Loading
CASE STUDY | Cybersecurity
Recent ActivityRecent Activity
3 minute read

Enabling End-to-End OT Visibility for Semiconductor Manufacturer

Minimizing cybersecurity risk with continuous threat detection software and robust OT risk knowledge.
Threat detection computer virus system error

Challenge

  • Semiconductor manufacturer did not have visibility across its OT network, causing massive losses in a 2018 cyberattack incident
  • Manual investigation would take days, sometimes weeks, to identify the root cause of any abnormal condition identified in semiconductor fabrication plants
  • Organization was vulnerable to cybercrime as there was a knowledge gap between the OT and IT teams, making it difficult to identify the gaps in cybersecurity

Solution

  • Enable continuous monitoring and threat detection for round the clock security
  • Data transparency of fab operations shortens investigation of abnormalities from days to minutes
  • Team with in-depth knowledge in OT and IT provides consult to the organization, strengthening overall cybersecurity practices

Result

  • 13 OT networks fully online, organization to complete migration of fabs in the next 2 years
  • Powerful software capabilities by Claroty in partnership with Rockwell Automation’s domain expertise enables seamless crossover between IT and OT for the long run
  • Access to ongoing expert advice from experienced consultant for 5 years

Challenge

Building a secure fab ecosystem

As an essential component of electronic devices, the semiconductor industry supports much of the global economy. From research, design, to manufacturing, semiconductor fabrication plants (commonly known as fabs) need to be fully operational around the clock so that products are delivered on time. However, as technology progresses, cybercrime has become increasingly prevalent across Operational Technology (OT) systems, disrupting production lines.

In 2018, a global semiconductor company faced a cyberattack on its OT network, causing millions of dollars of losses in a single day. This prompted the organization to start looking into a cybersecurity managed services solution that had both Information Technology (IT) and OT expertise, to oversee its end-to-end process with more visibility and transparency.

The company then started an evaluation process, where it found Rockwell Automation to be most suited to deliver to its needs. “Upon running a proof-of-concept, we found Rockwell Automation to be the solution of choice because of their experience and familiarity with our architecture,” shares a representative from the company. “The team was able to point out the possible loopholes in our OT network and had a deep understanding of both OT and IT security.” 

Solution

Quick threat detection around the clock

With the Continuous Threat Detection solution, Rockwell Automation is able to gather and create a copy of the different ports and packages coming through the OT network daily, before dissecting it to see if there are any malicious messages hidden within it. If an abnormality is detected, the system would send a signal to the operators for monitoring. The network behavior is continuously monitored to understand a normal condition baseline, so that the system can detect any exceptional behavior, and send out an alert for closer monitoring. This is done passively, so that it doesn’t interfere with the production line.

“We have a large installed base in this company, with over half of our control system being from Rockwell Automation,” explains Yen Kai Huang, Solution Consultant at Rockwell Automation. “This gives us a lot of familiarity with their architecture to quickly identify and pinpoint the source of any unusual activities.”

Beyond the technical expertise, the Rockwell Automation team is also able to provide the right advice with their deep knowledge and insights. Partnering with Claroty, a cybersecurity software company focusing on the extended Internet of Things (XIoT), Rockwell Automation was able to integrate the company’s OT and IT systems for the highest level of cybersecurity across its entire network. 

Result

Now, the semiconductor company has 13 fabs fully online, with a goal of migrating more of its fabs in the next two years. 

“Rockwell Automation’s deep expertise in the domain, together with their strong partnership with Claroty for added capabilities, has enabled us to provide quality consultation that intersects between IT and OT seamlessly,” says a representative from the semiconductor company.

After the migration, Rockwell Automation also provides a complete tuning for each fab.

With a total of 160 consultancy hours per fab allocated over the next five years, there are plans to run a review session with the management at the company to further address any potential loopholes. “We plan to review what we discovered and give them the full insight on what is happening in their fabs, before discussing possible next steps into further safeguarding their ecosystem,” says Nelly Wu, Vertical Account Manager at Rockwell Automation.

Published November 1, 2023

Subscribe to Rockwell Automation

Receive the latest news, thought leadership and information directly to your inbox.

Subscribe Now
Recommended for You
Loading