US20030208448A1 - Data brokering system for integrated remote tool access, data collection, and control - Google Patents

Data brokering system for integrated remote tool access, data collection, and control Download PDF

Info

Publication number
US20030208448A1
US20030208448A1 US10/385,441 US38544103A US2003208448A1 US 20030208448 A1 US20030208448 A1 US 20030208448A1 US 38544103 A US38544103 A US 38544103A US 2003208448 A1 US2003208448 A1 US 2003208448A1
Authority
US
United States
Prior art keywords
data
tool
session
user
ecentre
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US10/385,441
Inventor
Stuart Perry
Wendy Wussow
Sunil Barboza
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Telit IOT Platforms LLC
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to US10/385,441 priority Critical patent/US20030208448A1/en
Assigned to ILS TECHNOLOGY, INC. reassignment ILS TECHNOLOGY, INC. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: BARBOZA, SUNIL, PERRY, STUART, WUSSOW, WENDY
Publication of US20030208448A1 publication Critical patent/US20030208448A1/en
Abandoned legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q50/00Systems or methods specially adapted for specific business sectors, e.g. utilities or tourism
    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B19/00Programme-control systems
    • G05B19/02Programme-control systems electric
    • G05B19/418Total factory control, i.e. centrally controlling a plurality of machines, e.g. direct or distributed numerical control [DNC], flexible manufacturing systems [FMS], integrated manufacturing systems [IMS], computer integrated manufacturing [CIM]
    • G05B19/4183Total factory control, i.e. centrally controlling a plurality of machines, e.g. direct or distributed numerical control [DNC], flexible manufacturing systems [FMS], integrated manufacturing systems [IMS], computer integrated manufacturing [CIM] characterised by data acquisition, e.g. workpiece identification
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/22Detection or location of defective computer hardware by testing during standby operation or during idle time, e.g. start-up testing
    • G06F11/2294Detection or location of defective computer hardware by testing during standby operation or during idle time, e.g. start-up testing by remote test
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/535Tracking the activity of the user
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B2219/00Program-control systems
    • G05B2219/30Nc systems
    • G05B2219/31From computer integrated manufacturing till monitoring
    • G05B2219/31471Operator can select a graphical screen at his will as help diagnostic
    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B2219/00Program-control systems
    • G05B2219/30Nc systems
    • G05B2219/31From computer integrated manufacturing till monitoring
    • G05B2219/31479Operator select part of process he wants to see, video image is displayed
    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B2219/00Program-control systems
    • G05B2219/30Nc systems
    • G05B2219/32Operator till task planning
    • G05B2219/32034Electronic market, network broker
    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B2219/00Program-control systems
    • G05B2219/30Nc systems
    • G05B2219/32Operator till task planning
    • G05B2219/32142Define device, module description using xml format file
    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B2223/00Indexing scheme associated with group G05B23/00
    • G05B2223/06Remote monitoring
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/30Definitions, standards or architectural aspects of layered protocol stacks
    • H04L69/32Architecture of open systems interconnection [OSI] 7-layer type protocol stacks, e.g. the interfaces between the data link level and the physical level
    • H04L69/322Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions
    • H04L69/329Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions in the application layer [OSI layer 7]
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02PCLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
    • Y02P90/00Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
    • Y02P90/02Total factory control, e.g. smart factories, flexible manufacturing systems [FMS] or integrated manufacturing systems [IMS]

