Date Published: February 27, 2025
Comments Due:
Email Comments to:
Author(s)
Jennifer Lynn (IBM), Wilko Baks (ASML), Daniel Pletea (ASML), Rajesh Potturi (Applied Materials), Jared Buckley (Texas Instruments), R. Craft (MITRE), Albert Fuchigami (PEER Group), Donato Kava (Advanced Energy Industries), Brian Korn (Intel), Supika Mashiro (Tokyo Electron Limited), Jim Montgomery (TxOne Networks), Karen Scarfone (Scarfone Cybersecurity), Michael Tanori (Intel), Michael Thompson (MITRE), Alexander Nelson (NIST), Sanjay (Jay) Rekhi (NIST), Nakia Grayson (NIST)
Announcement
This draft CSF 2.0 Profile provides a voluntary, risk-based approach for managing cybersecurity activities and reducing cybersecurity risk to semiconductor manufacturing. The semiconductor manufacturing environment is a complex ecosystem of device makers, equipment OEMs, suppliers and solution providers. This Profile focuses on desired cybersecurity outcomes and can be used as a guideline to improve the current cybersecurity posture of the semiconductor manufacturing ecosystem.
The NCCoE is planning a virtual workshop on Thursday, March 13, 2025, to provide an overview of the draft NIST Internal Report (IR) 8546, Cybersecurity Framework 2.0 Semiconductor Manufacturing Community Profile, gather feedback on the Profile, identify additional resources to support the adoption of the profile, and share next steps.
To stay informed about this work and receive project updates, join the NCCoE Semiconductor Manufacturing Community of Interest (COI).
Email us at semiconductor-manufacturing-profile@nist.gov.
Questions about SEMI and SMCC should be directed to cybersecurity@semi.org.
NOTE: A call for patent claims is included in the front matter of this draft. For additional information, see the Information Technology Laboratory (ITL) Patent Policy – Inclusion of Patents in ITL Publications.
This document defines a Cybersecurity Framework (CSF) 2.0 Community Profile with a voluntary, risk-based approach to managing cybersecurity activities and reducing cyber risks for semiconductor development and manufacturing. Collaboratively developed in support of the National Cybersecurity Implementation Plan Version 2, the Semiconductor Manufacturing Profile can be used as a roadmap for reducing cybersecurity risks for semiconductor manufacturers in alignment with sector goals and industry best practices. It is built on top of the Manufacturing Profile documented in NIST IR 8183, Revision 1. The Profile is meant to enhance but not replace current cybersecurity standards and industry guidelines that the manufacturer is embracing.
This document defines a Cybersecurity Framework (CSF) 2.0 Community Profile with a voluntary, risk-based approach to managing cybersecurity activities and reducing cyber risks for semiconductor development and manufacturing. Collaboratively developed in support of the National Cybersecurity...
See full abstract
This document defines a Cybersecurity Framework (CSF) 2.0 Community Profile with a voluntary, risk-based approach to managing cybersecurity activities and reducing cyber risks for semiconductor development and manufacturing. Collaboratively developed in support of the National Cybersecurity Implementation Plan Version 2, the Semiconductor Manufacturing Profile can be used as a roadmap for reducing cybersecurity risks for semiconductor manufacturers in alignment with sector goals and industry best practices. It is built on top of the Manufacturing Profile documented in NIST IR 8183, Revision 1. The Profile is meant to enhance but not replace current cybersecurity standards and industry guidelines that the manufacturer is embracing.
Hide full abstract
Keywords
Cybersecurity; Cybersecurity Framework (CSF); manufacturing; risk management; semiconductor; semiconductor development; semiconductor manufacturing
Control Families
None selected
