connection, user, and system — whether inside or outside the factory network — must be authenticated, authorized, and continuously verified.”

Connectivity with verification drives adoption. “The data flow between the manufacturing environments and the individual pieces of equipment is becoming increasingly connected,” said Eli Roth, smart manufacturing product manager at Teradyne. “We see it at different maturity levels. But connectivity introduces risk. The semiconductor industry has an extremely risk-averse environment. A zero-trust architecture directly addresses the risk by implicitly assuming there is no trust. Every device, every user, every data stream must be verified.”

The risk rises as the number of collaborators grows. “The security industry is incredibly worried about risks due to third-party and fourth-party subcontractors,” said Howard Read, vice president of operations and information security at PDF Solutions. “According to industry sources [3,4], third-party incidents will make up at least 30% of all reported data breaches in 2025, and the rate is rising each year. We are getting many more questions about how we use subcontractors to provide specialized work and expertise, but remain secure not just for secure coding, but when providing specialized services like building orchestrations for our manufacturing hub product.”

The recognition of the need to balance security with collaboration affects new equipment offerings. Over the past few years, Teradyne and Advantest announced real-time analytics solutions that enable their customers to secure test data and proprietary algorithms for analyzing test data. Historically, data from fab equipment has been shared with OEMs for ramp-up and diagnostic purposes. Now, all advanced CMOS processes (<10nm) require collaboration between process engineers, material suppliers, and equipment vendors to maximize yield. This has driven zero-trust cloud-based analytics solutions.

What is zero trust?
Fundamentally, zero trust represents a shift from managing security surrounding a network on a “once-and-done basis” to managing security with every single access for each asset. Articulating zero-trust concepts has been in development for more than five years. And within a semiconductor factory setting, engineering teams continue to evolve their security approaches with zero trust at the forefront.

“There is definitely more awareness of the criticality of data security,” noted Jeffrey Alexander, Advantest cloud solutions director of business development at Advantest America. “Five years ago, there was a recognition of the importance of securitization of remote access (e.g., identity and access management, or IAM), which focused more on identity-aware access to tools and engineering software. [5] However, with the release of NIST SP 800-207 standard (Zero Trust Architecture), more vendors are paying attention to securing data pipelines during test. With our cloud-based platform, we have built into our solution authenticated APIs, certification-based identities for tools and data collectors, and policy-based routing of data into data lakes/AI platforms.”

Zero trust sounds like an oxymoron. After all, how can there be trust in sharing data or system access in a factory if you have zero trust? But the definition makes the intention clear, as defined by NIST SP 800-207:

“Zero trust provides a collection of concepts and ideas designed to minimize uncertainty in enforcing accurate, least privilege per-request access decisions in information systems and services in the face of a network viewed as compromised. Zero trust architecture is an enterprise’s cybersecurity plan that utilizes zero trust concepts and encompasses component relationships, workflow planning, and access policies. Therefore, a zero-trust enterprise is the network infrastructure (physical and virtual) and operational policies that are in place for an enterprise as a product of a zero-trust architecture plan.”

The objective of ZTA is to prevent unauthorized access to a ‘resource,’ whether that is data, compute resources, or IoT actuators, while simultaneously enforcing access control with sufficient granularity to still allow a user to perform a specific task. The access decisions are made when data crosses from an untrusted zone into a trusted zone, and are governed by policy per user.

Fig. 2: Zero Trust Access via Policy Decision Point and Policy Enforcement Point. Source NIST.SP.800-207 [1, p.14]

Access is based on “who,” and requires validation with every interaction. Commands and data are encrypted.

Today, the most likely attack in a factory comes from within, either a nefarious user or compromised equipment like a computer. Checking user credentials significantly reduces risk, and restricting access to specific data under well-defined circumstances limits the area impacted by a security breach, thereby protecting the larger connected system.

“Multi-level approval workflows ensure that data sharing follows a company’s data governance framework, supported by a configurable governance mode that is built to serve unique business needs,” said Adam Schafer, CEO of Athinia. “By ensuring that only authorized personnel have access to sensitive data, organizations can reduce the risk of data breaches. Continuous monitoring and dynamic access controls allow for quicker responses to potential threats, enhancing overall operational efficiency.”

Fig. 3: Customized access permissions to enable a secure data sharing system. Source: Athinia

Shifting to ZTA
Over the past half-decade, industry experts noted that they have an increasing number of partners, the amount of data from equipment and test program data is skyrocketing, and remote connections can span thousands of miles. But not everyone is approaching ZTA with the same sense of urgency.

“In our experience, front-end fabs have been the earliest and most mature adopters of zero-trust principles,” said yieldWerx’s Aslam. “They typically have very structured IT/OT programs, strong governance around IP, and more experience with segmented networks, strong identity, and policy-driven access to fab data lakes where data analytics systems reside. The latter is evident in the lack of, or little information access, that is typically provided to even the most powerful of equipment providers – especially in the areas of deposition and etch equipment.”