Definitions

  • the present invention is related generally to e-Manufacturing systems and methods that represent the foundation for inter-tool, manufacturer-to-manufacturer or manufacturer-to-supplier cooperation. More particularly, it is directed to an integrated system (hereinafter “eCentre”) that allows collecting, propagating, distributing, storing and transforming data or information generated by the tools to different parties.
  • eCentre integrated system
  • High-technology manufacturing such as integrated circuit (IC) manufacturing, often combines computerized manufacturing tools, tool operators, computer networks and other components to achieve an efficient, profitable manufacturing environment.
  • the IC manufacturer often collects data from the manufacturing tools to keep watch on potential manufacturing problems and inefficiencies. The data collected are usually proprietary and often sensitive.
  • the IC manufacturers may need to provide the collected data to third party sources, especially, for example, the manufacturers of the tools.
  • the original equipment manufacturer (OEM) also known as a toolmaker, usually provides maintenance of the tools, either directly or through a third-party contractor.
  • the OEM must be able to access data from the tool as well, to service the machines, and also for internal purposes.
  • Small IC manufacturing sites may not be readily accessible to the OEMs for service. It is usually not economical to maintain an on-site OEM representative for service, and such small IC manufacturing sites must often transport their service personnel to the site when service is needed. This is also costly, and can delay manufacturing, which reduces production and profits.
  • a diagnostic system and method for integrated remote tool access, data collection, and control is disclosed.
  • the present invention can be a data brokering system for semiconductor wafer data is presented that comprises: a FAB having at least one automated semiconductor wafer manufacturing tool; a plurality of OEMs, coupled to the FAB via a secure service net; means for providing data about a semiconductor wafer manufactured by the tool to one of the OEMs without revealing information about the tool; and means for collecting fees based on characteristics of the provided data.
  • FIG. 1 depicts a block diagram of an exemplary embodiment of the system of the present invention
  • FIG. 2 depicts a block diagram of an exemplary embodiment of an OEM installation according to the present invention
  • FIG. 3 depicts an exemplary embodiment of an FAB installation according to the present invention
  • FIG. 4 depicts an exemplary embodiment of an detailed eCentre FAB installation according to the present invention
  • FIG. 5 depicts an exemplary embodiment of a session according to the present invention
  • FIG. 6 depicts an exemplary embodiment of a data flow service according to the present invention
  • FIG. 7 depicts an exemplary embodiment of a desktop GUI according to the present invention
  • FIG. 8 illustrates an exemplary embodiment of an active sessions list according to the present invention
  • FIG. 9 illustrates an exemplary embodiment of a session navigator according to the present invention.
  • FIG. 10 illustrates an exemplary embodiment of a file transfer and versioning panel according to the present invention
  • FIG. 11 illustrates an exemplary embodiment of an audit trail GUI according to the present invention
  • FIG. 12 illustrates an exemplary embodiment of a data GUI according to the present invention
  • FIG. 13 illustrates an exemplary embodiment of a tool gateway server status interface GUI according to the present invention
  • FIG. 14 illustrates an exemplary embodiment of an eCentre business rules interface GUI according to the present invention
  • FIG. 15 shows a block diagram of an exemplary embodiment of a Service Net of the present invention.
  • FIG. 16 depicts the data brokering service of the present invention.
  • Fabricator A FAB is a specific manufacturing facility. Confidential tool data is stored locally at the FAB for security.
  • OEM Original equipment manufacturer
  • ICM Integrated circuit manufacturer
  • Active session A session that enables people to interact with services provided by the session, such as a remote tool operation and file transferring.
  • a session is designated as “active” by the senior administrator when the session is created.
  • Authentication The process that identifies a person—a common method is user ID and password.
  • Authorization The process that determines what a person is allowed to do, such as transfer files.
  • Data Flow A service that allows access to real-time equipment data.
  • Data Storage A service that collects equipment data and then stores the data in a database.
  • Delegated Administrator A person to whom the senior administrator has given administration duties. People in this role can be either ICM facility or supplier employees.
  • eCentre Application Server (eCentre Application or eCentre Server or eCentre): provides the basic eCentre capabilities and a plurality of sessions and services for users and tools.
  • eCentre Enterprise Server provides the ability to aggregate tool production data from multiple sites for cross-comparison.
  • File Transfer A service that allows transferring of files from a tool computer to a person and from a person to a tool computer.
  • ICM facility senior administrator A special type of person who is an employee of the ICM facility.
  • the ICM facility senior administrator (or simply senior administrator) is responsible for setting up and managing sessions, users, filters, services, and tools.
  • the senior administrator also assigns user passwords and access privileges, and delegates administrative duties where appropriate.
  • Passive session A session that enables users to interact with services provided by the session, but does not permit interaction with the tool. Users have view-only privileges. For example, a user can go to a remote tool computer's desktop but only be able to view the activity. The senior administrator designates a session as “passive” when the session is created.
  • Privileges Permissions that are set by the senior administrator to allow or deny users access to services such as a remote tool operation. By setting access privileges, the senior administrator controls user access to restricted data.
  • Session A means by which data is shared between the tool and users. Since there is no direct access to a tool, a remote user's request for tool data is routed through a session. A session provides specific services related to the tool, such as file transferring, remote tool operation, or online chatting between session participants.
  • Session Participant A person who participates collaboratively or interactively with a session.
  • the person can be an employee of the ICM facility or the manufacturer of the tool.
  • Service File transfer, remote tool operation, chat, data flow, and data storage run as services in the eCentre environment.
  • Staging Area A secure server located within the ICM facility. When transferring a file from a tool computer to the user and from the user to the tool computer, there is no direct access to the tool computer; instead, the file is transferred from the tool or to the tool via a staging area.
  • RTO Remote Tool Operation
  • a service that allows users to remotely operate a tool computer or view the operations being performed at the remote computer—all in real time.
  • the user sees the tool computer's desktop (or control screen) and can operate the tool as if physically present.
  • eCentre supports remote connections to Windows, AIX, UNIX derivatives, Linux, and Solaris operating environments.
  • Tool A device for manufacturing some component of a semiconductor product. Tools typically reside in a highly secure and restricted area of the ICM facility. Each tool has a computer embedded within it.
  • Tool Computer The computer that is embedded in the tool. Access to the tool computer is controlled through user access privileges.
  • a tool computer can be a Windows, AIX, OS/2, UNIX derivatives, Linux, or Solaris system.
  • Tool Console Operator A person who is typically physically present at the tool computer and to whom the senior administrator has assigned control privileges to the Tool Console Server. The tool console operator has the duty to give final approval for a person to remotely operate the tool computer.
  • Tool Console Server A portion of eCentre that runs at the tool computer and controls access to and provides information about the RTO. Enables emergency override connection to Safety Server, and provides tool status updates.
  • Tool Gateway Server provides support for one or more conventional 200 and 300 mm tools.
  • a tool gateway server provides tool access, secures tool data, and management of the tool state.
  • Safety Server System that interacts with the tool hardware to provide greater measure of safety in operation.
  • User Typically, a remote OEM production engineer, ICM tool expert, tool console operator, or senior administrator.
  • the senior administrator selects a person who will participate in a session and also determines the tools and services that each person might access.
  • FIG. 1 shows a diagnostic system for integrated remote tool access, data collection, and control according to the present invention.
  • the system generally comprises one or more fabricators (FABs) 102 a , 102 b (collectively 102 ), each of which is coupled through a respective secure shared connection 104 a , 104 b , and the Internet 106 to one or more original equipment manufacturers (OEMs) 108 a , 108 b , 108 c (collectively 108 ) of the tools.
  • the secure shared connection 104 can be, for example, a virtual private network (VPN), or a Service Net connection that allows a single connection to access multiple customers which would otherwise require a plurality of VPN connections.
  • VPN virtual private network
  • Service Net connection that allows a single connection to access multiple customers which would otherwise require a plurality of VPN connections.
  • a fabricator headquarters 110 may also be connected through its own secure shared connection 104 c to the OEMs 108 and the other FABs 102 .
  • the OEMs are also connected through their own secure shared connections 104 d , 104 e , 104 f to the Internet 106 .
  • FIG. 2 depicts an exemplary embodiment of an OEM 108 according to the present invention.
  • An OEM may be connected to its secure shared connection 104 through an internal firewall 202 .
  • An internal network 204 such as, for example a local area network, can be connected to the firewall 202 .
  • one or more eCentre clients 206 and one or more eCentre enterprise servers 208 can be connected to the internal network 204 .
  • the enterprise server 208 can also be an eCentre server.
  • FIG. 3 depicts an exemplary embodiment of a fabricator (FAB) 102 according to the present invention.
  • a FAB 102 can also connect to its secure shared connection 104 through an internal firewall 302 .
  • An internal network 304 such as, for example, a local area network, can be connected to the firewall 302 .
  • a FAB 102 can have an eCentre enterprise server 306 , one or more eCentre clients 308 , an eCentre server 310 and one or more Tool Gateway Servers 312 a , 312 b (collectively 312 ).
  • Each tool gateway server 312 provides support for conventional 200 and 300 mm tools 314 , and a plurality of such tools 314 may be connected to a single tool gateway server.
  • a tool gateway server 312 provides tool access, for example, for: SECS/HSMS, E98 OBEM, file transfer, custom data collection capabilities, remote operation, and sensor data, and co-exists with existing FAB infrastructure (e.g. station controller, MES, etc.).
  • a tool gateway server 312 is hot-swappable.
  • Each tool gateway server 312 also secures the data, by providing, for example, data certification, data encryption, and guaranteed data delivery.
  • a tool gateway server 312 also provides for management of tool state, session configuration, MES interface, security gateway, and user-configurable business rules.
  • a secure service network provides secure communications for all constituents.
  • One secured shared connection 104 connection from each OEM 108 can connect to multiple FABs 102 .
  • one secured shared connection 104 connection from each FAB 102 can connect to multiple OEMs 108 .
  • Each OEM and FAB secured shared connection can terminate in its own dedicated isolation LAN.
  • the service net is fault tolerant, does not contain any applications/logic or databases outside the firewalls, and prevents unauthorized cross-connects between OEM's and/or customers.
  • Each constituent controls its own data.
  • FIG. 4 depicts an exemplary embodiment of the eCentre framework installed at a FAB site 102 housing one or more automated semiconductor manufacturing tools 402 , which are each coupled to a tool console server 404 .
  • the tool 402 and the tool console server 404 are behind a first firewall 406 separated from a demilitarized zone (DMZ) 408 .
  • DMZ is a special network segment within the ICM facility protected by firewalls.
  • one or more tool gateway servers 410 are coupled to the tool console servers 404 and provide access to an application server 412 across a second firewall 414 .
  • the eCentre server 412 preferably can reside in a second DMZ 416 , although DMZ 408 and DMZ 416 can be, in an exemplary embodiment, a single DMZ.
  • the application server 412 is coupled to an HTTP server 418 , which can provide access to an external network such as the Internet, through a third firewall 420 .
  • a client 422 located, for example, at an original equipment manufacturer (OEM) connects through the HTTP server 418 to access the tool and services provided by the application server 412 .
  • the eCentre server 412 can provide timestamping 424 , business logic 426 , messaging 428 , database storage 430 and security 432 .
  • the client 422 also has access to a customer list 434 , which indicates the FABs the client can connect to, and a chat server 436 , which allows the user of the client to communicate with other users in the system.
  • the firewalls of the present invention can be configured to allow only authorized connections to their networks based on security policies set by the ICM.
  • the software enables interaction with local or enterprise databases and transaction systems using, for example, Java technology-based application servers such as JBoss or IBM's WebSphere.
  • the application servers provide a deployment environment for other eCentre components within the DMZ including support for the eCentre Server and the Tool Gateway Server.
  • the Tool Gateway Server performs data and tool normalization across the complex set of tools within the ICM and acts as the communications interface between the tool and the eCentre application.
  • the main purpose of the Tool Gateway Server is to collect data from a tool so that the data can be propagated to the system.
  • the data being collected and processed through the Tool Gateway Server is converted to XML and then sent to the eCentre application.
  • the Tool Gateway Server registers information about the tool using a directory server such as the iPlanet LDAP product.
  • a messaging system such as IBM's WebSphere MQ provides the mechanism to transport the data as encrypted XML.
  • the Tool Gateway Server software can support, for example, SECS, HSMS (E4 and E5 legacy interfaces), and the current Semi E98 standard.
  • the software also provides connectors to the ICM's MES so that true E10 states can be recorded.
  • a service processing application (hereinafter eCentre Application) is the main processor for sessions and services.
  • the session is used to associate users, services and tools with each other.
  • Session services include authentication and authorization, file transfer capabilities, remote equipment operations, decision logic, real-time collaboration (chat), data flow and data storage.
  • eCentre Application provides the remote user with the ability to access, upload, download, execute, and analyze results from tool diagnostics, calibrations, recipes, and user programs. In addition, the remote user can gain access to the tool computer's desktop as if standing at the tool. To secure this remote tool accessibility, the eCentre Application provides HTTP and application-level proxy services from the OEM to the ICM and from the ICM to the OEM. Access to tools by remote users is enabled through proxy servers in the DMZ. The proxy servers are created and started by the eCentre Application only when the outside request is validated. All Internet and intranet-based transmissions are encrypted.
  • eCentre Application provides file transfer capabilities to copy directories and files, as will be described in further detail below.
  • eCentre enables transferring of a file from the tool to the user and from the user to the tool. There is no direct access to the tool. Instead, a file is transferred from the tool or to the tool via a staging area in the DMZ. It is a two-step process. When a download request is received by the Tool Gateway Server, the file is transferred from the tool and sent to a staging area, and then processed through the eCentre Application. To ensure security, directory and file handling privileges are mapped to a user's need to know. Only those files determined eligible are available to be downloaded or uploaded. Each transfer can be recorded, for example, by date, time, and by the user who initiated the transfer. The file is also given a version number if a tool file is replaced. This version number allows for rollback to previous operating levels if required.
  • the Tool Gateway Server in an XML format sends the data to the eCentre Application. Because there is no direct access to a tool, the remote user's request for data is routed through a session.
  • a session is the primary collaborative device in the eCentre framework. It is the means by which data is propagated from the tools to the users. Data flowing from the tool is-returned to the user via the session.
  • the data flow service transforms the XML into a specified message format based on one or more filters.
  • a filter is a predefined variable whose value determines the format and content of the message. Filtered data is released to the session participants based on their privileges defined when the session was created.
  • the session can be configured to store the data in a repository such as IBM's DB2 for future analysis and reporting.
  • Control access through authentication and authorization enforces access to confidential tool data inside the ICM facility by providing authentication and authorization engines.
  • Authentication is the process that identifies a user, for example, requiring a usemame and valid password; and authorization is the process that determines what a user is allowed to do—for example, transfer a file.
  • eCentre provides authentication and authorization services by combining a policy administrator tool (such as Baltimore SelectAccess) with an LDAP-based user repository directory (such as the iPlanet server).
  • the policy administrator is a rule and role-based security tool that manages the content that users can see and the privileges users can have to access tool services such as remote tool operation, file transfer and data flow. Users are paired to activities and resources. An eCentre administrator can create a user and then assign the individual permission only for those activities or resources needed in a particular session.
  • the LDAP-compatible directory server stores objects that represent user profiles, policies, sessions, and tools. Whenever the eCentre application receives a request from a user, it forwards the request to the policy administrator to ensure that the user has a valid username and password or that the individual has permission for the activity requested. The user's credentials are stored in the LDAP directory repository.
  • chat software such as, for example, Lotus Sametime. This service is started whenever a session is started. All session participants are immediately able to communicate with one another.
  • the eCentre Application has the ability to apply decision logic to service requests in order to determine their validity.
  • the service is either provided or denied. For example, suppose a participant in a session tries to perform a remote operation but does not have the required level of security clearance. A message would inform the user that he or she is unauthorized to access that particular tool.
  • the software also logs every action that occurs.
  • eCentre provides the means to create custom business rules or decision logic that can be used to request additional in-situ monitoring of the wafer production process based on the ICM's business rules and procedures.
  • the data can be persisted using a repository such as DB2.
  • the Administrative Client is an HTML-based program that can be available from multiple locations inside and outside the ICM facility. Typically, the eCentre administrator uses the Administrative Client.
  • the Administrative Client works in conjunction with a policy setting administrator tool that is linked to an LDAP server. The administrator can find a session, start and stop a session, request details about a session, and view the properties of a session.
  • the Administrative Client can also create a session.
  • Each session is configured to recognize one or more users and one or more tools.
  • Each user has a specific set of rules applied that allow or deny access to certain tools.
  • the Administrative Client can also apply filters.
  • the Administrative Client lets the administrator limit the type of tool data that the OEM user can see. By using predefined values as search criteria, XML data can be published showing only messages with that type of data and value.
