Reading time ( words)
“Data really powers everything that we do.” – Jeff Weiner, LinkedIn
Manufacturing data management consists of four primary components: data transfer, data storage, revision control, and data access.
The PCB fabrication and assembly data management system and process is required to be robust to protect customer IP and ensure that the proper data is used to build the product. The entire process assumes that the provided design data package can’t be built as-is. The design data must be updated/completed after it is received by the manufacturer. Powerful CAD/CAM software has made it easy for designers/companies to pass the final editing and revision control on to their manufacturers. Over time, nefarious entities have significantly improved their ability to steal/copy data in parallel with this, thus complicating data transfer and management.
Conceptually, the required design data should be sent as a single intelligent file to the manufacturers, so production tooling is created without any human intervention. The standard industry process is still based on sending multiple files within the data package. These include the Gerber graphical data, Read.me ASCII file, PDF formatted fabrication print, etc. These files may be sent together in the same Zip/TGZ file or at separate times. This method requires humans to review these files since they often have conflicting data and/or violate the OEM’s acceptability and/or manufacturing capability/preferences. Intelligent data formats, such as IPC-2581, eliminate the additional, and often conflicting, documents by incorporating the intelligence in the CAD data.
Data Package Security and Transmission
When I went through ITAR training many years ago, the most interesting information was how people, companies, or governments would gather pieces of product data and then piece it all together so it could be duplicated. The information could be gathered by breaking into the data storage system, employees copying files and selling them, and/or by intercepting emails.
In one instance that I was involved in, a large OEM contacted my company and asked why we were building their boards, in volume. We checked our records and told them that we didn’t have any order from them. So, they sent us a copy of their data package. We did a database query for datasets with similar characteristics; low and behold, we found a dataset that was an identical match but ordered by another company. In another case, we received an order for a consumer PCB that had a ship-to address for a jewelry dealer in a large Asian city. We informed the OEM, and they took on the investigation at that point. We obviously refused the order.
There are many methods to transmit data between companies using various security methods with complex encoding/decoding protocols. The specific method is generally specified by the ordering company. Good data management is also required within a manufacturing facility to restrict data access to only those who require it. It also denotes that individual logins/passwords, not generic logins for a team of people, are required to log who accessed the data, when it was accessed, and who modified any data. This includes going all the way down to the actual equipment.
To read this entire article, which appeared in the November 2021 issue of Design007 Magazine, click here.