Migration has been slower with the remaining manufacturing processes. “Middle-end, advanced packaging and back-end test have been catching up, driven by the rise of multi-die and heterogeneous integration, which forces more data sharing between fabs, OSATs, test labs and system customers,” Aslam said. He added that automotive and high-reliability customers are pushing for end-to-end traceability and secure data exchange.

The shift to more remote access in fabs is another motivating factor for ZTA. Perimeter-based security approaches that protect a fab’s data, network, and equipment are no longer viable. Engineers who need access to equipment and process data may not physically reside on the same campus as the equipment.

“More and more fabs are adopting a remote, virtualized, or distributed campus structure that requires authorized tool owners or module owners to connect remotely and securely for monitoring production tools, modifying recipes or analyzing diagnostic data,” said PDF’s Read. “These ‘fab users’ are no longer located in the same building network, or even on the same campus network. A zero-trust architecture is desired by these fabs just for their ‘own’ users, in addition to ‘external’ users like an OEM (tool vendor).”

Adding to that is a growing reliance on real-time trusted test data. This requires access by both ATE vendors and data analytics vendors.

“As a provider of data analytics for our customers’ end product production test data, timely access to the complete suite of test data generated by ATE on the test floor is critical for performing root cause analysis of product yield, quality, or throughput issues,” said Guy Cortez, product marketing manager in Synopsys’ Digital Design Group. “However, the very nature of a zero-trust environment requires additional security protocols and processes. These could potentially lead to extended delays in delivering time-sensitive data analysis if the environment is not architected to allow rapid authentication of both the data and its recipients.”

To enable real-time decisions, ATE vendors are providing local compute sources within a ZTA.

“Our analytics platform enables data to stream on and off the tester,” said Teradyne’s Roth. “It also enables external users of the tester to give commands and drive actions in real-time. If you’re going to do an in-line inference in real-time within a single touchdown, you can utilize the edge compute for a couple of reasons. One, you need the computational power to run a machine learning model, which requires lots of memory and parallel-compute capability. Or you just might be really concerned about sensitive IP, e.g., your machine learning model. In addition, the data flowing in and out of that model is probably sensitive. In our system, passing the data back and forth from your test program to that model is completely encrypted. Customers provide their own key pairs. Nobody else has the key pair to have access to the data, e.g., Teradyne and OSATs.”

Fig. 4: ATE Zero-trust architecture with data streaming for both edge and cloud computing. Source: Teradyne

Such ATE and analytics configurations enable numerous security implementations.

“There are a variety of ways that we have seen our customers implement a zero-trust architecture solution in their factories, as well as at the OSATs and foundries that manufacture their products,” noted Advantest’s Alexander. “We have customers that employ data protection at the tester level (hardware/event logs, test program/limit change logs, pattern debug/failure logs, parametric logs). We have also had customers implementing encryption with robust key management. Secure generation, storage, distribution, and regular rotation of encryption keys have been used to maintain the overall security of their AI/ML models used in predictive analytics.”

Setting up secure multi-party collaboration
With the push to optimize yield, predict equipment maintenance, and meet product quality goals, the mantra continues to be, “collaboration across the ecosystem.” Potential partners include semiconductor design houses, factories, equipment vendors, and material suppliers. But each partner wants to guard proprietary data. ZTA permits only the necessary data.

“Zero trust principles address the trust and compliance barriers that currently limit data sharing,” said Athinia’s Schafer. “By enforcing strong identity, continuous authentication and authorization, immutable audit trails, and full chain‑of‑custody visibility, zero trust supports regulatory requirements and export controls while giving all parties verifiable assurance about who accessed what, when, and where. This verifiable accountability makes companies more willing to share the minimum necessary data in a standardized, repeatable way, replacing today’s ad‑hoc crisis‑driven sharing and unlocking more proactive, data‑driven manufacturing.”

Fig. 5: Zero-trust in a multi-layer, multi-party SaaS environment provides strong isolation. Source: Athinia

Such collaborative spaces enable cross-business engineering teams to effectively work together. Consider, for example, an etch process engineer working closely with a tool vendor and a slurry chemical supplier to optimize the etch recipe. With ZTA they can easily and securely share data regarding split conditions, test structure layout, chemical lot properties, and tool conditions and diagnostics.

Collaboration within a ZTA environment represents a clear value proposition — solving problems faster, whether they are ramp-related or excursion events. However, implementing ZTA within an actual factory setting is non-trivial. First, engineering teams need to navigate the security cultural shift from protecting a network to validating and authorizing every access request to individual resources. Next, migrating to ZTA often requires a restructuring of factory automation and data systems and their communication with other systems.

“Zero-trust in semiconductor manufacturing only works if it’s a team sport,” said yieldWerx’s Aslam. “For our deployments, the team includes customer IT/InfoSec, equipment and ATE vendors, MES, PLM, ERP and data-lake providers, systems integrators, and consulting partners. The most successful zero-trust projects we’ve seen are the ones where all these parties agree on a common reference architecture and shared vocabulary — identity, policy, segmentation, logs — so that our platform can plug in cleanly and consistently across front-end, middle-end and back-end operations. However, for a brownfield implementation, this is a mammoth undertaking. It impacts multiple layers of applications, data, security and more – folks that developed these apps are sometimes no longer with the company.”

