Fab Security

Abstract

It is very common to encounter the topic of security while running day-to-day operations of a fabrication facility (Fab. Recently, this topic came up because of a request for information posted on an e-mail based community bulletin board. Other occasions involve general awareness resulting from something in the news, scouting or starting a new project, sponsor/customer inquiries, reaction to a specific local situation, and, most importantly, audits evaluating the compliance with federal, state and local regulations. Independent of its origin, the so called Fab Security Plan tends to be a patchwork of rules and requirements because of the poor understanding of its importance, resource limitations, conflicting program requirements, dynamic local situations, and inability to anticipate future needs. Usually, finalizing and documenting one's security posture turns out to be a challenging task. But it is critical for every fab to have a functional security plan. Giving numerous examples of practical situations, this presentation will discuss development of a security posture. The list of topics that would be emphasized includes but is not limited to: (1) Understanding the importance of the security posture, (2) Devil in the detail: analyzing security situations, (3) Understanding the law, rules, policies, and requirements, (4) Knowing customer needs: current and anticipated, (5) Knowing your business, (6) Knowing existing commitments, (7) Flushing out local environment, (8) Flushing out stake holder requirements, (9) Know what you can afford, (10) Comprehensiveness within limits, (11) Developing security procedures, (12) Reconciling with safety & environmental codes, and other local policies, (14) Iterative reviews, approvals, (15) Trial implementations, roto-rooting, and revisions, (16) Finalizing, adoption, and acceptance, (17) Training, briefing, debriefing, reporting, corrective actions and recourses for violations, and appeals, (15) Dos, don'ts and common mistakes, (14) Understanding that practical situations have a lot of gray but security postures tend to be black and white for a reason. Balancing gray with black & white requires a bottom up approach combined with a lot of training. Security plan is a live document but should not be subject to rapid change or perpetual tweaking. About the Author: Dr. Pramod C Karulkar has held engineering, program management and senior management positions in micro-nano programs involving R&D and custom manufacturing that have successfully produced cutting edge, high performance components/systems for field applications. He has been a major contributor to establishing, expanding, equipping, bringing on line, and qualifying fab facilities for deliverable products. His contributions to R&D, engineering, and fab management work have been commended by customers. Addressing fab security successfully has played a key role in the success of his projects in government contract environment. Dr. Karulkar received Ph.D. from University of Wisconsin Madison and has held positions at MIT Lincoln Laboratory, Microelectronics Research Lab in Columbia Maryland, Rockwell International, Hughes Aircraft Company, and University of Alaska.