SEMI E188

Specification for Malware Free Equipment Integration

This standard provides security requirements to ensure equipment integrity and prevent the introduction and spreading of malware during equipment integration and service actions within semiconductor fabs. It focuses on any computing devices, such as IPCs, PLCs and controllers. Manufacturing executing systems (MES), Material control systems (MCS) and fab host systems are excluded from the specifications in SEMI E188. 

It propagates guidelines for malware scans, computer system hardening (e.g. documenting all ports and closing unused connections, SCAP scans), network security as well as vulnerabilities management and appropriate access control are part of this standard. 

As compliance can only be declared for the complete system, the machine builder is responsible for the declaration. We as Kontron AIS support our customers thoroughly with consulting including requirement evaluation, secure software as well as prepared documentation and reports to make their way to compliance short and comfortable.