  • the data filters are created by the administrator who configures them with conditions and values for the condition.
  • the Administrative Client can also audit a session.
  • eCentre provides a log viewer for tracking system-wide events (such as users logging on).
  • the administrator can view the history and order of events for session activity for one or more participants and one or more sessions.
  • Activity is logged by date, time, activity, and user information.
  • OEMs may wish to participate in e-diagnostic sessions at various FAB sites.
  • the administrative client provides a utility program called the customers page to make discovery of and connection to the appropriate tool easier to do.
  • the customers page lets remote authorized users connect to the correct eCentre Application Server within the FAB.
  • Authorized remote users can start the eCentre collaborative client from the customers page. However, before users can log onto the collaborative client, they must select a customer name from this page. The customer names must be set up before users can access remote tools. A file called customers.xml resides in the root directory on the eCentre Application Server. The senior administrator must set up this file with appropriate customer names. These are the customer names whose tool and tool computers are accessible to authorized users for diagnostics and repair.
  • the Collaborative Client allows a user outside an ICM facility to enter the controlled environment within the ICM facility for a specific purpose.
  • a user might be an OEM production engineer or ICM tool expert.
  • a validated user can join a session in order to access real-time tool data inside the ICM. From an active session, the user can, depending on access rules, participate in a real-time remote equipment operation; upload and download files; and chat with other users who have joined the current session.
  • an exemplary embodiment of a session 502 can have one or more users 504 associated with one or more tool representations 506 and 508 .
  • Each tool representation can have a number of services 510 available from it to the users. Such services include, for example, remote tool operation and file transferring.
  • Tool representations 506 and 508 are eCentre representations of physical tools 512 and 514 , respectively. For the purposes of this discussion, physical tools and tool representations are interchangeable, unless otherwise noted.
  • a session represents a unit of work that transforms and processes data or information from the tool to the end-user.
  • the eCentre session can have producers as sources and users or outputs as end-points.
  • a session transforms data generated by the producers and delivers them to the users.
  • a producer is a component that generates data.
  • Another session, tool data or device data can be a producer.
  • a user is a consumer of the data transformed by the session. For example, a different session or a receiver can be a user.
  • a group of producers is logical association between different producers and users in a session, e.g. data from producer 1 goes to user 1 and user 2.
  • the system of the present invention allows the mixing of data, sending the data to different users in different states depending on security access rules.
  • the system connects groups of data producers to different users, routing the information as XML based on associations of users and producers.
  • Sessions also include the correlation of users to a set of available services. These services include: Remote Tool Operation, File Transfer Capability, Chat, Data Filtering, Data Persistence and Data Proxy.
  • a session controls a user's access to a tool.
  • the system of the present invention can control the services that belong to a session.
  • a service is a component of a session that relates to the ability of a user to access a tool (e.g. FTP, Remote Tool Operation).
  • Sessions can also be categorized, for example, based on security levels such as “Top Secret”, “Secret”, “Unclassified”, and affinities can be created to users and tools.
  • the data flow service provides the means for obtaining real-time equipment data as it comes off the tool.
  • the eCentre Application Server receives the XML in a special destination object called a tool topic. Since there is no direct access to a tool, the remote user's request for data is routed through the session. As data is collected off the tool, it is sent to the eCentre Application Server by the Tool Gateway Server in an XML format.
  • Tool topics (similar to queues) are used to receive the XML data from the tool and then transfer the XML to the appropriate user topic.
  • User topics represent users who are associated with the currently running session. Data flowing off the tool is returned to the user via the session.
  • FIG. 6 shows an exemplary embodiment of a session 602 having a user 604 and a tool 608 , where one of the services provided by the tool 608 is the data flow service 610 .
  • the data flow service 610 collects data from tools 612 and 614 after the data has been transformed to XML and received by tool topics 616 and 618 , respectively.
  • the data flow service 610 can then apply user filters 620 to further transform the tool data. Filtering is discussed in greater detail below.
  • the filtered data is then received by a user topic 626 , where is it available to the user 604 .
  • the administrative client 622 has started session 602 on the application server 624 . After the data has been received from the tool 608 and transformed and filtered, it can be made available to users outside of the FAB network via the collaborative client 606 .
  • the collaborative client 606 lets users view graphs that show trends lines that represent the equipment data.
  • the session could be configured to store tool data in a repository (such as DB2) thereby reducing the risk of sensitive data being released.
  • the session provides data to all the users connected to the same session, with filters defined per user and/or tool. If a user needs different data, a separate filter will be used to present that data to that user.
  • a session also includes filter based services. These types of filter services regulate which users have access to which tool data and the format in which the user can see the data. For example, a particular tool may report an operating temperature. One filter for one user may allow the user to see the temperature reading, but only when the temperature exceeds a specific number, such as 50 degrees. Another filter for a second user may only show the second user that the temperature is “high” when the temperature is above a threshold, and “low” when the temperature is below a second threshold. In the second case, the OEM may not want the ICM users to know the exact temperature of the tool, but may want to alert the user that the temperature is running high or low.
  • Filters can also prevent an OEM from aggregating data from multiple tools, if the ICM does not want to allow such aggregation. Filters can be implemented, for example, in XSL. Filters can be designed to address specific users, user types, data types and many other parameters of data and access.
  • An XSL filter can be used to protect data by modifying, filtering and/or transforming sensitive FAB data before release to an OEM.
  • the FAB data can be transformed to end-user data through XSL. This allows the OEM client to diagnose the tool remotely by analyzing real-time data (in FAB terms called “reports”) generated by the tool.
  • the filtering process includes interfacing with a tool, capturing the raw format data, and translating the data into a human readable (XML based) format. In order to prevent undesirable data aggregation or to protect sensitive data, the tool data can be transformed prior to delivery to the OEM client.
  • the data filtering methodology is based on a combination of XML and XSL.
  • tool data is XML based
  • data transformations such as session rules or policies
  • the output of the transformations is XML based.
  • a preferred method is to be able to perform a diagnostic operation as if the support person or OEM client were in front of the tool's screen.
  • An exemplary embodiment of the present invention allows the OEM client to be virtually in front of the tool.
  • the present invention uses screen capturing and encrypted information streaming to send the information to a client application.
  • the OEM client then runs the client application locally to the client, regardless of where the tool is.
  • industry strength cryptographic packages can be used to encrypt the information
  • proxy technologies can be used to overcome firewalls.
  • the system of the present invention allows a real-time view of the tool screen regardless of the operating system of the client.
  • a RTO server is installed on the tool to allow the client to retrieve information from the tool.
  • the RTO infrastructure proxies the screen information to the remote client across the secure shared connection. It is used to operate a tool on the plant floor remotely, including remote control and video observation. Unique proxy design using secure sockets and flexible connectivity types.
  • the Remote Tool Operations can be controlled from an eCentre session, with control of the tool being allowed for only one user at a time.
  • an exemplary embodiment of the present invention can also remotely manage the maintenance of software applications on semiconductor process tools. This allows the OEM clients to maintain remotely any software that is deployed on the tool without being present at the tool.
  • the managed/shared file transfer capability of the present invention enables the system administrator to control what, where, and when a file can be transferred to the tool.
  • the system administrator controls when the file can be uploaded to the tool by allowing access based on time intervals, preventing files from being transferred when the tool is not in the proper state. The system administrator can filter the files that an OEM client can see on a tool in many ways, for example, based on the file name and location, in addition to time restrictions.
  • the OEM clients can use TELNET to access a tool based on policies, as defined in a session. These policies are controlled by the system administrator and are specific to the session, users and tools involved. The policies allow the administrator to restrict the access to TELNET features based on rules associated to users, tools and sessions. The system administrator can also see and record any TELNET activities of an OEM client with minimal invasion.
  • the eCentre session provides the capability of centralized control of the TELNET sessions.
  • the system of the present invention can store semiconductor device data in a database, preferably in a keyed relational database.
  • Tool data in the form of XML documents, are flattened by converting XML tags into lists and items to be stored in the database. This allows the tool data to be stored in the database in a format for fast retrieval.
  • Tool data are stored in groups of tables belonging to a session or a tool. The tool data may be transformed prior to storage. For example, minimum, maximum or average values could be stored instead of the raw data.
  • the database schema and settings are tuned for high performance commits and retrievals.
  • the intervals for the storage can be adjusted in ways that are pertinent to the unique settings of the eCentre installation.
  • the data storage feature provides support that allows information received from the tool to be sent to storage database.
  • the software has the ability to assign classification levels to all tool parameters. Classified data will be stored in the database where it can be selectively retrieved. Optionally, the data could be stored as one of the following formats: compressed XML data, average data, and exact data.
  • Compressed data stores the event XML paragraph compressed with the event header normalized. This allows the data to be stored in the XML format recommended by SEMATECH without requiring large amounts of storage space. In order to be retrieved, the data must first be uncompressed and then parsed so that a reporting tool can take full advantage of the data.
  • Averaged data represents an optimized method to store data for fast retrieval within reasonable storage space.
  • average intervals and holding periods are predefined.
  • An average interval is a time-slice in which all tool parameter values are accumulated. The expiration of the interval stores only the average value, minimum value, maximum value, and the number of times the value occurred.
  • Exact data is for parameters that do not have a high frequency rate but where the exact value and time stamp are very important and the data needs to be quickly retrieved. Similar to averaged data, the full XML paragraphs are stored compressed.
  • a data storage configuration can cause compressed data to be held for 15 days; average data for 5-second intervals for one day, and average data for one-hour intervals for 15 days.
  • version control and rollback mechanisms are common in software and database applications, such mechanisms have not previously been applied to the area of e-Diagnostics for real-time tool diagnosis and repair. Changes can be made to tool settings and control files; if the new operation is not better, everything can be “rolled-back” to previous settings with one operation.
  • the OEM client can perform an FTP file upload on the tool. Prior to the physical upload, the system of the present invention can retrieve the current file from the tool, assign a version to the file and secure-store the file. Only after this operation is done will the system upload the new file. If the new file causes the tool to perform undesirably, the previous version of the file can be reinstated by an administrator to return the tool to a well-behaved state. To prevent the tool from being left in an unstable state in a rollback, the tool can be protected, for example, from being accessed and controlled by two or more OEM clients at the same time.
  • the eCentre session has a graphical user interface (GUI) that can allow the user to perform activities.
  • GUI graphical user interface
  • the activities are divided into two major categories: Administrative and User.
  • the Administrator GUI allows for the maintenance of sessions and the related users access.
  • the User GUI allows for interaction with the services and access to the data provided.
  • FIG. 7 shows the Desktop GUI 700 .
  • a user is able to navigate through the available sessions 702 , operate a tool remotely 704 , receive video streams from a camera attached to the tool 706 , receive still pictures (for high definition analysis) of the tool or other data files 708 , audit user interactions in a session 710 , perform data analysis with historical data 712 , and check on the tool gateway server activity 714 .
  • FIG. 8 illustrates an active sessions list 800 that shows the place where all running sessions are displayed. From here a user has the ability to join a particular session, such as, for example session 802 and 804 , in order to receive needed data. In addition, the user can also create a session from button 806 , if the currently active sessions do not meet the user's needs.
  • FIG. 9 illustrates a GUI of the session navigator 702 that uses one method to configure event and trace data. It shows the place where a user can see the details of data received from a tool in form of an XML message. For example, for a tool 902 , the data from a specific tool element 904 can be displayed in data window 906 .
  • FIG. 10 illustrates a file transfer and versioning panel 708 that shows the staging area 1004 where a user can transfer tool files 1002 .
  • new tool data updates can be transferred to the tool from the user's location, via the staging area 1004 .
  • the file transfer and versioning panel 708 can also be used as a staging area controlling the versioning of the files that are uploaded into the tool.
  • the file transfer and versioning feature allows the users to perform different tool updates without the risk of destroying the current set of parameters that governs the tool.
  • FIG. 11 shows an audit trail GUI 710 that shows part of the administration of a user, in particular the audit trails seen in window 1102 .
  • the activity of all the users connected to the system can be captured, for example, when the user logged onto the system, when the user created or joined a session, and when an access violation occurs.
  • FIG. 12 shows an exemplary embodiment of a data viewer GUI 712 according to the present invention.
  • a user can access live tool data or stored historical data about a tool or a collection of tools.
  • the data can be presented in a variety of graphical methods. For example, a user can view a combined graph of the temperature 1202 and the pressure 1204 of a tool.
  • FIG. 13 shows a tool gateway server status interface GUI 714 that shows the screen where the user can check the status of a tool gateway server.
  • the user could check general information 1302 about the tool gateway server, or more specific information such as, for example, a fan speed 1304 , a planar temperature 1306 , a CPU temperature 1308 , or a CPU utilization 1310 .
  • FIG. 14 shows an eCentre business rules GUI 1400 that provides the ability to update business logic graphically. This can be used to create business rules that can be incorporated into the operation of the session. Session activities will be limited or allowed based on business rules. Session activities can also trigger external events such as sending an e-mail or writing to a database as defined by the business process.
  • Service Net is a network connection that allows the many OEMs and many FABs to connect with each other without requiring a dedicated link for each combination. For example, unlike with service net, with a VPN, there would be a separate VPN connection from a first FAB to each OEM in the system. With Service Net, there is a single outbound connection which manages access to the OEMs. For example, one VPN connection from each OEM can connect to multiple FABs, and one VPN connection from each FAB can connect to multiple OEMs.
  • the Service Net provides secure communications for all OEM and FAB constituents by preventing unauthorized cross-connects between OEM's and/or customers. Each constituent controls its own data. This brokered network maintains separation of accounts.
  • FIG. 15 shows an exemplary embodiment of the service net according to the present invention.
  • One or more OEMs 108 each comprising a DMZ eCentre Enterprise Server 1502 is each coupled through a router 1504 to the Internet 106 .
  • the router 1504 can be a combination router/firewall/VPN or can be comprised of separate components providing router, firewall and VPN functions.
  • One or more FABs 102 each comprising a DMZ eCentre Server 1506 , is also coupled to the Internet 106 through a router 1504 .
  • the router 1504 for each OEM and FAD connects to a separate VPN device 1508 via a secure connection 1510 .
  • Each OEM and FAB VPN device 1508 terminates in its own dedicated isolation LAN 1512 .
  • the dedicated isolation LANs are in turn coupled to the e-diagnostic LAN 1514 .
  • the e-diagnostic LAN 1514 is a combination of network hardware and software that makes logical point-to-point connections between the OEMs and the FABs. Although each OEM 108 could connect to each FAB 102 , the e-diagnostic LAN 1514 controls which OEMs can actually connect to a particular FAB according to access rules. In this way, the FABs and OEMs need only manage one connection: to the e-diagnostic LAN 1514 .
  • the e-diagnostic LAN controls subsequent connections to the other entities on the network.
  • the service net 1516 is made up of the e-diagnostic LAN 1514 , the dedicated isolation LANs 1512 , and the VPN devices 1508 .
  • the service net 1516 does not comprise any applications/logic or databases outside the firewalls.
  • an exemplary embodiment of the present invention includes a data brokering system 1602 for semiconductor wafer data within a FAB that allows for the request for data on a particular wafer to be satisfied by a system that responds to that request without providing an OEM any specific information.
  • Data from tools 1610 , 1612 , 1614 and 1616 can be filtered by respective filters 1608 a , 1608 b , 1608 c , and 1608 d and collected by the data brokering system 1602 as XML tool data 1606 .
  • the XML tool data 1606 and be stored in a database 1604 . Wafer data from each tool 1610 - 1616 is then available to the other tools without providing any specific tool information.
  • the system also includes a fee payment mechanism 1618 based on a variety of algorithms including payment by the size of data (e.g. Mb), type of data (e.g. metrology), or type of wafer produced (e.g. 300 mm).
  • OEMs can consult this brokering system with a request for wafer data. The system shows a list of data available and the related charge for that data. If acceptable, the OEM requester can download the data for analysis. Data can be stored in a standard XML format, or can contain a list of data that would be reviewed by the buyer.
  • the data exchanges can also be done in an automated fashion to improve the overall productivity of the plant floor.
  • data from downstream operations can be automatically fed into the upstream tools for analysis of their production operation.
  • Tool settings can be modified to improve performance.
  • This data is fed through the broker system, maintaining autonomy of the various data suppliers and providing financial rewards for their help in improving the productivity of upstream tools.

