Description
Key Learnings
- Learn key challenges encountered when adopting cloud solutions under strict security regulation.
- Learn how to ensure multilevel security by integrating with Autodesk SSO and third-party IDP.
- Learn benefits of sharing 3D views with simple URL in a megaproject.
Speakers
- CPChanghee ParkDr.Changhee Park works for Samsung Semiconductor as principal engineer in construction planning and Pyeongteak construction group. Executing multiple project mangement roles (2019~2024) in structural discipline and BIM managment in Pyeongteak(KR) and Taylor(US) FAB construction, currently his major role is project leader for the development of Samsung construction design platform with adopting public cloud solutions such as AWS and Autodesk / ACC. After he achieved BA, MA and PhD in Seoul National University, he worked as software developer (.Net Framework Development) in design development team and software strategic planning team in MIDAS (2015 - 2017). Also, he worked as research programmer (Web SW development) in The State University of New Jersey (2018) and joined Samsung Semiconductor since 2019
Hojoong ChungHojoong is an architect by training, a TOGAF-certified Enterprise Architect, and a Senior Solution Architect at Autodesk. He has a dynamic background in Building Information Modelling (BIM), Software Development, and Design Computation. Over his career, he has gained 7 years of experience in BIM projects execution, research, and software development, complemented by 3 years in IT business consulting. At Autodesk, Hojoong leverages the Autodesk Platform Services (APS) to cater to customers' unique needs. He utilizes his expertise in agile application development and technical solution design to address complex business needs. Hojoong holds Bachelor's Degrees in Architecture from Yonsei University, Korea, and a Master's Degree in Design Computation from the ITECH program at the University of Stuttgart, Germany.- TKTaekyun KimTaekyun is a Structural Engineer and currently holds the position of Staff Engineer at Samsung Electronics within the Construction Team. With a robust background in semiconductor fabrication (FAB) construction and design, Taekyun has accumulated 7 years of extensive experience in the field. Over the course of his career, Taekyun has served as a Semiconductor FAB Construction Manager for 2 years and a FAB Design Manager for 3 years. He has also spent 2 years focusing on Construction IT, enhancing the integration of technology within the construction processes. One of his notable projects includes the construction of the Samsung FAB plant in Pyeongtaek, South Korea, and the design of data centers in Hwaseong. In his role as a Structural Engineer, Taekyun has managed FAB construction activities while simultaneously engaging in Construction IT tasks. Currently, he serves as a clients, overseeing the project delivery and ensuring that all requirements are met. Taekyun holds a Master's Degree in Civil Engineering from SungKyunKwan University and is a licensed Civil Engineer. He has a proven track record of processing and analyzing BIM data to meet the needs of clients, ensuring seamless data integration and project execution.
CHANGHEE PARK: Hello. I'm honored to presenting at Autodesk 2024. The material we are going to presenting is about the challenging and the solution we have encountered in applying the Autodesk ACC to semiconductor factory construction. Now let's start the presentation.
We will present in the following order-- introduction of ourselves and Samsung Electronics, and challenge and solution we have faced to adopt cloud solution, and [INAUDIBLE] remaining status, and the future plan. Samsung and Autodesk worked as one team for this project. Let me start my team member. From Samsung Electronics, my name is Changhee Park, and I'm principal engineer and working as a project manager and back end software engineers for this project.
And my co-presenter, my colleague, Taekyun Kim, is a senior engineer and works as a backend software engineer for this project. And from Autodesk's side, co-presenter Hojoong Chung is a senior solution architect at Autodesk, and Bharath Kumar is the enterprise system manager.
So let me briefly introduce our firm, Samsung Electronics. Samsung Electronics DS Division, alias Samsung Semiconductor, is a global business unit that produces the world's best semiconductor chips for the various electronic devices, such as smartphones and home appliance and data center servers.
The picture on the left shows the photo of the Pyeongtaek campus in Korea, where the headquarter of the Samsung Semiconductor located. This factory are called as "fab." In this fab, memory chips such as SSD or DRAM, or non-memory chips, such as the AP and CPU are produced for customers all over the world.
