Honeywell launches solution to secure USB devices in plants
Tuesday, 11 April, 2017
Honeywell Process Solutions has announced a new solution for industrial sites as they balance productivity and cybersecurity demands. Honeywell’s Secure Media Exchange (SMX) is claimed to protect facilities against current and emerging USB-borne threats, without the need for complex procedures or restrictions that impact operations or industrial personnel.
Malware spread through USB devices — used by employees and contractors to patch, update and exchange data with on-site control and computer systems — is a key risk for industrial control systems. It was the second-leading threat to these systems in 2016, according to BSI, and uncontrolled USB devices have taken power plants offline, downed turbine control workstations and caused raw sewage floods, among other industrial accidents.
“Industrial operators often have hundreds or thousands of employees and dozens of contractors on-site every day,” said HPS Cyber Security Chief Engineer Eric Knapp. “Many if not most of those rely on USB removable media to get their jobs done. Plants need solutions that let people work efficiently but also don’t compromise cybersecurity and, with it, industrial safety.”
Currently, many plants either ban USB devices — which is difficult to enforce and significantly reduces productivity — or rely on traditional IT malware scanning solutions, which are difficult to maintain in an industrial control facility and provide limited protection. These solutions fail to protect process control networks against the latest threats and offer no means to address targeted or zero-day attacks.
“SMX is a great example of Honeywell’s major investments in new industrial cybersecurity technologies, products, services and research which further strengthen our ability to secure and protect industrial assets, operations and people,” said Jeff Zindel, VP and GM, Honeywell Industrial Cyber Security.
“With the continued increase in cyber threats around the world, Honeywell’s industrial cybersecurity expertise and innovation are needed more than ever for smart industry, IIoT and critical infrastructure protection.”
Honeywell’s SMX was developed by the company’s cybersecurity experts based on field experience across global industrial sites and feedback from Honeywell User Group customers. Honeywell has one of the largest industrial cybersecurity research capabilities in the process industry, including an advanced cybersecurity lab near Atlanta.
Honeywell also partners with cybersecurity leaders, including Microsoft, Intel Security and Palo Alto Networks, among others, to develop new, highly effective industrial threat detection techniques.
Honeywell’s SMX provides hassle-free, multilayered protection for managing USB security, letting users simply plug in and check devices for approved use in the facility. Contractors ‘check in’ their USB drive by plugging it into an SMX Intelligence Gateway.
The ruggedised industrial device analyses files using a variety of techniques included with Honeywell’s Advanced Threat Intelligence Exchange (ATIX), a secure, hybrid cloud threat analysis service.
SMX Client Software installed on plant Windows devices provides another layer of protection, controlling which USB devices are allowed to connect, preventing unverified USB removable media drives from being mounted and stopping unverified files from being accessed. SMX also logs USB device connectivity and file access, providing a valuable audit capability.
Targeted at product vendors, a newly published standard in the IEC 62443 series specifies...
Splunk Industrial Asset Intelligence (IAI) is designed to help industrial organisations monitor...
Queensland industrial IoT company secures $4.8m in venture capital.