Abstract

A data brokering system for semiconductor wafer data is presented that comprises: a FAB having at least one automated semiconductor wafer manufacturing tool; a plurality of OEMs, coupled to the FAB via a secure service net; means for providing data about a semiconductor wafer manufactured by the tool to one of the OEMs without revealing information about the tool; and means for collecting fees based on characteristics of the provided data.

Description

    CROSS-REFERENCE TO RELATED APPLICATIONS
  • The present application claims the benefit of U.S. Provisional Patent Application No. 60/363,251, Confirmation No. 3918, filed Mar. 12, 2002 entitled “Diagnostic System and Method for Integrated Remote Tool Access, Data Collection, and Control,” to Stuart Perry et al, the contents of which are incorporated herein by reference in their entirety. [0001]
  • The present application is related to U.S. patent application filed Mar. 12, 2003, Attorney Docket number 40005-187899, entitled “Diagnostic System and Method for Integrated Remote Tool Access, Data Collection, and Control,” of common assignee; and to U.S. patent application filed Mar. 12, 2003, Attorney Docket number 40005-187900, entitled “Data Sharing and Networking System for Integrated Remote Tool Access, Data Collection, and Control,” of common assignee, both of which are incorporated by reference in their entirety.[0002]
  • BACKGROUND OF THE INVENTION
  • 1. Field of the Invention [0003]
  • The present invention is related generally to e-Manufacturing systems and methods that represent the foundation for inter-tool, manufacturer-to-manufacturer or manufacturer-to-supplier cooperation. More particularly, it is directed to an integrated system (hereinafter “eCentre”) that allows collecting, propagating, distributing, storing and transforming data or information generated by the tools to different parties. [0004]
  • 2. Related Art [0005]
  • High-technology manufacturing, such as integrated circuit (IC) manufacturing, often combines computerized manufacturing tools, tool operators, computer networks and other components to achieve an efficient, profitable manufacturing environment. The IC manufacturer often collects data from the manufacturing tools to keep watch on potential manufacturing problems and inefficiencies. The data collected are usually proprietary and often sensitive. [0006]
  • The IC manufacturers may need to provide the collected data to third party sources, especially, for example, the manufacturers of the tools. The original equipment manufacturer (OEM), also known as a toolmaker, usually provides maintenance of the tools, either directly or through a third-party contractor. The OEM must be able to access data from the tool as well, to service the machines, and also for internal purposes. [0007]
  • Many IC manufacturing sites use different tools that are made by more than one OEM, often by competing OEMs. Each OEM therefore wants to keep the data from its tools confidential. [0008]
  • Small IC manufacturing sites may not be readily accessible to the OEMs for service. It is usually not economical to maintain an on-site OEM representative for service, and such small IC manufacturing sites must often transport their service personnel to the site when service is needed. This is also costly, and can delay manufacturing, which reduces production and profits. [0009]
  • What is needed then is an improved method of sharing data remotely between OEMs and IC manufacturers, and other third-parties, that maintains data security for both the OEM and the IC manufacturer and that allows remote servicing of the tools. [0010]
  • SUMMARY OF THE INVENTION
  • In an exemplary embodiment of the present invention a diagnostic system and method for integrated remote tool access, data collection, and control is disclosed. [0011]
  • In an exemplary embodiment, the present invention can be a data brokering system for semiconductor wafer data is presented that comprises: a FAB having at least one automated semiconductor wafer manufacturing tool; a plurality of OEMs, coupled to the FAB via a secure service net; means for providing data about a semiconductor wafer manufactured by the tool to one of the OEMs without revealing information about the tool; and means for collecting fees based on characteristics of the provided data. [0012]
  • Further features and advantages of the invention, as well as the structure and operation of various embodiments of the invention, are described in detail below with reference to the accompanying drawings.[0013]
  • BRIEF DESCRIPTION OF THE DRAWINGS
  • The foregoing and other features and advantages of the invention will be apparent from the following, more particular description of a preferred embodiment of the invention, as illustrated in the accompanying drawings wherein like reference numbers generally indicate identical, functionally similar, and/or structurally similar elements. The left most digits in the corresponding reference number indicate the drawing in which an element first appears. [0014]
  • FIG. 1 depicts a block diagram of an exemplary embodiment of the system of the present invention; [0015]
  • FIG. 2 depicts a block diagram of an exemplary embodiment of an OEM installation according to the present invention; [0016]
  • FIG. 3 depicts an exemplary embodiment of an FAB installation according to the present invention; [0017]
  • FIG. 4 depicts an exemplary embodiment of an detailed eCentre FAB installation according to the present invention; [0018]
  • FIG. 5 depicts an exemplary embodiment of a session according to the present invention; [0019]
  • FIG. 6 depicts an exemplary embodiment of a data flow service according to the present invention; [0020]
  • FIG. 7 depicts an exemplary embodiment of a desktop GUI according to the present invention; [0021]
  • FIG. 8 illustrates an exemplary embodiment of an active sessions list according to the present invention; [0022]
  • FIG. 9 illustrates an exemplary embodiment of a session navigator according to the present invention; [0023]
  • FIG. 10 illustrates an exemplary embodiment of a file transfer and versioning panel according to the present invention; [0024]
  • FIG. 11 illustrates an exemplary embodiment of an audit trail GUI according to the present invention; [0025]
  • FIG. 12 illustrates an exemplary embodiment of a data GUI according to the present invention; [0026]
  • FIG. 13 illustrates an exemplary embodiment of a tool gateway server status interface GUI according to the present invention; [0027]
  • FIG. 14 illustrates an exemplary embodiment of an eCentre business rules interface GUI according to the present invention; [0028]
  • FIG. 15 shows a block diagram of an exemplary embodiment of a Service Net of the present invention; and [0029]
  • FIG. 16 depicts the data brokering service of the present invention.[0030]
  • DEFINITIONS
  • As used herein, the following terms shall have the following meanings: [0031]
  • Fabricator (FAB): A FAB is a specific manufacturing facility. Confidential tool data is stored locally at the FAB for security. [0032]
  • Original equipment manufacturer (OEM): the manufacturer of integrated circuit manufacturing tools. [0033]
  • Integrated circuit manufacturer (ICM): an organization that manufactures integrated circuits (IC). ICMs have one or more FABs where the ICs are made. The IC-manufacturing tools are housed at ICM FABs. [0034]
  • Active session: A session that enables people to interact with services provided by the session, such as a remote tool operation and file transferring. A session is designated as “active” by the senior administrator when the session is created. [0035]
  • Authentication: The process that identifies a person—a common method is user ID and password. [0036]
  • Authorization: The process that determines what a person is allowed to do, such as transfer files. [0037]
  • Data Flow: A service that allows access to real-time equipment data. [0038]
  • Currently, the data is transferred to a user topic (similar to a queue). [0039]
  • Data Storage: A service that collects equipment data and then stores the data in a database. [0040]
  • Delegated Administrator: A person to whom the senior administrator has given administration duties. People in this role can be either ICM facility or supplier employees. [0041]
  • eCentre Application Server (eCentre Application or eCentre Server or eCentre): provides the basic eCentre capabilities and a plurality of sessions and services for users and tools. [0042]
  • eCentre Enterprise Server: provides the ability to aggregate tool production data from multiple sites for cross-comparison. [0043]
  • File Transfer: A service that allows transferring of files from a tool computer to a person and from a person to a tool computer. [0044]
  • ICM facility senior administrator: A special type of person who is an employee of the ICM facility. The ICM facility senior administrator (or simply senior administrator) is responsible for setting up and managing sessions, users, filters, services, and tools. The senior administrator also assigns user passwords and access privileges, and delegates administrative duties where appropriate. [0045]
  • Passive session: A session that enables users to interact with services provided by the session, but does not permit interaction with the tool. Users have view-only privileges. For example, a user can go to a remote tool computer's desktop but only be able to view the activity. The senior administrator designates a session as “passive” when the session is created. [0046]
  • Privileges: Permissions that are set by the senior administrator to allow or deny users access to services such as a remote tool operation. By setting access privileges, the senior administrator controls user access to restricted data. [0047]
  • Session: A means by which data is shared between the tool and users. Since there is no direct access to a tool, a remote user's request for tool data is routed through a session. A session provides specific services related to the tool, such as file transferring, remote tool operation, or online chatting between session participants. [0048]
  • Session Participant: A person who participates collaboratively or interactively with a session. The person can be an employee of the ICM facility or the manufacturer of the tool. [0049]
  • Service: File transfer, remote tool operation, chat, data flow, and data storage run as services in the eCentre environment. [0050]
  • Staging Area: A secure server located within the ICM facility. When transferring a file from a tool computer to the user and from the user to the tool computer, there is no direct access to the tool computer; instead, the file is transferred from the tool or to the tool via a staging area. [0051]
  • Remote Tool Operation (RTO): A service that allows users to remotely operate a tool computer or view the operations being performed at the remote computer—all in real time. Using the Collaborative Client program, the user sees the tool computer's desktop (or control screen) and can operate the tool as if physically present. eCentre supports remote connections to Windows, AIX, UNIX derivatives, Linux, and Solaris operating environments. [0052]
  • Tool: A device for manufacturing some component of a semiconductor product. Tools typically reside in a highly secure and restricted area of the ICM facility. Each tool has a computer embedded within it. [0053]
  • Tool Computer: The computer that is embedded in the tool. Access to the tool computer is controlled through user access privileges. A tool computer can be a Windows, AIX, OS/2, UNIX derivatives, Linux, or Solaris system. [0054]
  • Tool Console Operator: A person who is typically physically present at the tool computer and to whom the senior administrator has assigned control privileges to the Tool Console Server. The tool console operator has the duty to give final approval for a person to remotely operate the tool computer. [0055]
  • Tool Console Server (TCS): A portion of eCentre that runs at the tool computer and controls access to and provides information about the RTO. Enables emergency override connection to Safety Server, and provides tool status updates. [0056]
  • Tool Gateway Server: A tool gateway server provides support for one or more conventional 200 and 300 mm tools. A tool gateway server provides tool access, secures tool data, and management of the tool state. [0057]
  • Safety Server: System that interacts with the tool hardware to provide greater measure of safety in operation. [0058]
  • User: Typically, a remote OEM production engineer, ICM tool expert, tool console operator, or senior administrator. The senior administrator selects a person who will participate in a session and also determines the tools and services that each person might access. [0059]
  • DETAILED DESCRIPTION OF AN EXEMPLARY EMBODIMENT OF THE PRESENT INVENTION
  • A preferred embodiment of the invention is discussed in detail below. While specific exemplary embodiments are discussed, it should be understood that this is done for illustration purposes only. A person skilled in the relevant art will recognize that other components and configurations can be used without parting from the spirit and scope of the invention. [0060]
  • Referring now to the drawings, FIG. 1 shows a diagnostic system for integrated remote tool access, data collection, and control according to the present invention. The system generally comprises one or more fabricators (FABs) [0061] 102 a, 102 b (collectively 102), each of which is coupled through a respective secure shared connection 104 a, 104 b, and the Internet 106 to one or more original equipment manufacturers (OEMs) 108 a, 108 b, 108 c (collectively 108) of the tools. The secure shared connection 104 can be, for example, a virtual private network (VPN), or a Service Net connection that allows a single connection to access multiple customers which would otherwise require a plurality of VPN connections. The tools are used at the FABs 102. Additionally, a fabricator headquarters 110 may also be connected through its own secure shared connection 104 c to the OEMs 108 and the other FABs 102. The OEMs are also connected through their own secure shared connections 104 d, 104 e, 104 f to the Internet 106.
  • FIG. 2 depicts an exemplary embodiment of an [0062] OEM 108 according to the present invention. An OEM may be connected to its secure shared connection 104 through an internal firewall 202. An internal network 204, such as, for example a local area network, can be connected to the firewall 202. Additionally, one or more eCentre clients 206 and one or more eCentre enterprise servers 208 can be connected to the internal network 204. The enterprise server 208 can also be an eCentre server.
  • FIG. 3 depicts an exemplary embodiment of a fabricator (FAB) [0063] 102 according to the present invention. A FAB 102 can also connect to its secure shared connection 104 through an internal firewall 302. An internal network 304, such as, for example, a local area network, can be connected to the firewall 302. A FAB 102 can have an eCentre enterprise server 306, one or more eCentre clients 308, an eCentre server 310 and one or more Tool Gateway Servers 312 a, 312 b (collectively 312).
  • Each tool gateway server [0064] 312 provides support for conventional 200 and 300 mm tools 314, and a plurality of such tools 314 may be connected to a single tool gateway server. A tool gateway server 312 provides tool access, for example, for: SECS/HSMS, E98 OBEM, file transfer, custom data collection capabilities, remote operation, and sensor data, and co-exists with existing FAB infrastructure (e.g. station controller, MES, etc.). A tool gateway server 312 is hot-swappable. Each tool gateway server 312 also secures the data, by providing, for example, data certification, data encryption, and guaranteed data delivery. A tool gateway server 312 also provides for management of tool state, session configuration, MES interface, security gateway, and user-configurable business rules.
  • A secure service network provides secure communications for all constituents. One secured shared [0065] connection 104 connection from each OEM 108 can connect to multiple FABs 102. Similarly, one secured shared connection 104 connection from each FAB 102 can connect to multiple OEMs 108. Each OEM and FAB secured shared connection can terminate in its own dedicated isolation LAN. The service net is fault tolerant, does not contain any applications/logic or databases outside the firewalls, and prevents unauthorized cross-connects between OEM's and/or customers. Each constituent (OEM or FAB) controls its own data.
  • Software and Network Model [0066]
  • FIG. 4 depicts an exemplary embodiment of the eCentre framework installed at a [0067] FAB site 102 housing one or more automated semiconductor manufacturing tools 402, which are each coupled to a tool console server 404. The tool 402 and the tool console server 404 are behind a first firewall 406 separated from a demilitarized zone (DMZ) 408. A DMZ is a special network segment within the ICM facility protected by firewalls. Within DMZ 408, one or more tool gateway servers 410 are coupled to the tool console servers 404 and provide access to an application server 412 across a second firewall 414. The eCentre server 412 preferably can reside in a second DMZ 416, although DMZ 408 and DMZ 416 can be, in an exemplary embodiment, a single DMZ. The application server 412 is coupled to an HTTP server 418, which can provide access to an external network such as the Internet, through a third firewall 420. A client 422 located, for example, at an original equipment manufacturer (OEM) connects through the HTTP server 418 to access the tool and services provided by the application server 412. For example, the eCentre server 412 can provide timestamping 424, business logic 426, messaging 428, database storage 430 and security 432. The client 422 also has access to a customer list 434, which indicates the FABs the client can connect to, and a chat server 436, which allows the user of the client to communicate with other users in the system.
  • The firewalls of the present invention can be configured to allow only authorized connections to their networks based on security policies set by the ICM. [0068]
  • The software enables interaction with local or enterprise databases and transaction systems using, for example, Java technology-based application servers such as JBoss or IBM's WebSphere. The application servers provide a deployment environment for other eCentre components within the DMZ including support for the eCentre Server and the Tool Gateway Server. The Tool Gateway Server performs data and tool normalization across the complex set of tools within the ICM and acts as the communications interface between the tool and the eCentre application. [0069]
  • The main purpose of the Tool Gateway Server is to collect data from a tool so that the data can be propagated to the system. The data being collected and processed through the Tool Gateway Server is converted to XML and then sent to the eCentre application. The Tool Gateway Server registers information about the tool using a directory server such as the iPlanet LDAP product. A messaging system such as IBM's WebSphere MQ provides the mechanism to transport the data as encrypted XML. The Tool Gateway Server software can support, for example, SECS, HSMS (E4 and E5 legacy interfaces), and the current Semi E98 standard. The software also provides connectors to the ICM's MES so that true E10 states can be recorded. [0070]
  • A service processing application (hereinafter eCentre Application) is the main processor for sessions and services. The session is used to associate users, services and tools with each other. Session services include authentication and authorization, file transfer capabilities, remote equipment operations, decision logic, real-time collaboration (chat), data flow and data storage. [0071]
  • eCentre Application provides the remote user with the ability to access, upload, download, execute, and analyze results from tool diagnostics, calibrations, recipes, and user programs. In addition, the remote user can gain access to the tool computer's desktop as if standing at the tool. To secure this remote tool accessibility, the eCentre Application provides HTTP and application-level proxy services from the OEM to the ICM and from the ICM to the OEM. Access to tools by remote users is enabled through proxy servers in the DMZ. The proxy servers are created and started by the eCentre Application only when the outside request is validated. All Internet and intranet-based transmissions are encrypted. [0072]
  • eCentre Application provides file transfer capabilities to copy directories and files, as will be described in further detail below. eCentre enables transferring of a file from the tool to the user and from the user to the tool. There is no direct access to the tool. Instead, a file is transferred from the tool or to the tool via a staging area in the DMZ. It is a two-step process. When a download request is received by the Tool Gateway Server, the file is transferred from the tool and sent to a staging area, and then processed through the eCentre Application. To ensure security, directory and file handling privileges are mapped to a user's need to know. Only those files determined eligible are available to be downloaded or uploaded. Each transfer can be recorded, for example, by date, time, and by the user who initiated the transfer. The file is also given a version number if a tool file is replaced. This version number allows for rollback to previous operating levels if required. [0073]
  • As data are collected from the tool, the Tool Gateway Server in an XML format sends the data to the eCentre Application. Because there is no direct access to a tool, the remote user's request for data is routed through a session. A session is the primary collaborative device in the eCentre framework. It is the means by which data is propagated from the tools to the users. Data flowing from the tool is-returned to the user via the session. [0074]
  • The data flow service transforms the XML into a specified message format based on one or more filters. A filter is a predefined variable whose value determines the format and content of the message. Filtered data is released to the session participants based on their privileges defined when the session was created. Optionally, the session can be configured to store the data in a repository such as IBM's DB2 for future analysis and reporting. [0075]
  • Control access through authentication and authorization enforces access to confidential tool data inside the ICM facility by providing authentication and authorization engines. Authentication is the process that identifies a user, for example, requiring a usemame and valid password; and authorization is the process that determines what a user is allowed to do—for example, transfer a file. Based on X.509 standards and biometric technology, eCentre provides authentication and authorization services by combining a policy administrator tool (such as Baltimore SelectAccess) with an LDAP-based user repository directory (such as the iPlanet server). [0076]
  • The policy administrator is a rule and role-based security tool that manages the content that users can see and the privileges users can have to access tool services such as remote tool operation, file transfer and data flow. Users are paired to activities and resources. An eCentre administrator can create a user and then assign the individual permission only for those activities or resources needed in a particular session. The LDAP-compatible directory server stores objects that represent user profiles, policies, sessions, and tools. Whenever the eCentre application receives a request from a user, it forwards the request to the policy administrator to ensure that the user has a valid username and password or that the individual has permission for the activity requested. The user's credentials are stored in the LDAP directory repository. [0077]
  • Because participants in a session must be able to communicate in real-time, eCentre provides support for chat software such as, for example, Lotus Sametime. This service is started whenever a session is started. All session participants are immediately able to communicate with one another. [0078]
  • Because every tooling environment has different and often complex business requirements, the eCentre Application has the ability to apply decision logic to service requests in order to determine their validity. The service is either provided or denied. For example, suppose a participant in a session tries to perform a remote operation but does not have the required level of security clearance. A message would inform the user that he or she is unauthorized to access that particular tool. The software also logs every action that occurs. [0079]
  • eCentre provides the means to create custom business rules or decision logic that can be used to request additional in-situ monitoring of the wafer production process based on the ICM's business rules and procedures. In addition, if necessary, the data can be persisted using a repository such as DB2. [0080]
  • The Administrative Client is an HTML-based program that can be available from multiple locations inside and outside the ICM facility. Typically, the eCentre administrator uses the Administrative Client. The Administrative Client works in conjunction with a policy setting administrator tool that is linked to an LDAP server. The administrator can find a session, start and stop a session, request details about a session, and view the properties of a session. [0081]
  • The Administrative Client can also create a session. Each session is configured to recognize one or more users and one or more tools. Each user has a specific set of rules applied that allow or deny access to certain tools. [0082]
  • The Administrative Client can also apply filters. The Administrative Client lets the administrator limit the type of tool data that the OEM user can see. By using predefined values as search criteria, XML data can be published showing only messages with that type of data and value. The data filters are created by the administrator who configures them with conditions and values for the condition. [0083]