“Even for greenfield implementations, most startups want to take a siloed approach for each app and data set. It takes a lot of persuasion to convince CIOs and CTOs that master data management needs to be taken into account from day one with appropriate data governance tools and data stewards in place,” said Aslam.

Challenges abound when considering ZTA implementation in existing factories due to both legacy equipment and the vast array of data automation standards and systems.

“Semiconductor fabs and test floors are heterogeneous environments, where there are multiple generations of ATE and fab tools,” said Advantest’s Alexander. “There are different automation standards (SEMI, SECS/GEM, EDA), as well as diverse MES, APC, and analytics systems. This necessitates collaboration between equipment vendors in such areas as zero-trust-compatible interfaces. Establishing common interfaces to support mutual transport layer security (TLS) [6], certificate rotation, and least-privilege data exposure to establish a framework for end-to-end data pipeline security are imperative as customers increasingly run AI/ML for yield and test analytics in the cloud.”

Auditing for ZTA can be arduous. “Today, there is no ‘auditable’ international standard for Zero Trust Architecture,” said PDF’s Read. “The closest are NIST SP 800-207 and CISA’s Zero Trust Maturity Model Version 2.0 [7]. Thus, implementing ZTA and/or verifying how a vendor’s solution helps achieve ZTA has historically required patience, diligence, significant security, and networking and governance knowledge to verify that a specific vendor’s solution fits into the fab or OSAT risk-reduction strategy and ZTA approach. And even for a very sophisticated information and network security team, choosing to give up ‘perimeter security’ is stress-filled. Each vendor comes with its own approach, and there is no independent third-party audit that guarantees all ZTA principles are operating effectively.”

Read suggests their customers turn to the following simplifications and improvements to effectively navigate factory system and data automation transformations:

1. Rely on independent third-party accredited bodies and certifications to international standards like ISO 27001 or the AICPA SOC 2 Type 2 controls assessment. Many ISO 27001 controls overlap directly with ZTA principles.
2. Do not create a new solution for each new remote connection.
3. Enable multi-party collaboration methods that meet precise specifications for data access and data obfuscation.
4. Change from generic security questionnaires to application-specific risk questions, as offered by SEMI’s Standardized Semiconductor Cyber Assessment Questionnaire. [8]
5. Consider agentic access via API or MCP servers and the implications that come with such access.

Challenges also exist at the module level, such as implementing a ZTA ATE solution on the factory floor to enable developers. With ZTA-built systems, it’s not possible to validate an algorithm on an air-gapped system.

“Development and debug can be a challenge with zero trust security,” said Teradyne’s Roth. “To address this, we’ve developed tools that enable customers to design and debug more easily, including a virtual version of the UltraEdge where security constraints can be reduced. However, the physical hardware could never deploy to a production floor without zero-trust security.”

Conclusion
Over the past decade, the semiconductor industry has recognized the urgent need to share data among partners, but different players were unsure how to do so without risking IP exposure. Initially, having all the data ported to a centralized cloud-based platform seemed to address the situation, but this has proven increasingly impractical due to the need for real-time decisions on the factory floor.

Data can only be shared on a need-to-know basis. “Zero‑trust architecture is motivated by the need to protect extremely valuable IP while still enabling broad, multi‑party collaboration across fabs, fabless companies, OSATs, EDA vendors, and equipment suppliers,” said Athinia’s Schafer. “Because data flows across many organizations, sites, and clouds, traditional perimeter security (i.e., inside the firewall is safe) no longer works. Zero trust enables ‘use but can’t see’ data models, least‑privilege access to just enough data, and strong isolation between tenants, tools, and partners, which reduces the blast radius if any node or site is compromised. This is essential to safely run advanced analytics such as yield diagnosis, predictive maintenance, and in‑situ test optimization on distributed and often untrusted infrastructure.”

References:

1. https://en.wikipedia.org/wiki/Zero_trust_architecture
2. NIST SP 800-207 standard, https://www.nist.gov/publications/zero-trust-architecture
3. https://securityscorecard.com/wp-content/uploads/2024/02/Global-Third-Party-Cybersecurity-Breaches-Final-1.pdf
4. https://www.theregister.com/2025/04/24/security_snafus_third_parties/
5. https://en.wikipedia.org/wiki/Identity_and_access_management
6. https://en.wikipedia.org/wiki/Transport_Layer_Security
7. CSIA Zero Trust Maturity Model Version 2.0 https://www.cisa.gov/sites/default/files/2023-04/CISA_Zero_Trust_Maturity_Model_Version_2_508c.pdf
8. https://www.semi.org/en/industry-groups/semiconductor-cybersecurity/ssca

Related Reading
Sharing Secure Chip Data For Analytics
Security practices are evolving to meet sharing data across siloed engineering teams, but they still have a long way to go.
IC Test And Quality Requirements Drive New Collaboration
Tight integration of test equipment, monitors, and analytics are beyond the scope of one company, accelerating data sharing and the breakdown of silos.