NIST IR 8546 (Initial Public Draft)

Cybersecurity Framework Version 2.0 Semiconductor Manufacturing Profile

Date Published: February 27, 2025
Comments Due: April 14, 2025
Email Comments to: semiconductor-manufacturing-profile@nist.gov

Author(s)

Jennifer Lynn (IBM), Wilko Baks (ASML), Daniel Pletea (ASML), Rajesh Potturi (Applied Materials), Jared Buckley (Texas Instruments), R. Craft (MITRE), Albert Fuchigami (PEER Group), Donato Kava (Advanced Energy Industries), Brian Korn (Intel), Supika Mashiro (Tokyo Electron Limited), Jim Montgomery (TxOne Networks), Karen Scarfone (Scarfone Cybersecurity), Michael Tanori (Intel), Michael Thompson (MITRE), Alexander Nelson (NIST), Sanjay (Jay) Rekhi (NIST), Nakia Grayson (NIST)

Announcement

This draft CSF 2.0 Profile provides a voluntary, risk-based approach for managing cybersecurity activities and reducing cybersecurity risk to semiconductor manufacturing. The semiconductor manufacturing environment is a complex ecosystem of device makers, equipment OEMs, suppliers and solution providers. This Profile focuses on desired cybersecurity outcomes and can be used as a guideline to improve the current cybersecurity posture of the semiconductor manufacturing ecosystem.

The NCCoE is planning a virtual workshop on Thursday, March 13, 2025, to provide an overview of the draft NIST Internal Report (IR) 8546, Cybersecurity Framework 2.0 Semiconductor Manufacturing Community Profile, gather feedback on the Profile, identify additional resources to support the adoption of the profile, and share next steps.   

To stay informed about this work and receive project updates, join the NCCoE Semiconductor Manufacturing Community of Interest (COI).

Email us at semiconductor-manufacturing-profile@nist.gov

Questions about SEMI and SMCC should be directed to cybersecurity@semi.org.

NOTE: A call for patent claims is included in the front matter of this draft. For additional information, see the Information Technology Laboratory (ITL) Patent Policy  Inclusion of Patents in ITL Publications.

Abstract

Keywords

Cybersecurity; Cybersecurity Framework (CSF); manufacturing; risk management; semiconductor; semiconductor development; semiconductor manufacturing
Control Families

None selected

Documentation

Publication:
https://doi.org/10.6028/NIST.IR.8546.ipd
Download URL

Supplemental Material:
Project homepage

Document History:
02/27/25: IR 8546 (Draft)