  • The Administrative Client can also audit a session. eCentre provides a log viewer for tracking system-wide events (such as users logging on). The administrator can view the history and order of events for session activity for one or more participants and one or more sessions. Activity is logged by date, time, activity, and user information. [0084]
  • OEMs may wish to participate in e-diagnostic sessions at various FAB sites. The administrative client provides a utility program called the customers page to make discovery of and connection to the appropriate tool easier to do. The customers page lets remote authorized users connect to the correct eCentre Application Server within the FAB. [0085]
  • Authorized remote users can start the eCentre collaborative client from the customers page. However, before users can log onto the collaborative client, they must select a customer name from this page. The customer names must be set up before users can access remote tools. A file called customers.xml resides in the root directory on the eCentre Application Server. The senior administrator must set up this file with appropriate customer names. These are the customer names whose tool and tool computers are accessible to authorized users for diagnostics and repair. [0086]
  • The Collaborative Client allows a user outside an ICM facility to enter the controlled environment within the ICM facility for a specific purpose. A user might be an OEM production engineer or ICM tool expert. A validated user can join a session in order to access real-time tool data inside the ICM. From an active session, the user can, depending on access rules, participate in a real-time remote equipment operation; upload and download files; and chat with other users who have joined the current session. [0087]
  • I. Session Management Methodology [0088]
  • With conventional ICM/OEM infrastructure, when a semiconductor tool is not working properly, a technical support person from the tool manufacturer is usually called in to diagnose and fix it. This process can be expensive and lengthy, especially when the support person is not local to the tool site. Ideally, the support person should check the tool immediately after the malfunction. In order to allow this, the FAB can allow the support person to diagnose the system remotely. In order to protect the tool and its data from being exposed to everyone on the FAB or ICM network, the accessibility of the tool can be controlled through sessions. When sessions are set, the users (the OEM clients) can be given access to certain tools. This methodology allows the FAB to control who has access, when they have access and why they have access to the tool. A session is like a virtual meeting place for the tool support person and the tool users. [0089]
  • As seen in FIG. 5, an exemplary embodiment of a [0090] session 502 can have one or more users 504 associated with one or more tool representations 506 and 508. Each tool representation can have a number of services 510 available from it to the users. Such services include, for example, remote tool operation and file transferring. Tool representations 506 and 508 are eCentre representations of physical tools 512 and 514, respectively. For the purposes of this discussion, physical tools and tool representations are interchangeable, unless otherwise noted.
  • A session represents a unit of work that transforms and processes data or information from the tool to the end-user. The eCentre session can have producers as sources and users or outputs as end-points. A session transforms data generated by the producers and delivers them to the users. A producer is a component that generates data. Another session, tool data or device data can be a producer. A user is a consumer of the data transformed by the session. For example, a different session or a receiver can be a user. A group of producers is logical association between different producers and users in a session, e.g. data from [0091] producer 1 goes to user 1 and user 2.
  • The system of the present invention allows the mixing of data, sending the data to different users in different states depending on security access rules. The system connects groups of data producers to different users, routing the information as XML based on associations of users and producers. [0092]
  • II. Session Services Methodology [0093]
  • Sessions also include the correlation of users to a set of available services. These services include: Remote Tool Operation, File Transfer Capability, Chat, Data Filtering, Data Persistence and Data Proxy. [0094]
  • A session controls a user's access to a tool. The system of the present invention can control the services that belong to a session. A service is a component of a session that relates to the ability of a user to access a tool (e.g. FTP, Remote Tool Operation). Sessions can also be categorized, for example, based on security levels such as “Top Secret”, “Secret”, “Unclassified”, and affinities can be created to users and tools. [0095]
  • A. Data Flow Service [0096]
  • In an eCentre environment, the data flow service provides the means for obtaining real-time equipment data as it comes off the tool. When the data flow service is running, the eCentre Application Server receives the XML in a special destination object called a tool topic. Since there is no direct access to a tool, the remote user's request for data is routed through the session. As data is collected off the tool, it is sent to the eCentre Application Server by the Tool Gateway Server in an XML format. Tool topics (similar to queues) are used to receive the XML data from the tool and then transfer the XML to the appropriate user topic. User topics represent users who are associated with the currently running session. Data flowing off the tool is returned to the user via the session. [0097]
  • FIG. 6 shows an exemplary embodiment of a [0098] session 602 having a user 604 and a tool 608, where one of the services provided by the tool 608 is the data flow service 610. The data flow service 610 collects data from tools 612 and 614 after the data has been transformed to XML and received by tool topics 616 and 618, respectively. The data flow service 610 can then apply user filters 620 to further transform the tool data. Filtering is discussed in greater detail below. The filtered data is then received by a user topic 626, where is it available to the user 604. The administrative client 622 has started session 602 on the application server 624. After the data has been received from the tool 608 and transformed and filtered, it can be made available to users outside of the FAB network via the collaborative client 606.
  • In addition, the [0099] collaborative client 606 lets users view graphs that show trends lines that represent the equipment data. Optionally, the session could be configured to store tool data in a repository (such as DB2) thereby reducing the risk of sensitive data being released.
  • B. Data Filtering Service [0100]
  • The session provides data to all the users connected to the same session, with filters defined per user and/or tool. If a user needs different data, a separate filter will be used to present that data to that user. [0101]
  • A session also includes filter based services. These types of filter services regulate which users have access to which tool data and the format in which the user can see the data. For example, a particular tool may report an operating temperature. One filter for one user may allow the user to see the temperature reading, but only when the temperature exceeds a specific number, such as 50 degrees. Another filter for a second user may only show the second user that the temperature is “high” when the temperature is above a threshold, and “low” when the temperature is below a second threshold. In the second case, the OEM may not want the ICM users to know the exact temperature of the tool, but may want to alert the user that the temperature is running high or low. Filters can also prevent an OEM from aggregating data from multiple tools, if the ICM does not want to allow such aggregation. Filters can be implemented, for example, in XSL. Filters can be designed to address specific users, user types, data types and many other parameters of data and access. [0102]
  • 1. XSL Data Filtering Methodology [0103]
  • An XSL filter can be used to protect data by modifying, filtering and/or transforming sensitive FAB data before release to an OEM. The FAB data can be transformed to end-user data through XSL. This allows the OEM client to diagnose the tool remotely by analyzing real-time data (in FAB terms called “reports”) generated by the tool. The filtering process includes interfacing with a tool, capturing the raw format data, and translating the data into a human readable (XML based) format. In order to prevent undesirable data aggregation or to protect sensitive data, the tool data can be transformed prior to delivery to the OEM client. [0104]
  • The data filtering methodology is based on a combination of XML and XSL. For example, tool data is XML based, data transformations, such as session rules or policies, are XSL based, and the output of the transformations is XML based. By using this methodology, every piece of information a tool generates can be controlled, and each user, each tool, and each session can have its own rules/policies. [0105]
  • C. Remote Tool Operations (RTO) Service [0106]
  • In diagnosing a tool, a preferred method is to be able to perform a diagnostic operation as if the support person or OEM client were in front of the tool's screen. An exemplary embodiment of the present invention allows the OEM client to be virtually in front of the tool. The present invention uses screen capturing and encrypted information streaming to send the information to a client application. The OEM client then runs the client application locally to the client, regardless of where the tool is. To increase the security of the information transfer, industry strength cryptographic packages can be used to encrypt the information, and proxy technologies can be used to overcome firewalls. [0107]
  • The system of the present invention allows a real-time view of the tool screen regardless of the operating system of the client. A RTO server is installed on the tool to allow the client to retrieve information from the tool. The RTO infrastructure proxies the screen information to the remote client across the secure shared connection. It is used to operate a tool on the plant floor remotely, including remote control and video observation. Unique proxy design using secure sockets and flexible connectivity types. The Remote Tool Operations can be controlled from an eCentre session, with control of the tool being allowed for only one user at a time. [0108]
  • In addition to being able to operate and diagnose a tool remotely, an exemplary embodiment of the present invention can also remotely manage the maintenance of software applications on semiconductor process tools. This allows the OEM clients to maintain remotely any software that is deployed on the tool without being present at the tool. [0109]
  • D. Managed/Shared File Transfer Service [0110]
  • The managed/shared file transfer capability of the present invention enables the system administrator to control what, where, and when a file can be transferred to the tool. First, no file can be transferred directly to or from a tool. All files must go first to a staging area, which is unique per eCentre session and tool. Only after going to the staging area can the file then be transferred to or from the tool. Second, the system administrator controls, using session policies, what types of files can be sent to the tool and where they will be placed in the tool file system. The session policies can also control, for example, which users can access the staging area. Third, the system administrator controls when the file can be uploaded to the tool by allowing access based on time intervals, preventing files from being transferred when the tool is not in the proper state. The system administrator can filter the files that an OEM client can see on a tool in many ways, for example, based on the file name and location, in addition to time restrictions. [0111]
  • E. Managed/Shared TELNET Sessions Service [0112]
  • The OEM clients can use TELNET to access a tool based on policies, as defined in a session. These policies are controlled by the system administrator and are specific to the session, users and tools involved. The policies allow the administrator to restrict the access to TELNET features based on rules associated to users, tools and sessions. The system administrator can also see and record any TELNET activities of an OEM client with minimal invasion. The eCentre session provides the capability of centralized control of the TELNET sessions. [0113]
  • F. XML Data Persistence Service [0114]
  • The system of the present invention can store semiconductor device data in a database, preferably in a keyed relational database. Tool data, in the form of XML documents, are flattened by converting XML tags into lists and items to be stored in the database. This allows the tool data to be stored in the database in a format for fast retrieval. Tool data are stored in groups of tables belonging to a session or a tool. The tool data may be transformed prior to storage. For example, minimum, maximum or average values could be stored instead of the raw data. [0115]
  • The database schema and settings are tuned for high performance commits and retrievals. The intervals for the storage can be adjusted in ways that are pertinent to the unique settings of the eCentre installation. [0116]
  • The data storage feature provides support that allows information received from the tool to be sent to storage database. The software has the ability to assign classification levels to all tool parameters. Classified data will be stored in the database where it can be selectively retrieved. Optionally, the data could be stored as one of the following formats: compressed XML data, average data, and exact data. [0117]
  • Compressed data stores the event XML paragraph compressed with the event header normalized. This allows the data to be stored in the XML format recommended by SEMATECH without requiring large amounts of storage space. In order to be retrieved, the data must first be uncompressed and then parsed so that a reporting tool can take full advantage of the data. [0118]
  • Averaged data represents an optimized method to store data for fast retrieval within reasonable storage space. In order to achieve this, average intervals and holding periods are predefined. An average interval is a time-slice in which all tool parameter values are accumulated. The expiration of the interval stores only the average value, minimum value, maximum value, and the number of times the value occurred. [0119]
  • Data will not be held for more than the predefined holding period. Both averaged intervals and holding periods can be specified in milliseconds. If the average mode is chosen, the exact XML data will continue to be stored compressed. All intervals are time stamped, and if no data arrives within that interval, then no entry is written to the database. [0120]
  • Exact data is for parameters that do not have a high frequency rate but where the exact value and time stamp are very important and the data needs to be quickly retrieved. Similar to averaged data, the full XML paragraphs are stored compressed. [0121]
  • In an exemplary embodiment, a data storage configuration can cause compressed data to be held for 15 days; average data for 5-second intervals for one day, and average data for one-hour intervals for 15 days. [0122]
  • III. Session Activity Version Control and Rollback Methodology [0123]
  • While version control and rollback mechanisms are common in software and database applications, such mechanisms have not previously been applied to the area of e-Diagnostics for real-time tool diagnosis and repair. Changes can be made to tool settings and control files; if the new operation is not better, everything can be “rolled-back” to previous settings with one operation. For example, the OEM client can perform an FTP file upload on the tool. Prior to the physical upload, the system of the present invention can retrieve the current file from the tool, assign a version to the file and secure-store the file. Only after this operation is done will the system upload the new file. If the new file causes the tool to perform undesirably, the previous version of the file can be reinstated by an administrator to return the tool to a well-behaved state. To prevent the tool from being left in an unstable state in a rollback, the tool can be protected, for example, from being accessed and controlled by two or more OEM clients at the same time. [0124]
  • IV. eCentre Session Interactions [0125]
  • In order for the eCentre session to perform its duties, several interactions are required. The eCentre session has a graphical user interface (GUI) that can allow the user to perform activities. The activities are divided into two major categories: Administrative and User. The Administrator GUI allows for the maintenance of sessions and the related users access. The User GUI allows for interaction with the services and access to the data provided. [0126]
  • For example, FIG. 7 shows the [0127] Desktop GUI 700. From the desktop 700, a user is able to navigate through the available sessions 702, operate a tool remotely 704, receive video streams from a camera attached to the tool 706, receive still pictures (for high definition analysis) of the tool or other data files 708, audit user interactions in a session 710, perform data analysis with historical data 712, and check on the tool gateway server activity 714.
  • FIG. 8 illustrates an active sessions list [0128] 800 that shows the place where all running sessions are displayed. From here a user has the ability to join a particular session, such as, for example session 802 and 804, in order to receive needed data. In addition, the user can also create a session from button 806, if the currently active sessions do not meet the user's needs.
  • FIG. 9 illustrates a GUI of the [0129] session navigator 702 that uses one method to configure event and trace data. It shows the place where a user can see the details of data received from a tool in form of an XML message. For example, for a tool 902, the data from a specific tool element 904 can be displayed in data window 906.
  • FIG. 10 illustrates a file transfer and [0130] versioning panel 708 that shows the staging area 1004 where a user can transfer tool files 1002. For example, new tool data updates can be transferred to the tool from the user's location, via the staging area 1004. The file transfer and versioning panel 708 can also be used as a staging area controlling the versioning of the files that are uploaded into the tool. The file transfer and versioning feature allows the users to perform different tool updates without the risk of destroying the current set of parameters that governs the tool.
  • FIG. 11 shows an [0131] audit trail GUI 710 that shows part of the administration of a user, in particular the audit trails seen in window 1102. The activity of all the users connected to the system can be captured, for example, when the user logged onto the system, when the user created or joined a session, and when an access violation occurs.
  • FIG. 12 shows an exemplary embodiment of a [0132] data viewer GUI 712 according to the present invention. A user can access live tool data or stored historical data about a tool or a collection of tools. The data can be presented in a variety of graphical methods. For example, a user can view a combined graph of the temperature 1202 and the pressure 1204 of a tool.
  • FIG. 13 shows a tool gateway server [0133] status interface GUI 714 that shows the screen where the user can check the status of a tool gateway server. For example, the user could check general information 1302 about the tool gateway server, or more specific information such as, for example, a fan speed 1304, a planar temperature 1306, a CPU temperature 1308, or a CPU utilization 1310.
  • FIG. 14 shows an eCentre [0134] business rules GUI 1400 that provides the ability to update business logic graphically. This can be used to create business rules that can be incorporated into the operation of the session. Session activities will be limited or allowed based on business rules. Session activities can also trigger external events such as sending an e-mail or writing to a database as defined by the business process.
  • V. Connectivity Methodology [0135]
  • In the creation of the e-diagnostic system between the OEM and the FAB there is a requirement to establish a direct or shared connection between the parties. In general, this can be accomplished through Internet access or Virtual Private Network (VPN) connections. There is another component of the eCentre system that allows for the connection of the FAB to OEMs. [0136]
  • A. Service Net [0137]
  • Service Net is a network connection that allows the many OEMs and many FABs to connect with each other without requiring a dedicated link for each combination. For example, unlike with service net, with a VPN, there would be a separate VPN connection from a first FAB to each OEM in the system. With Service Net, there is a single outbound connection which manages access to the OEMs. For example, one VPN connection from each OEM can connect to multiple FABs, and one VPN connection from each FAB can connect to multiple OEMs. [0138]
  • The Service Net provides secure communications for all OEM and FAB constituents by preventing unauthorized cross-connects between OEM's and/or customers. Each constituent controls its own data. This brokered network maintains separation of accounts. [0139]
  • FIG. 15 shows an exemplary embodiment of the service net according to the present invention. One or [0140] more OEMs 108 each comprising a DMZ eCentre Enterprise Server 1502 is each coupled through a router 1504 to the Internet 106. The router 1504 can be a combination router/firewall/VPN or can be comprised of separate components providing router, firewall and VPN functions. One or more FABs 102, each comprising a DMZ eCentre Server 1506, is also coupled to the Internet 106 through a router 1504. The router 1504 for each OEM and FAD connects to a separate VPN device 1508 via a secure connection 1510. Each OEM and FAB VPN device 1508 terminates in its own dedicated isolation LAN 1512. The dedicated isolation LANs are in turn coupled to the e-diagnostic LAN 1514. The e-diagnostic LAN 1514 is a combination of network hardware and software that makes logical point-to-point connections between the OEMs and the FABs. Although each OEM 108 could connect to each FAB 102, the e-diagnostic LAN 1514 controls which OEMs can actually connect to a particular FAB according to access rules. In this way, the FABs and OEMs need only manage one connection: to the e-diagnostic LAN 1514. The e-diagnostic LAN controls subsequent connections to the other entities on the network. The service net 1516 is made up of the e-diagnostic LAN 1514, the dedicated isolation LANs 1512, and the VPN devices 1508. The service net 1516 does not comprise any applications/logic or databases outside the firewalls.
  • VI. Data Brokering System [0141]
  • In the tuning and diagnosis of semiconductor equipment, it is necessary to have additional data about the wafers produced by the tool to understand yield as it relates to tool settings. This data is often collected in downstream processes by additional tools, often from other vendors. Since OEM equipment makers do not share this data with each other, the optimal tool settings are not always achieved. OEM equipment makers are often reluctant to expose data from their tools, which could be examined and used by competitors to denigrate the OEM tools or to used to improve the competitors' tools. These same OEM suppliers could be willing to share this data, if the data was limited to wafer data, and not how the wafer data was collected. [0142]
  • Therefore, as seen in FIG. 16, an exemplary embodiment of the present invention includes a [0143] data brokering system 1602 for semiconductor wafer data within a FAB that allows for the request for data on a particular wafer to be satisfied by a system that responds to that request without providing an OEM any specific information. Data from tools 1610, 1612, 1614 and 1616 can be filtered by respective filters 1608 a, 1608 b, 1608 c, and 1608 d and collected by the data brokering system 1602 as XML tool data 1606. The XML tool data 1606 and be stored in a database 1604. Wafer data from each tool 1610-1616 is then available to the other tools without providing any specific tool information.
  • Given that the data has value to the different tool makers, the system also includes a [0144] fee payment mechanism 1618 based on a variety of algorithms including payment by the size of data (e.g. Mb), type of data (e.g. metrology), or type of wafer produced (e.g. 300 mm). OEMs can consult this brokering system with a request for wafer data. The system shows a list of data available and the related charge for that data. If acceptable, the OEM requester can download the data for analysis. Data can be stored in a standard XML format, or can contain a list of data that would be reviewed by the buyer.
  • The data exchanges can also be done in an automated fashion to improve the overall productivity of the plant floor. For example, data from downstream operations can be automatically fed into the upstream tools for analysis of their production operation. Tool settings can be modified to improve performance. This data is fed through the broker system, maintaining autonomy of the various data suppliers and providing financial rewards for their help in improving the productivity of upstream tools. [0145]
  • While various embodiments of the present invention have been described above, it should be understood that they have been presented by way of example only, and not limitation. Thus, the breadth and scope of the present invention should not be limited by any of the above-described exemplary embodiments, but should instead be defined only in accordance with the following claims and their equivalents. [0146]

