Honeywell Secure Media Exchange (SMX)

Honeywell Secure Media Exchange (SMX) is technology of protection of objects against the existing and arising USB threats.

2019: Protection against a broad spectrum of the harmful attacks using harmful USB devices

On February 25, 2019 the Honeywell company announced release of the next version of Secure Media Exchange (SMX). Now SMX includes function of protection against a broad spectrum of the harmful attacks using errors of use of fixed functions of USB or unauthorized access to devices.

According to the company, advanced means of protecting are combined with additional opportunities of SMX for detection of malware with use machine learning and artificial intelligence (AI). It, according to a research of Honeywell, allows to increase efficiency of detection by 40% in comparison with traditional anti-virus solutions. In total these updates for the SMX platform provide comprehensive protection against the threats connected with USB devices and also control and management at the enterprise level according to the strict requirements imposed to physical security industrial of objects.

The flash drives and charging cables and also set of other devices connected to the USB interface belong to USB devices. They are the main vector of the attacks on Wednesdays of the industrial management systems (IMS), and the existing management tools protection are usually aimed at detection of malware on such USB devices. Despite importance of these measures, a research shows a tendency to emergence following categories of the threats using possibilities of the USB standard for the attacks directly to PSU bypassing traditional management tools protection. Actually harmful attacks using USB devices make 75% of the attacks, known for February, 2019, aimed at the USB interface that indicates transition to techniques of attacks. During such attacks normal peripheral USB devices, such as keyboards or loudspeakers therefore for ensuring effective protection difficult algorithms of check and authentication of devices are required can act as "weapon".

The technology of confirmation of devices by the user developed by Honeywell (TRUST, Trusted Response User Substantiation Technology) within which the stage of check and authentication by the person is entered belongs to means of protecting in SMX to be convinced that USB devices are what seem. TRUST does not allow undesirable or suspicious devices to implement threats in an industrial management system. For USB drives the additional opportunities of technology of detection providing the strengthened protection against the malware are used. Among such opportunities – machine learning and artificial intelligence which increase efficiency of detection of harder and harder malware using vulnerabilities of zero day and methods of deviation.

SMX helps customers to make changes to work of personnel, production processes and technologies, raising the overall level of security of the enterprises from cyber attacks. SMX trains users of USB devices to detect potential problems at connection and allows heads of the enterprises to strengthen registration procedures (an input and an exit from the protected electronic perimeter). As the SMX technical tool provides permanent protection against threats, and the updated improvements guarantee that users will be able to check USB devices in any place, expanding the scale of cyber defense of the enterprise.

Upgraded version of SMX includes a number of additional functions:

• Technique of centralized operation: provides unprecedented control of the USB devices getting to PSU, and centralized operation by threats on all objects protected SMX that allows to save time on management of protection and to receive the clear data unique for the circle of the customer.
• ICS Shield integration function: provides additional control of activity of USB devices in the protected endpoints at the expense of the organization of a cycle between the centralized services of management and distributed means of protecting in PSU without violation of segmentation of zones.
• Expanded options of SMX: different options of execution are available to satisfaction of specific production needs, including the portable SMX ST models for the operating personnel and completely protected models for industrial application intended for work in dangerous environments, standard military applications and work in gloves.

2017: Release of Secure Media Exchange

On May 2, 2017 the division "Industrial automation" announced Honeywell corporations release of the Secure Media Exchange (SMX) technology focused on industrial enterprises where aim to reach the high performance of systems without prejudice to the information security (IS).

SMX represents the solution for safe use of USB devices on industrial enterprises managed and supported directly by Honeywell company. It helps to prevent distribution of the malware by means of removable mediums, stops reading of unchecked files servers with Windows OS, through private connection of ATIX obtains constantly updated information on threats and results of profound data analysis that allows to reveal the latest malware, the purposeful attacks and zero day attacks.

Advertizing Honeywell Secure Media Exchange, (2017)

Every day industrial facilities visit hundreds or thousands of employees and dozens of contractors. Many of them — if not the majority, use removable USB drives in work. Therefore the enterprises need solutions which will help personnel to work more effectively without prejudice to information security and consequently, and for safety of production. Eric Knapp, lead discipline engineer of information security, division "Industrial automation"

At a number of the enterprises use of USB devices is forbidden though it is exigeant and reduces performance. Traditional solutions for detection of the malware are applied in spite of the fact that it is difficult to support them in industrial conditions and they are capable to provide limited protection. These solutions cannot protect network of management of technology processes from some types of threats and do not contain means of protecting from the purposeful attacks or zero day attacks.

SMX is an indicator of large investments of Honeywell into technologies, products, services and researches in the field of industrial information security which help us to protect industrial assets, transactions and personnel with bigger reliability. In the conditions of the continuous growth of cyberthreats worldwide, experience and innovations of Honeywell in the field of industrial information security are very relevant for protection of intelligent systems of production management, industrial Internet of Things and crucial infrastructure facilities. Jeff Zindel, vice president, CEO of division of industrial information security of Honeywell

Honeywell of SMX provides effective multilevel protection for control of security of USB devices. For approval of their use on an object it is required to connect devices to a system for check. Contractors "register" the USB drives, connecting them to the SMX Intelligence Gateway terminal. This device in industrial execution with the increased degree of protection analyzes files, using the different methods implemented in Honeywell Advanced Threat Intelligence Exchange (ATIX) — the protected service of the analysis of threats on the basis of a hybrid cloud.

The client software of SMX installed on devices from Windows OS provides one more level of protection: it checks whether connection of this or that USB device is allowed, prevents installation of unchecked removable USB drives and prohibits access to unchecked files. SMX registers connections of USB devices and access to files, giving opportunities for checks.

At most the enterprises use of removable mediums and USB devices will extend, but risks for security are not an inevitable consequence of these processes. We know that because of limitation of resources it is difficult to our customers to support one more system therefore Honeywell manages SMX for them. SMX is never connected to networks of management of technology processes of customers. In terms of system administration use of SMX is imperceptible. Eric Knapp

Representation of Honeywell Secure Media Exchange (SMX), (2017)