IPC India Voluntary Instructors for IPC Training
Technical Articles. Importance of Step up stencil. Mr. Kannan. E – HOD Quality Assurance, M/s. Kaynes Technology India private limited, Mysore.
Various modern security standards and regulations focus on business continuity, which requires advanced preparation to minimize the impact and ensure a swift recovery. IPC-1792, Standard for the Management and Mitigation of Cybersecurity Incidents in the Manufacturing Industry Supply Chain, is another modern security standard that focuses on business continuity, which also requires advanced preparation to minimize impact and ensure early recovery.
Many electronic products are operated by repairing, replacing, and maintaining faulty parts. Therefore, it is desirable to consider the impact of this maintenance work on the implementation of IPC-1792.
IPC-1792 focuses on the following two minimum goals:
1) Rapidly notify supply chain customers of cybersecurity incidents affecting them, even in the event of an unknown attack
2) If the attack is an unknown one, having a framework to detect it quickly and notify critical supply chain stakeholders (and eventually all stakeholders in the supply chain)
The core principle of IPC-1792 is to safeguard the integrity of shipped products by attaching a Digital Certificate. This certificate contains product details and a Digital Diploma verifying the product’s origin.
Implementing IPC-1792 requires more than just desk-based understanding. Traditional cybersecurity training programs may suit IT departments, but they are not effective for factories implementing the standard. Targeted, fit-for-purpose training is essential.
Cybersecurity fitness training is necessary. In addition, as electronics manufacturing sites are shifting from China and Western countries to Southeast Asia, training for new factories is becoming increasingly important to prevent entry points for attacks on new factories.
According to IPC-1792, when a cybersecurity incident occurs within an organization's supply chain (such as a factory), there should be a mechanism in place to provide timely notification of the incident downstream.
Specifically, a stakeholder performs a cybersecurity incident quick assessment (CIQA) when an incident occurs. Based on the results of this assessment, the impact area (target product) and impact level are analyzed, and the results are transmitted to downstream stakeholders.
IPC-1792 recommends that when a suspected cybersecurity incident occurs, the criteria for determining whether the event constitutes an incident should be prepared in advance. Based on these criteria, it is determined whether to notify other stakeholders in the supply chain about the incident.
It is essential that this judgment criterion be based on facts.
Printed electronics and additively manufactured electronics represent a fast-growing frontier in electronic design and production, enabling new levels of flexibility, functionality and innovation.