Claims (5)

What is claimed is:
1. A data brokering system for semiconductor wafer data, comprising:
a FAB having at least one automated semiconductor wafer manufacturing tool;
a plurality of OEMS, coupled to said FAB via a secure service net;
means for providing data about a semiconductor wafer manufactured by said tool to one of said OEMs without revealing information about said tool; and
means for collecting fees based on characteristics of said provided data.
2. The system of claim 1, wherein said characteristics of provided data include a size of data, a type of data and a type of wafer.
3. The system of claim 1, wherein said means for providing data is automated by automatically feeding wafer data from a tool at a later part of the manufacturing process to a tool earlier in the manufacturing process.
4. The system of claim 1, wherein said means for collecting fees includes providing a list of available data with a charge for that data.
5. The system of claim 1, wherein said wafer data is stored in XML format.
US10/385,441 2002-03-12 2003-03-12 Data brokering system for integrated remote tool access, data collection, and control Abandoned US20030208448A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US10/385,441 US20030208448A1 (en) 2002-03-12 2003-03-12 Data brokering system for integrated remote tool access, data collection, and control

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US36325102P 2002-03-12 2002-03-12
US10/385,441 US20030208448A1 (en) 2002-03-12 2003-03-12 Data brokering system for integrated remote tool access, data collection, and control

Publications (1)

Publication Number Publication Date
US20030208448A1 true US20030208448A1 (en) 2003-11-06

Family

ID=29736027

Family Applications (4)

Application Number Title Priority Date Filing Date
US10/385,479 Abandoned US20030220768A1 (en) 2002-03-12 2003-03-12 Diagnostic system and method for integrated remote tool access, data collection, and control
US10/385,441 Abandoned US20030208448A1 (en) 2002-03-12 2003-03-12 Data brokering system for integrated remote tool access, data collection, and control
US10/385,442 Active 2025-02-14 US7404207B2 (en) 2002-03-12 2003-03-12 Data sharing and networking system for integrated remote tool access, data collection, and control
US11/270,098 Abandoned US20060064440A1 (en) 2002-03-12 2005-11-09 Data sharing and networking system for integrated remote tool access, data collection and control

