Honeywell Expands Secure Media Exchange for Improved Protection from Cybersecurity Attacks

October 23, 2020 by Alessandro Mascellino

Honeywell launched a new version of its Secure Media Exchange (SMX) platform last week.

SMX has now been updated to the version R201.1 and includes a series of new features. Among them is hardware device management with TRUST V2 technology, as well as integration with Honeywell’s Enterprise Threat Management Portal. 


Honeywell Secure Media Exchange 

The SMX software has been developed by Honeywell to protect removable media and USB ports from cybersecurity attacks. The assumption behind SMX is that, while these technologies are indispensable to maintain the availability and security of industrial processes, they are also inherently vulnerable.

“It’s not only removable media and malware that we need to worry about. USB devices of all types have become an increasingly serious risk to organizations, capable of crossing the air gap and targeting OT,” commented Eric Knapp, from Honeywell Connected Enterprise.

Honeywell Secure Media Exchange mitigates these risks by offering a series of monitoring, protecting, and logging services. For instance, the software can automatically compare files on a USB to an updated repository of industrial vulnerabilities and threats.


The SMX platform. Image courtesy of Honeywell.


SMX can also sign code, as well as authorize and monitor its uses throughout the plant, disabling any removable media that has not gone through the SMX gateway. The solution is compliant with ISA99 and IEC 62443 standards, as well as NIST’s.

SMX was firstly released in 2017, together with a report from Honeywell, which highlighted the risks posed by the unsafe use of USB devices in the automation industry. Honeywell has updated SMX a number of times in the past three years and has now integrated it within its Industrial Cyber Security Risk Manager, the firm’s flagship cybersecurity suite.


TRUST V2 and the Enterprise Threat Management Portal 

SMX has now been updated to be compatible with Honeywell’s Trusted Response User Substantiation Technology (TRUST) V2.  The technology introduces an additional human validation and authentication step to SMX’s automated process to make sure USB devices are safe to be utilized.

After plugging a USB device, SMX will run its tests, then will present them to the operator to confirm the results are deemed safe for the system. In addition to the TRUST V2 technology, Honeywell has also upgraded SMX to include its own Enterprise Threat Management Portal.

The program provides users with a view of all USB device activity across the organization, enabling them to implement file management features while centralizing reporting, even remotely.


Honeywell Reacts to Increased Threats 

“Honeywell SMX provides customers with an enforceable USB security solution that better protects against all types of USB threats,” Knapp explained, “from hardware attack platforms to the latest targeted malware.”

The release of SMX’s new upgrades comes shortly after Honeywell’s second Industrial USB Threat Report, in which the company claims the risk of USB threats to industrial operations has doubled during the past year.

For more information about SMX, you can read the related Product Information Note.



Do you use secure USB devices in your business?  Let us know in the comments.