We have been building the fabs in the many countries, and they have been a major supplier in the semiconductor industry since 1983. According to the statistics from the Gartner in the 2020, following Intel, Samsung Semiconductor was responsible for the 20.5% of the global semiconductor production.
However, design and the building of the fab is significantly complex among the large-scale construction project type. As shown in the pictures, tall building, like Burj Khalifa in the Dubai, and then irregular buildings, like Dongdaemun Design Plaza in Seoul, are well known for the difficulty in design and build. Only a few number of [INAUDIBLE] and the general contractor can design and building these buildings. Fab are also very complicated in design and build for many aspects.
Not only a complex nature of the design and build, conducting in a fast track, with very stringent security environment, has caused a lot of challenges during the design and build phases. For the security aspect, it is operate as a national security level and the product schedule, while it does not follow typical design bid build process.
Due to this nature of the fab project, as I mentioned, very high security environment is required. BIM360 and ACC was very well-known for the SaaS solution in public construction project. But adapting for the high-security environment was very challenging. For the set up, the security environment in the past, Samsung has been used multiple on-premise custom-developed solution for managing custom construction project. And our mission for this project was to adopt new ACC solution in secure Samsung fab project.
Samsung Electronics and Autodesk have partnered together for our mutual success since 2023. It hasn't been easy to develop, refine, ideas, and implement secure SaaS platform as an operational level, but it became real based on the strong partnership and trust between the two companies. From 2023, Samsung Electronics' construction team has been focused on creating awareness of adopting the cloud solution internally, and also on acquiring security approval from their security committee.
Also, Samsung had prepared to fulfill several prerequisites for using the platform for actual design and construction projects, such as platform tenant setup, active directory synchronization, policy creation, permission settings, and automation development. The Autodesk team has supported Samsung's effort by providing full attention from top to bottom. Several executive level conversations have been held to maintain and reinforce the momentum.
In the meantime, the consulting team has provided advisory services, trainings for bespoke workflows, and custom solution development, while the technical account specialist team assisted on some security and license related supports, such as SSL establishment and directory sync enablement. Also, we have been helping Samsung escalating some of the key feature requests to the product team.
So let's look at the deeper look, what was the challenging in the security side. Samsung has very strict guidelines when adopting commercial source. Only very few vendors can meet the requirement, with vertical review and a screening by the security committee. The committee has a number of policy, more than 100 policy, to operate the project in secure.
For example, policy number one, only designated employee who owned the Samsung account can access to ACC, and policy number two is all user is required to enforce MFA with biometric authentication. And policy number three, all user must access ACC only designated IP location in the end designate devices. And more policy [INAUDIBLE], but due to our compliance issue, introduction of our policy will be skipped.
So this is solution with integrated integration with the IdP provider, Okta, the requirement from the security committee has been reserved and the user activity in ACC can be monitored. As shown in the picture, Okta and ACC provide single-sign-on feature using the SAML 2.0 protocol. When user access to ACC, the redirection process is activated and Okta collected user information whether the user accesses meet the Samsung security policy or not.
As all users proved the identity with biometric authentication process via the MFA, as shown in the right figure, in the IdP, all user information is collected and recorded in the log, whether the activity is complied with the Samsung SaaS policy. But per-user experience perspective, users simply install the authentification application and get authorized via the app. So by doing this, even how many project policy are added or modified, user burden to access ACC, they made quite simple.
With IdP now assisting the Samsung team to adhere the most of security policy, our next challenge was to automate user onboarding to the ACC. And this was to ensure users get added to the right hub to the right project, and the right side of the project entitlement being assigned to them. And data encapsulation was another important object for team. And this was to ensure user working on a project have access and visibility onto their set of data.
Since the beginning, Autodesk and Samsung focus on automation to handle a large number of the users. Being an enterprise customer with access to single-sign-on and directory sync, the technical account management team within Autodesk partnership with the Samsung and the Mr. Park team providing coaching to integrate Samsung with our Autodesk SSO and the directory sync solution. And finally, the user onboarding to ACC is fully automated, with user and project data encapsulated in a single cell.
And collecting the user information, keep analyze in the SIEM, which is Security Information, Event Management server. And suspicious event is reported instantly to administrator via email notification.
Then let's move on to challenge number two.