Family Applications Before (1)

Application Number Title Priority Date Filing Date
US10/385,479 Abandoned US20030220768A1 (en) 2002-03-12 2003-03-12 Diagnostic system and method for integrated remote tool access, data collection, and control

Family Applications After (2)

Application Number Title Priority Date Filing Date
US10/385,442 Active 2025-02-14 US7404207B2 (en) 2002-03-12 2003-03-12 Data sharing and networking system for integrated remote tool access, data collection, and control
US11/270,098 Abandoned US20060064440A1 (en) 2002-03-12 2005-11-09 Data sharing and networking system for integrated remote tool access, data collection and control

Country Status (6)

Country Link
US (4) US20030220768A1 (en)
EP (1) EP1483781A4 (en)
JP (1) JP2005523540A (en)
KR (2) KR20040105767A (en)
AU (1) AU2003265227A1 (en)
WO (1) WO2003105194A2 (en)

Cited By (22)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030036971A1 (en) * 2001-08-16 2003-02-20 Nec Corporation System and method for manufacturing semiconductor devices controlled by customer
US20030177390A1 (en) * 2002-03-15 2003-09-18 Rakesh Radhakrishnan Securing applications based on application infrastructure security techniques
US20040260925A1 (en) * 2003-06-20 2004-12-23 Barnabo Christopher E. System aand method for authentication to an application
US20050010311A1 (en) * 2003-07-10 2005-01-13 Barbazette Christopher J. Data collection and diagnostic system for a semiconductor fabrication facility
US20050171971A1 (en) * 2002-06-27 2005-08-04 Microsoft Corporation Speaker detection and tracking using audiovisual data
EP1640836A1 (en) * 2004-09-28 2006-03-29 Rockwell Automation Technologies, Inc. Centrally managed proxy-based security for legacy automation systems
US20060277289A1 (en) * 2000-02-01 2006-12-07 Charles Bayliss Multi-protocol multi-client equipment server
US20070124346A1 (en) * 2005-11-17 2007-05-31 Mitchel Jules T System and method for creating, managing, deploying and archiving data-intensive applications and projects
US20070255444A1 (en) * 2004-03-15 2007-11-01 Tokyo Electron Limited Service activity management system and method for semiconductor manufacturing equipment
WO2007124756A2 (en) 2006-05-02 2007-11-08 Kk-Electronic A/S A system for operating a plant
US20080082579A1 (en) * 2006-09-29 2008-04-03 Chung-Ho Huang Dynamic component-tracking system and methods therefor
US20080243988A1 (en) * 2000-03-30 2008-10-02 Chung-Ho Huang Recipe-and-component control module and methods thereof
US7596803B1 (en) 2004-07-12 2009-09-29 Advanced Micro Devices, Inc. Method and system for generating access policies
US20090276204A1 (en) * 2008-04-30 2009-11-05 Applied Identity Method and system for policy simulation
US8516539B2 (en) 2007-11-09 2013-08-20 Citrix Systems, Inc System and method for inferring access policies from access event records
US8910241B2 (en) 2002-04-25 2014-12-09 Citrix Systems, Inc. Computer security system
US8990910B2 (en) 2007-11-13 2015-03-24 Citrix Systems, Inc. System and method using globally unique identities
US8990573B2 (en) 2008-11-10 2015-03-24 Citrix Systems, Inc. System and method for using variable security tag location in network communications
US20150186627A1 (en) * 2013-12-26 2015-07-02 Nxp B.V. Secure software compnents anti-reverse-engineering by table interleaving
US9240945B2 (en) 2008-03-19 2016-01-19 Citrix Systems, Inc. Access, priority and bandwidth management based on application identity
EP3106950A1 (en) * 2015-06-19 2016-12-21 Robert Bosch Gmbh Tool system for an assembly plant and method for a tool system for an assembly plant
EP3115860A1 (en) * 2015-06-19 2017-01-11 Robert Bosch Gmbh Tool system with a display in graphical form for an assembly plant and a method for a tool system of an assembly plant

Families Citing this family (67)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6876991B1 (en) 1999-11-08 2005-04-05 Collaborative Decision Platforms, Llc. System, method and computer program product for a collaborative decision platform
US9191443B2 (en) * 1999-12-02 2015-11-17 Western Digital Technologies, Inc. Managed peer-to-peer applications, systems and methods for distributed data access and storage
US7587467B2 (en) * 1999-12-02 2009-09-08 Western Digital Technologies, Inc. Managed peer-to-peer applications, systems and methods for distributed data access and storage
EP1309901B1 (en) 1999-12-02 2008-05-21 Western Digital Technologies, Inc. System for remote recording of television programs
US7120692B2 (en) 1999-12-02 2006-10-10 Senvid, Inc. Access and control system for network-enabled devices
US7917628B2 (en) 1999-12-02 2011-03-29 Western Digital Technologies, Inc. Managed peer-to-peer applications, systems and methods for distributed data access and storage
US7934251B2 (en) 1999-12-02 2011-04-26 Western Digital Technologies, Inc. Managed peer-to-peer applications, systems and methods for distributed data access and storage
US8793374B2 (en) * 1999-12-02 2014-07-29 Western Digital Technologies, Inc. Managed peer-to-peer applications, systems and methods for distributed data access and storage
US8688797B2 (en) 1999-12-02 2014-04-01 Western Digital Technologies, Inc. Managed peer-to-peer applications, systems and methods for distributed data access and storage
US6842660B2 (en) * 2001-10-31 2005-01-11 Brooks Automation, Inc. Device and method for communicating data in a process control system
JP2004280695A (en) * 2003-03-18 2004-10-07 Sony Corp Data-sharing system, transmission side terminal device, reception side terminal device, program, and processing method of the transmission side terminal device
US20050004780A1 (en) * 2003-07-03 2005-01-06 Taiwan Semiconductor Manufacturing Co., Ltd Virtual assistant for semiconductor tool maintenance
US20050102500A1 (en) * 2003-11-12 2005-05-12 International Business Machines Corporation System and method for integrating applications in different enterprises separated by firewalls
US7093207B1 (en) * 2003-11-17 2006-08-15 Kla-Tencor Technologies Corporation Data analysis flow engine
JP2005316565A (en) * 2004-04-27 2005-11-10 Yokogawa Electric Corp Know-how service system
US7530093B2 (en) * 2004-04-30 2009-05-05 Microsoft Corporation Securing applications and operating systems
US20050283521A1 (en) * 2004-06-18 2005-12-22 Whan Wen J Centrally hosted monitoring system
EP1612630B1 (en) * 2004-06-29 2015-02-25 Rockwell Automation Technologies, Inc. Extensible data transformation system
US20060005227A1 (en) * 2004-07-01 2006-01-05 Microsoft Corporation Languages for expressing security policies
US7657923B2 (en) * 2004-07-23 2010-02-02 Microsoft Corporation Framework for a security system
JP4492248B2 (en) * 2004-08-04 2010-06-30 富士ゼロックス株式会社 Network system, internal server, terminal device, program, and packet relay method
US20060041507A1 (en) * 2004-08-13 2006-02-23 Sbc Knowledge Ventures L.P. Pluggable authentication for transaction tool management services
US20060167818A1 (en) * 2005-01-21 2006-07-27 David Wentker Methods and system for performing data exchanges related to financial transactions over a public network
EP1952254A4 (en) * 2005-10-17 2011-06-22 Alebra Technologies Inc Method, process and system for sharing data in a heterogeneous storage network
US8370431B1 (en) * 2005-11-16 2013-02-05 Juniper Networks, Inc. Secure desktop for a network meeting
KR100695009B1 (en) * 2005-12-01 2007-03-14 한국전자통신연구원 System and method for processing stream data using pre-filtering based on software
US7206721B1 (en) * 2005-12-12 2007-04-17 Taiwan Semiconductor Manufacturing Co., Ltd. Methods and systems of offline measurement for process tool monitoring
US8700902B2 (en) 2006-02-13 2014-04-15 At&T Intellectual Property I, L.P. Methods and apparatus to certify digital signatures
US20070294699A1 (en) * 2006-06-16 2007-12-20 Microsoft Corporation Conditionally reserving resources in an operating system
US8332925B2 (en) * 2006-08-08 2012-12-11 A10 Networks, Inc. System and method for distributed multi-processing security gateway
US8079077B2 (en) 2006-08-08 2011-12-13 A10 Networks, Inc. System and method for distributed multi-processing security gateway
US7954143B2 (en) * 2006-11-13 2011-05-31 At&T Intellectual Property I, Lp Methods, network services, and computer program products for dynamically assigning users to firewall policy groups
TWI323016B (en) * 2006-12-25 2010-04-01 Ind Tech Res Inst Real-time fault detection and classification system in use with a semiconductor fabrication process
US7813828B2 (en) * 2007-04-02 2010-10-12 Hitachi Kokusai Electric Inc. Substrate processing system and group management system
JP5461778B2 (en) * 2007-04-02 2014-04-02 株式会社日立国際電気 Substrate processing system, group management system, configuration management program, connection management program, terminal program, and connection management method for each hardware
CA2590387A1 (en) * 2007-05-29 2008-11-29 Sal Khan A system and method for creating a virtual private network (vpn) over a computer network using multi-layered permissions-based access control
US8341277B2 (en) * 2007-07-03 2012-12-25 International Business Machines Corporation System and method for connecting closed, secure production network
US7930414B2 (en) * 2008-01-08 2011-04-19 International Business Machines Corporation System and method for communicating with tools in a closed, secure production network
US9075496B1 (en) * 2008-05-15 2015-07-07 Open Invention Network, Llc Encapsulation of software support tools
KR100980737B1 (en) * 2008-11-18 2010-09-08 세메스 주식회사 Network system for controlling various semiconductor manufacturing equipments and method of the same
US8321926B1 (en) * 2008-12-02 2012-11-27 Lockheed Martin Corporation System and method of protecting a system that includes unprotected computer devices
JP5253517B2 (en) * 2008-12-24 2013-07-31 キヤノンアネルバ株式会社 Data collection system for vacuum processing equipment
JP5385639B2 (en) * 2009-03-06 2014-01-08 キヤノン株式会社 Information processing system, information processing method, and program
JP5322706B2 (en) * 2009-03-10 2013-10-23 キヤノン株式会社 Information processing system, information processing method, and program
US9350817B2 (en) * 2009-07-22 2016-05-24 Cisco Technology, Inc. Recording a hyper text transfer protocol (HTTP) session for playback
US9118618B2 (en) 2012-03-29 2015-08-25 A10 Networks, Inc. Hardware-based packet editor
US20130297055A1 (en) * 2012-05-04 2013-11-07 Fei Wang Network-based control method and system for controlling a whole-flow production process
US9596286B2 (en) 2012-05-25 2017-03-14 A10 Networks, Inc. Method to process HTTP header with hardware assistance
US10021174B2 (en) 2012-09-25 2018-07-10 A10 Networks, Inc. Distributing service sessions
JP2015534769A (en) 2012-09-25 2015-12-03 エイ10 ネットワークス インコーポレイテッドA10 Networks, Inc. Load balancing in data networks
US8954495B2 (en) * 2013-01-04 2015-02-10 Netfilx, Inc. Proxy application with dynamic filter updating
US9454158B2 (en) 2013-03-15 2016-09-27 Bhushan Somani Real time diagnostics for flow controller systems and methods
US10027761B2 (en) 2013-05-03 2018-07-17 A10 Networks, Inc. Facilitating a secure 3 party network session by a network device
KR101853148B1 (en) * 2013-05-20 2018-04-27 엘에스산전 주식회사 Method for storing data
US20150033139A1 (en) * 2013-07-23 2015-01-29 Microsoft Corporation Communication with on-calls and machines using multiple modalities through single historical tracking
KR101394785B1 (en) * 2013-10-15 2014-05-15 임진희 Apparatus and method of connecting direction input peripheral to remote semiconductor device
US10936721B1 (en) 2018-03-01 2021-03-02 Amdocs Development Limited System, method, and computer program for splitting and distributing a privileged software component into dependent components in order to deliver better security
US10020979B1 (en) 2014-03-25 2018-07-10 A10 Networks, Inc. Allocating resources in multi-core computing environments
US9806943B2 (en) 2014-04-24 2017-10-31 A10 Networks, Inc. Enabling planned upgrade/downgrade of network devices without impacting network sessions
DE102014112704B3 (en) 2014-09-03 2015-12-03 Phoenix Contact Gmbh & Co. Kg Network system and network subscribers for data transmission via a cloud infrastructure and establishment process
US10067905B2 (en) 2015-05-26 2018-09-04 Plasmability, Llc Digital interface for manufacturing equipment
CN104917774A (en) * 2015-06-16 2015-09-16 顾健 Application secure virtual releasing technical equipment based on intelligent terminal and operation method
CN106027484A (en) * 2016-04-27 2016-10-12 国网江苏省电力公司信息通信分公司 System and method for displaying information
EP3515031B1 (en) * 2016-11-14 2021-04-07 Huawei Technologies Co., Ltd. Session processing method, apparatus and system
DE112018000705T5 (en) 2017-03-06 2019-11-14 Cummins Filtration Ip, Inc. DETECTION OF REAL FILTERS WITH A FILTER MONITORING SYSTEM
US11237936B2 (en) * 2018-08-12 2022-02-01 International Business Machines Corporation Secure system data collection using call home feature
EP3798767B1 (en) * 2019-09-24 2022-03-02 Siemens Aktiengesellschaft Method and arrangement for controlling the data exchange of an industrial edge device

