By David Lammers

As semiconductor manufacturing moves into a “cyber-physical” era of smart manufacturing, providing data security in shared data environments such as cloud-based computing is proving to be an ongoing challenge.

Semiconductor manufacturers of all shapes and sizes face a similar dilemma: how to quickly solve problems and shorten time to market while climbing the yield curve faster than rivals. To do that, teams of people with a variety of skills must collaborate on problem solving, ensuring that costly assets are up and running. Collaborating with suppliers in the cloud seems to be a cost-effective solution, providing that sensitive data and associated intellectual property (IP) are protected from hackers, competitors, or even suppliers who are providing solutions for multiple customers.

At the Advanced Process Control (APC) Conference held in San Antonio, Texas, in late October 2019, technologists and managers grappled with the challenge of providing security for IP and streams of tool data that must be filtered and analyzed (figure 1).

Figure 1. Smart manufacturing integrates human expertise with advanced analytics applications, digital twins, the supply chain, and cloud computing. (Source: James Moyne, Applied Materials)

James Moyne, an associate professor at the University of Michigan and a consultant to the Advanced Services Group at Applied Global Services (AGS), said using the cloud for remote data analysis is “most useful, especially during the early offline solution development, when collaboration with suppliers is essential. But we make the cloud seem like such a mysterious thing, when really it is just a place with a lot of memory and computing power.”

A survey conducted at the APC meeting showed that relatively few companies are currently using the cloud for manufacturing, even though several speakers asserted that major cloud vendors can provide better security than many device makers (especially smaller ones) can with in-house data security capabilities. Part of the problem is in the definition of "security." While cloud vendors are providing solutions for data encryption and hacker security, the actual concern is with data partitioning and IP security.

Data Sharing Risks

"The reality is that the internal security that companies have is often not better than the security in the cloud, where they have the scripts, the people, and the experience to know when data is vulnerable to attack," Suerich said, describing the security experts at AWS and Microsoft’s Azure as "the Green Berets of data security."

While costs for cloud services can be attractive, those companies are searching for profits as well. Suerich said commercial cloud vendors can spread out the costs of electricity, the expense of upgrading server CPUs to gain 10% in performance, and other costs. "The cloud vendors have lower costs, higher security, and scalability. If HPC [high performance computing] is needed, the customer can buy it."

Others pointed out that over the long term, large companies may be able to match the commercial cloud vendors on cost and feel more secure by keeping data closely held in corporate-controlled data centers.

Some end-customers demand that data be stored for long periods, particularly if they sell to the automotive and other reliability critical markets. For others, the main goal is to quickly filter and analyze streams of data. Suerich said that "instead of a database, some companies want to be able to act on data as it streams through on and on." Cloud vendors have tools that can convert the variety of types of data coming from fab tools into forms that can be analyzed quickly (figure 2).

Figure 2. Fault detection and classification (FDC) and predictive techniques such as predictive scheduling and maintenance will be key components of smart manufacturing. (Source: J. Moyne and S. Banna, Applied Materials, APC Conference, October 2019)

"Every tool generates different sets of data, often in different formats. The cloud vendors have the tools to filter this data within the cloud, putting it into a standard format. They have experts who say, "I’m here to help you," Suerich said.

Data Security For the Back End

Pierson said one challenge with using the cloud for online operations is data latency, which can cause many companies to do those time-critical analyses—which raise immediate alarms when a fault is detected—on in-house data management resources. Moyne said his research group at the University of Michigan has managed to get cloud analysis roundtrip latencies down to the 1-second range for certain applications, which he called "pseudo realtime" control.

Christopher Reeves, the global product manager for AGS’s SmartFactory™ control and productivity software technology, presented work done in collaboration with Pierson’s group at Kx Systems (figure 3). After an evaluation process, Reeves said Applied Materials determined that the Kx time-series database, called kdb+, was best structured to handle time-series data analysis with "much higher query speeds."

Figure 3. A relatively small fab with 30,000 wafer starts per month can generate a petabyte of data annually. And the total amount of data triples with each node. (Source: VLSI Research and Applied Materials)

Semi Standards Needed

Moyne and several other speakers at the APC meeting said the semiconductor industry needs to develop SEMI data security standards. One goal is to delineate different levels of security access and classifications of data, sorting out the most sensitive recipe data from other types of information (figure 4). One approach, Moyne said, would be to identify, for example, the Level 0 access for data requiring the tightest restrictions. Level 3 access might be used for data that could go in the cloud. Semiconductor manufacturers and their suppliers could engage in “an interactive process” to identify the levels of access and classify data-types, such as tool log versus recipe data.

Figure 4. Data is generated in many ways—from sensors on tools, the subfab, the environment, and other sources. Getting all the data required, in the correct format, is a challenge for smart manufacturing. (Source: C. Reeves, Applied Materials; APC 2019 Conference)

Suerich said that classifying data can be "very tedious and prone to error. This is where SEMI standards could help us with the language. We need a combination of content and context, where the subfab could be the context, for example."

The APC meeting participants also discussed methods of encryption, data translation, and other security-related topics such as how to "normalize" data so that the exact values are not revealed, but the context and data relationships are maintained.

A particular challenge is that engineers who understand semiconductor manufacturing and process control usually do not also have expertise in security and data protection. Bill Montgomery, a process engineer at Northrop Grumman (Baltimore, Maryland), said that "we need a team of people because no one can understand everything" about such an interdisciplinary problem as data security.