HOJOONG CHUNG : Now I will talk about our second challenge and solution regarding the accessibility. When conducting our fab construction project [INAUDIBLE], the files associated to one project can easily reach more than 1,000. Normally, these files are divided based on the disciplines and areas, so combining the models and be able to create aggregated fields efficiently is critical for issue coordination and resolution.
While both Navisworks and ACC provide fairly good enough features for aggregate view creation, Samsung needed much more convenient tool so that the 3D model-based workflow can be easily adapted to the non-expert users, and eventually adoption of ACC gets accelerated.
So our solution for this challenge was to create a custom tool called Shareable 3D Views with help from Autodesk consulting. Shareable 3D View is a web application that can create aggregated models easily and save specific camera viewpoints storing also sections and markup information. Once the view is created, it is possible to revisit it from the application or by unique URL. The application supports three types of web pages-- first, to create the views; second to list up all the curated views; and lastly, the page that shows up for a specific view when the unique URL is entered.
This is the workflow supported by the application. One distinct feature the application supports is that the user can create a chart view from existing view, which creates a chain of communication history associated with that specific view. Also since the application provide unique URL for specific bottle view, this URL can be embedded into any other application without limitations, such as [? passengers, ?] wikis, emails, and, of course, ACC.
Now I would like to show some extra examples how the application works. The screenshot here shows how to create aggregated views in the application. When user access to Create View page, the application lists of all the accessible ACC hops and projects. User can select files and start creating the aggregate view regardless to the file location. Once the user navigates the model and device which camera view to save, it can be done by adding some metadata and click of a button. Once user finishes this process, the view gets stored in the database and the user acquires a unique URL.
This shows the List Views page. Once the views are created, users can revisit the views by accessing this page. Here, the users can list up and search views and explore metadata as well as actual view being saved. Users can also create chart views from this page. As this application is leveraging models residing in ACC, users can access models in ACC by just clicking the file paths provided in the Views metadata. In this case, the model user can visualize in ACC will be just a single model, not the aggregated one.
In the View, the application provides some handy features that can enhance user productivity. For example, users can easily search elements by properties or by selection and make elements hidden or shown. You can see the example that some [INAUDIBLE] elements disappear.
Another handy feature application provides is property extraction. User can extract selected properties of elements shown in the view. So by combining the feature introduced in the previous slide, which is changing the visual status of elements by properties or selection, user can easily pre filter out elements they want to extract the properties.
There are many other features this application provides, such as selective filtering to reduce the amount of details in the aggregated models and adding markups on top of the experimental view, et cetera. But due to the time limit, I would like to talk about benefits of having this application. First of all, access to 3D models become instant. There is no log-in required, no need to select [INAUDIBLE], and then select projects in ACC, for example. This is very important for effective 3D-based communication, as some people are not so patient.
Secondly, no more file-based information sharing is needed. We don't need to share not only the 3D models, but also no need for BCFs as well. All we need to share is simple URL for communication and collaboration. Thirdly, the view can be used for archiving best practices. The model versions used in the view won't change even the model is updated in ACC. Since the information in the queue is persistent, the unique URL itself can become an archived information.
Lastly, full interoperability is enabled, with certified solution via the unique URL. There is almost no restriction in most software embedding the URL.
CHANGHEE PARK: So up to now, we've been introducing challenge and solution for adapting ACC for Samsung Semiconductor. However, there are few remaining challenges. First, due to multiple firms share the same project, intellectual property ownership should be dedicated controlled. Second is the integration or migration with the on-prem system should be managed in harmony so that user shouldn't be distracted due to coexisting multiple system. Third, cost reduction of the cloud system to provide cost effective solution for platform user to expand the platform very large scale.
For the successful landing of the SaaS platform, Samsung and Autodesk team keep discussing and adjusting the future plan and the roadmap. For example, by providing various SSO type, such as ADFS protocol and the directory sync as well, the ACC accessibility improvement and the cost down will be realized in the near future. Meanwhile, the automation, such as data analytics or design verification for supporting decision maker, will be developed to maximize the benefit adopting of the cloud solution.
Implementing secured ACC is very difficult. Despite this, it is important step for Samsung Semiconductor. Thank you.