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020022969A1 (en) * 2000-07-07 2002-02-21 Berg Marc Van Den Remote automated customer support for manufacturing equipment
US20020077981A1 (en) * 2000-11-13 2002-06-20 Yozan, Inc. Communication terminal device and billing device
US6594589B1 (en) * 2001-05-23 2003-07-15 Advanced Micro Devices, Inc. Method and apparatus for monitoring tool health
US20030171885A1 (en) * 2002-03-08 2003-09-11 Elfido Coss System for brokering fault detection data
US6748287B1 (en) * 2001-07-23 2004-06-08 Esilicon Corporation Adaptive real-time work-in-progress tracking, prediction, and optimization system for a semiconductor supply chain

Family Cites Families (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP3307215B2 (en) * 1996-02-26 2002-07-24 トヨタ自動車株式会社 Failure diagnosis device for vehicle electronic control unit
TWI249760B (en) 1996-07-31 2006-02-21 Canon Kk Remote maintenance system
US5884073A (en) * 1996-10-28 1999-03-16 Intel Corporation System and method for providing technical support of an electronic system through a web bios
JPH10228311A (en) * 1997-02-18 1998-08-25 Shimadzu Corp Remote diagnostic system for failure of instrument
US6175917B1 (en) * 1998-04-23 2001-01-16 Vpnet Technologies, Inc. Method and apparatus for swapping a computer operating system
US6397245B1 (en) * 1999-06-14 2002-05-28 Hewlett-Packard Company System and method for evaluating the operation of a computer over a computer network
US6697969B1 (en) * 1999-09-01 2004-02-24 International Business Machines Corporation Method, system, and program for diagnosing a computer in a network system
AU3968201A (en) 1999-11-03 2001-06-04 Avantcom Network, Inc. Method and apparatus for proprietary data collection and distribution
US6408260B1 (en) * 2000-02-16 2002-06-18 Cymer, Inc. Laser lithography quality alarm system
JP2001326151A (en) * 2000-05-16 2001-11-22 Nec Corp Semiconductor integrated circuit manufacturing system
US20010054044A1 (en) * 2000-06-14 2001-12-20 Liu Yi Bo Method for monitoring and browsing database of test system
US20020007422A1 (en) * 2000-07-06 2002-01-17 Bennett Keith E. Providing equipment access to supply chain members
US7779089B2 (en) * 2000-09-15 2010-08-17 Invensys Systems, Inc. Method and system for remote configuration of process data access servers
US20030037287A1 (en) * 2000-09-25 2003-02-20 Masakatsu Nakamura Electronic apparatus, data communication device, management system of electronic apparatus, and management method of electronic apparatus
US6782345B1 (en) * 2000-10-03 2004-08-24 Xerox Corporation Systems and methods for diagnosing electronic systems
US7133822B1 (en) * 2001-03-29 2006-11-07 Xilinx, Inc. Network based diagnostic system and method for programmable hardware
US20040012808A1 (en) * 2001-06-04 2004-01-22 Payne David M. Network-based technical support and diagnostics
US6459969B1 (en) * 2001-06-15 2002-10-01 International Business Machines Corporation Apparatus, program product and method of processing diagnostic data transferred from a host computer to a portable computer
WO2003017055A2 (en) * 2001-08-15 2003-02-27 Visa International Service Association Method and system for delivering multiple services electronically to customers via a centralized portal architecture
US7197550B2 (en) * 2001-08-23 2007-03-27 The Directv Group, Inc. Automated configuration of a virtual private network
US20030079121A1 (en) * 2001-10-19 2003-04-24 Applied Materials, Inc. Secure end-to-end communication over a public network from a computer inside a first private network to a server at a second private network

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020022969A1 (en) * 2000-07-07 2002-02-21 Berg Marc Van Den Remote automated customer support for manufacturing equipment
US20020077981A1 (en) * 2000-11-13 2002-06-20 Yozan, Inc. Communication terminal device and billing device
US6594589B1 (en) * 2001-05-23 2003-07-15 Advanced Micro Devices, Inc. Method and apparatus for monitoring tool health
US6748287B1 (en) * 2001-07-23 2004-06-08 Esilicon Corporation Adaptive real-time work-in-progress tracking, prediction, and optimization system for a semiconductor supply chain
US20030171885A1 (en) * 2002-03-08 2003-09-11 Elfido Coss System for brokering fault detection data

Cited By (45)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10007256B2 (en) 2000-02-01 2018-06-26 Peer Intellectual Property Inc. Multi-protocol multi-client equipment server
US9785140B2 (en) * 2000-02-01 2017-10-10 Peer Intellectual Property Inc. Multi-protocol multi-client equipment server
US20060277289A1 (en) * 2000-02-01 2006-12-07 Charles Bayliss Multi-protocol multi-client equipment server
US7672747B2 (en) * 2000-03-30 2010-03-02 Lam Research Corporation Recipe-and-component control module and methods thereof
US20080243988A1 (en) * 2000-03-30 2008-10-02 Chung-Ho Huang Recipe-and-component control module and methods thereof
US6801826B2 (en) * 2001-08-16 2004-10-05 Nec Corporation System and method for manufacturing semiconductor devices controlled by customer
US20030036971A1 (en) * 2001-08-16 2003-02-20 Nec Corporation System and method for manufacturing semiconductor devices controlled by customer
US20030177390A1 (en) * 2002-03-15 2003-09-18 Rakesh Radhakrishnan Securing applications based on application infrastructure security techniques
US8910241B2 (en) 2002-04-25 2014-12-09 Citrix Systems, Inc. Computer security system
US9781114B2 (en) 2002-04-25 2017-10-03 Citrix Systems, Inc. Computer security system
US8842177B2 (en) 2002-06-27 2014-09-23 Microsoft Corporation Speaker detection and tracking using audiovisual data
US7692685B2 (en) 2002-06-27 2010-04-06 Microsoft Corporation Speaker detection and tracking using audiovisual data
US20050171971A1 (en) * 2002-06-27 2005-08-04 Microsoft Corporation Speaker detection and tracking using audiovisual data
US20100194881A1 (en) * 2002-06-27 2010-08-05 Microsoft Corporation Speaker detection and tracking using audiovisual data
US20080222713A1 (en) * 2003-06-20 2008-09-11 International Business Machines Corporation System and method for authenication to an application
US7877792B2 (en) 2003-06-20 2011-01-25 International Business Machines Corporation System and method for authentication to an application
US20040260925A1 (en) * 2003-06-20 2004-12-23 Barnabo Christopher E. System aand method for authentication to an application
US7356697B2 (en) * 2003-06-20 2008-04-08 International Business Machines Corporation System and method for authentication to an application
US20050010311A1 (en) * 2003-07-10 2005-01-13 Barbazette Christopher J. Data collection and diagnostic system for a semiconductor fabrication facility
US20070255444A1 (en) * 2004-03-15 2007-11-01 Tokyo Electron Limited Service activity management system and method for semiconductor manufacturing equipment
US7596803B1 (en) 2004-07-12 2009-09-29 Advanced Micro Devices, Inc. Method and system for generating access policies
EP1640836A1 (en) * 2004-09-28 2006-03-29 Rockwell Automation Technologies, Inc. Centrally managed proxy-based security for legacy automation systems
US7950044B2 (en) 2004-09-28 2011-05-24 Rockwell Automation Technologies, Inc. Centrally managed proxy-based security for legacy automation systems
US20070124346A1 (en) * 2005-11-17 2007-05-31 Mitchel Jules T System and method for creating, managing, deploying and archiving data-intensive applications and projects
US8543968B2 (en) * 2005-11-17 2013-09-24 Target Health, Inc. System and method for creating, managing, deploying and archiving data-intensive applications and projects
WO2007124756A3 (en) * 2006-05-02 2007-12-21 Electronic As Kk A system for operating a plant
US20090299493A1 (en) * 2006-05-02 2009-12-03 Allan Bo Joergensen System for operating a plant
WO2007124756A2 (en) 2006-05-02 2007-11-08 Kk-Electronic A/S A system for operating a plant
US20080082579A1 (en) * 2006-09-29 2008-04-03 Chung-Ho Huang Dynamic component-tracking system and methods therefor
US8010483B2 (en) 2006-09-29 2011-08-30 Lam Research Corporation Component-tracking system and methods therefor
US7814046B2 (en) 2006-09-29 2010-10-12 Lam Research Corporation Dynamic component-tracking system and methods therefor
US20100325084A1 (en) * 2006-09-29 2010-12-23 Chung-Ho Huang Component-tracking system and methods therefor
US8295963B2 (en) 2007-03-29 2012-10-23 Lam Research Corporation Methods for performing data management for a recipe-and-component control module
US20100125360A1 (en) * 2007-03-29 2010-05-20 Chung-Ho Huang Methods for performing data management for a recipe-and-component control module
US8516539B2 (en) 2007-11-09 2013-08-20 Citrix Systems, Inc System and method for inferring access policies from access event records
US8990910B2 (en) 2007-11-13 2015-03-24 Citrix Systems, Inc. System and method using globally unique identities
US9240945B2 (en) 2008-03-19 2016-01-19 Citrix Systems, Inc. Access, priority and bandwidth management based on application identity
US20090276204A1 (en) * 2008-04-30 2009-11-05 Applied Identity Method and system for policy simulation
US8943575B2 (en) 2008-04-30 2015-01-27 Citrix Systems, Inc. Method and system for policy simulation
US8990573B2 (en) 2008-11-10 2015-03-24 Citrix Systems, Inc. System and method for using variable security tag location in network communications
US20150186627A1 (en) * 2013-12-26 2015-07-02 Nxp B.V. Secure software compnents anti-reverse-engineering by table interleaving
US9576116B2 (en) * 2013-12-26 2017-02-21 Nxp B.V. Secure software components anti-reverse-engineering by table interleaving
EP3106950A1 (en) * 2015-06-19 2016-12-21 Robert Bosch Gmbh Tool system for an assembly plant and method for a tool system for an assembly plant
CN106257365A (en) * 2015-06-19 2016-12-28 罗伯特·博世有限公司 Assemble the tool system of facility and for the method assembling the tool system of facility
EP3115860A1 (en) * 2015-06-19 2017-01-11 Robert Bosch Gmbh Tool system with a display in graphical form for an assembly plant and a method for a tool system of an assembly plant

Also Published As

Publication number Publication date
WO2003105194A3 (en) 2004-08-12
US20060064440A1 (en) 2006-03-23
KR20040105767A (en) 2004-12-16
AU2003265227A1 (en) 2003-12-22
KR101011608B1 (en) 2011-01-27
US7404207B2 (en) 2008-07-22
EP1483781A4 (en) 2012-04-25
JP2005523540A (en) 2005-08-04
US20030220768A1 (en) 2003-11-27
KR20100090314A (en) 2010-08-13
EP1483781A2 (en) 2004-12-08
US20030229805A1 (en) 2003-12-11
WO2003105194A2 (en) 2003-12-18
AU2003265227A8 (en) 2003-12-22

Similar Documents

Publication Publication Date Title
US7404207B2 (en) Data sharing and networking system for integrated remote tool access, data collection, and control
US9094470B2 (en) Web services-based communications for use with process control systems
EP2076999B1 (en) Network service usage management systems and methods
US6697810B2 (en) Security system for event monitoring, detection and notification system
US7949871B2 (en) Method for creating virtual service connections to provide a secure network
US7761306B2 (en) icFoundation web site development software and icFoundation biztalk server 2000 integration
CN101461213B (en) Communication network application activity monitoring and control
US7769996B2 (en) Private network communication system
US6584454B1 (en) Method and apparatus for community management in remote system servicing
CN100367214C (en) System and method for managing distributed objects as a single representation
US20020157017A1 (en) Event monitoring, detection and notification system having security functions
US20030065623A1 (en) Service, method and apparatus for receipt, authentication, transformation and delivery of transactions using a computer network
Hung et al. Development of an e-diagnostics/maintenance framework for semiconductor factories with security considerations
JP2014078245A (en) Suitable method to be used for commercial transaction
EP1364331A1 (en) System and method for resource provisioning
WO2001038995A1 (en) Method and apparatus for proprietary data collection and distribution
CN113872940A (en) Access control method, device and equipment based on NC-Link
Söderlund Autonomous email notification-and booking management system: In a property administration environment

Legal Events

Date Code Title Description
AS Assignment

Owner name: ILS TECHNOLOGY, INC., NORTH CAROLINA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:PERRY, STUART;WUSSOW, WENDY;BARBOZA, SUNIL;REEL/FRAME:014157/0824

Effective date: 20030522

STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION