SEMI International Standards
Standards New Activity Report Form (SNARF)
Date Prepared: 07/12/2022Revised (if Applicable):

Document Number: 6946
SNARF for: Line Item Revision to SEMI E132, Specification For Equipment Client Authentication and Authorization and SEMI E132.2, Specification for Protocol Buffers for Equipment Client Authentication and Authorization (ECA)

Originating Global Technical Committee: Information & Control
Originating TC Chapter: North America
Task Force (TF) in which work is to be carried out: Diagnostic Data Acquisition Task Force NA
Note: If a new task force is needed, also submit a task force organization form (TFOF)

___________________________________________________________________________
1. Rationale:
a. Describe the need or problem addressed by this activity.
(Indicate the customer, what benefits they will receive, and if possible, quantify the impact on the return on investment [ROI] if the Document is implemented.)
SEMI E132 defines client authentication and authorization. As implementers work on solutions using gRPC and Protocol Buffers technology to support EDA Freeze 3 standards being developed by the DDA Task Force, some new requirements and gaps are identified.

This Line Item Revision is to address these issues and clarify things to help the reader.

SEMI E132.2 is updated in the same Line Item Revision to ensure consistency between the two standards.



b. Estimate effect on industry.
2: Major effect on an industry sector - identify the relevant sector
Sector or Company Information: Anyone implementing EDA

c. Estimate technical difficulty of the activity.
II: Some Difficulty - Disagreements on known requirements exist but developing consensus is possible

___________________________________________________________________________
2. Scope:
a: Describe the technical areas to be covered or addressed by this Document development activity. For Subordinate Standards, list common concepts or criteria that the Subordinate Standard inherits from the Primary Standard, as well as differences from the Primary Standard:
As part of the work on this Line Item Revision, the task force will investigate:

SEMI E132
o Evaluate the usage of the term ‘session’ in Client Session and Consumer Session
o Rework Section 11 describing the parent-child relationship with EDA Application.

Address TF Member feedback, including, but not limited to:
o Rework session and authenticated session definition to avoid circular references.
o Correct mistakes from previous ballots. (for example, address words were supposed to be removed)
o Be consistent with terminology (collection vs list)
o Typical E132 error results are defined as text, but E132.1 and E132.2 map them specific constructs. Is this a problem?

Add support for different security scenarios. For example,
o Rework ACL Passwords to incorporate a token aspect (one-time piece of information) to better protect access to the Equipment Server.
o Investigate if there is a need to send plaintext ACL passwords when changing ACL Passwords or adding new ACL Entries. This could be required to support implementations that want to store the plaintext ACL passwords in the Equipment Server.
o Clarify configuration to specify secure communication usage. This may include expanding to two configuration settings and specify that only secure communications are allowed. (i.e. not secure communications are not permitted)
o Consider if additional notification messages need to be defined (for example, when security configuration on the Equipment Server changes)

Investigate modifying the ChangeSessionEndpoint() operation from being a synchronous operation to one where the ChangeSessionEndpoint() operation initiates the process and a new notification message indicates the success or failure of changing to the new endpoint. With the current definition, there can be ambiguity on what to do if the streaming gRPC method for the new endpoint is never made by the EDA application.

Review how to handle when EstablishSession() operation is supposed to have the Equipment Server open a connection to the Consumer Session but is not able to. This includes, but is not limited to:
o Investigate considering the errors that trigger the “Could not connect to specified endpoint” error into the “specified endpoint is invalid”


SEMI E132.2
Synchronize with changes in the primary standard, including but not limited to:
o Use the term ‘entity’ instead of ‘session’ with Client Session and Consumer Session
o Support for new ways to handle ACL Passwords and ChangeSessionEndpoint() operation.
o Required configuration to specify if secure communications are allowed.
o New notification messages

Address TF Member feedback, including, but not limited to:
o Fix spelling and errors in .proto file comments.
o In Table 6, clarify what UnrecognizedSessionError represents (E179 ErrorType protobuf message with Source, Code, Description and Extension information). Same with other error objects in Table 7 and 8.
o Consider if PBKDF2 hash function input parameters be reported through the GetEquipmentInformation() operation.
o Clarify the suggestion to salt ACL Passwords a second time to protect the value in persistent storage should use a different salt value than the one the Equipment Server exposes through the GetEquipmentInformation() operation. That way if a malicious actor gains access to the offline storage, they do not know the values that the Client Sessions will be sending.
o Clarify Section 8.3 – gRPC Connections and Figures 1, 2 and 3 that the arrows on the gRPC Connection indicate who initiated the gRPC communication rather than the flow of data in the communication channel (i.e., the gRPC methods that use the gRPC connection can bi-directional streaming methods).

Review how to handle when EstablishSession() operation is supposed to have the Equipment Server open a connection to the Consumer Session but is not able to. This includes, but is not limited to:
o Investigate if a dedicated unary gRPC method should be used to check if the specified endpoint is available for EDA work. Some implementations provided by gRPC only detect if there is a problem when you make a gRPC method call.

Investigate expanding use case scenarios in Related Information for clarity.

Changes to address any bias terminology to avoid in the Specification, Complementary File or Supplemental Material file.

Any other changes to address features or defects discovered by Task Force members during planned EDA Software Vendor Test Session #1 organized by the North America DDA Task Force. Significant changes in scope still require a SNARF revision in compliance with SEMI Regulations.

Any other changes to address features or defects, or issues with the Style Guide raised by Task Force members during the development and review of the proposed changes related to these line item topics. Significant changes in scope still require a SNARF revision in compliance with SEMI Regulations.

Many of these items were previously authorized under SNARF 6928 – Line Item Revisions to SEMI E132 and SEMI E132.2 This SNARF is being proposed since SEMI Regulations do not allow SNARFs to be updated with changes to the scope. SNARF 6928 will be abolished once this SNARF is approved.


b: Expected result of activity
Line-item revision to two or more existing Standards or Safety Guidelines

For a new Subordinate Standard, identify the Primary Standard here:


Modification of an existing part of Standard(s) or Safety Guideline(s) including Appendices, Complementary Files, and Supplementary Materials, Addition of one or more Appendices or Complementary Files to an existing Standard or Safety Guideline, Addition of one or more Related Information sections or Various Materials to an existing Standard or Safety Guideline, Revision or addition of one or more Subordinate Standards to an existing Primary Standard

For Standards, identify the Standard Subtype below:
Specification

Miscellaneous (describe below):

___________________________________________________________________________
3. Projected Timetable for Completion:

a: General Milestones
a. Activity Start: 07/01/2022b. 1st Draft by: 08/01/2022
c. (Optional) Informational Ballot by: d. Letter Ballot by: 09/01/2022
e. TC Chapter Approval By:11/01/2022

_____________________________________________________________________________
4. Liaisons with other Global Technical Committees/TC Chapters/Subcommittees/TFs:
a.
List SEMI global technical committees, TC Chapters, subcommittees, or task forces in your or other Regions/Locales that should be kept informed regarding the progress of this activity. (Refer to SEMI Standards organization charts and global technical committee charters and scopes as needed.)
I&C Global Technical Committee

b. List any planned Type I Liaisons with external nonprofit organizations (e.g., SDO) that should receive Draft Documents from Standards staff for feedback during this activity and be notified when the Letter Ballot is issued (refer to Procedure Manual § 7):


c. Intercommittee Ballots:
will not be issued

Identify the recipient global technical committee(s):

___________________________________________________________________________
5. Safety Considerations:
The resulting document is expected:
NOT to be a Safety Guideline

NOTE FOR "to be a Safety Guideline": When all safety-related information is removed from the Document, the Document is NOT technically sound and complete - Refer to Section 15.1 of the Regulations for special procedures to be followed.

NOTE FOR "NOT to be a Safety Guideline": When all safety-related information is removed from the Document, the Document is still technically sound and complete.

___________________________________________________________________________
6. Intellectual Property Considerations:
a. For a new Standard or Safety Guideline and for any part to be modified or added in a Revision of published Standards and Safety Guidelines:
patented technology is intended to be included in the proposed Standard(s) or Safety Guideline(s).

If "patented technology is intended to be included in the proposed Standard(s) or Safety Guideline(s) " is selected above, then also check one:
Letter of Intent received

b. For Revision, Reapproval, Reinstatement, or Withdrawal of existing Standard(s) and Safety Guideline(s):
there is previously known material patented technology necessary to use or implement the Standard(s) and Safety Guideline(s)

c. The body of the Document and any Appendices, Complementary Files, Related Information sections, or Various Materials that may or may not be a part of the Document by reference:
the incorporation of Copyrighted Item will NOT be required



NOTE FORthe use of patented technology or the incorporation of Copyrighted Item(s) is NOT required’: If in the course of developing the Document, it is determined that the use of patented technology or Copyrighted Item(s) is necessary for the Document, the provisions of Regulations § 16 must be followed.

NOTE FORwill incorporate Copyrighted Item’: A copyright release letter must be obtained from the copyright owner prior to publication.

___________________________________________________________________________
7. Comments, Special Circumstances:
SEMI E132 included patent material and is covered by NON-ASSERTION AGREEMENT (LOA) between SEMI and Asyst Technologies has been signed with for US Patents #11/340101, #11/107508, #09/899833, and 09/496009, in 2007. This agreement is maintained by PEER Group, who has acquired the patents and patent applications previously owned by Asyst Technologies

No intent to add new patent material as part of this Line Item Revision.


__________________________________________________________________________
8. TC Member Review:
is not required for this SNARF.

Member Review Start Date; None.
Member Review End Date: None.

NOTE FOR ‘TC Member Review’ is required by the Regulations for a period of at least two weeks
before approval of a new, or a major revision of an existing, Standard or Safety Guideline. (Refer to Regulations ¶ 8.2.1)
__________________________________________________________________________

9. SNARF Approval Dates:
TC Chapter or GCS07/13/2022
Recorded in TC Minutes

__________________________________________________________________________

10. SNARF Extension Dates:
TC Chapter Extension Granted on
Extension Expires on