Speaker

Cybersecurity in Semiconductor Industry – Taking Actions with Cyber Resilience Act and SEMI E191

Cybersecurity is an ongoing and ever developing topic. To meet the need for unified actions and guidelines, further standards and laws have been released. We will give an overview on the standards and regulations with specific examples.

The Cyber Resilience Act (CRA) has been released by the European Union and must be cooperated in national laws. From SBOM over security-by-design to security measures throughout the entire life cycle, we give an overview on actions to be taken and requirements to meet, incorporating insights from ongoing harmonization work by the Semiconductor Manufacturing Cybersecurity Consortium (SMCC).

After SEMI E187 and SEMI E188, the third standard SEMI E191 now gives clear instructions to software companies, enabling fabs to gain an overview fast on potential risks posed by the currently applied operating systems (OS) and their installed security patch versions on every individual computing device in production. This enables fabs to take fast and targeted actions.