Cybersecurity and safety plans require proactive, different approach

Experts at the Honeywell User Group (HUG) Americas conference encouraged companies to be proactive and think outside the box when deploying and implementing cybersecurity and safety solutions to protect manufacturing systems.

By Gregory Hale, ISSSource July 23, 2018

It is easy to fall into a level of despair when thinking about securing a manufacturing facility with the ancient control system, people running things the same way for years on end, no real security plan and no one ever really thinking they could be a victim.

But it is not as bad as it seems because it is possible to put the fate of the facility in the end user’s hands and not the attackers. At least Honeywell feels that way.

"Industry is embracing digital transformation and being connected," said Jeff Zindel, vice president and general manager of Honeywell Industrial Cyber Security during a meeting at the Honeywell User Group (HUG) Americas in San Antonio, TX. "They are realizing cybersecurity is important to allow them to do digital transformation."

The threat of cyberattacks on industrial facilities is on the rise. US-CERT’s warning last week about Hidden Cobra from North Korea is a reminder of the world we live in. Add on top of that the average cost of an average attack is $21 million, which is up from $14 million the year before. In addition, there are four new malware attacks created every second.

The idea of planning ICS attacks is now easier than ever. It is possible to go out and purchase malware on the Dark Web. They even have help desks to offer attack help. And if you have enough funding, you can also hire people to attack.

Couple that with the lack of skilled cybersecurity professionals and that is a recipe for disaster. But it doesn’t have to be that way. That is one way managed security services comes into play.

That is where Honeywell can manage, through secure digital connections, security from an operations center.

"Instead of hiring people, which is difficult to do, they go out and bring us in," said Mark Littlejohn, director of managed security services at Honeywell Process Solutions.

Through the managed services, Littlejohn said, they are able to monitor systems, patch systems, offer remote access and provide multi-vendor security, secure remote access and support, patch and anti-virus automation, security and performance monitoring, security device management and threat detection and vulnerability identification.

Managed security services is just one part of the Honeywell industrial security portfolio, along with professional consulting services, ICS Shield, and Industrial Cyber Security Software.

"We are providing a complete management platform," Zindel said.

Through its ICS Shield, a manufacturer is able to "leverage insights from a plant level across multiple plant sites. We can provide visibility in all the sites at an individual plant level and across multiple sites," Zindel said. "We can offer secure file transfer, asset discovery, inventory management and monitoring and alerts."

This way it can become more efficient and cost effective, especially with the shortage of skilled security professionals, Zindel said. That is one reason why cybersecurity services and managed services are becoming more important and embraced.

Power of software

A solid security platform is the underlying backbone to any movement forward for manufacturers to take advantage of the connected digital age.

"We are at the forefront of automation technology unleashing the power of digitalization to create a new generation of benefits," said Jason Urso, vice president and chief technology officer at Honeywell Process Solutions.

In a presentation focused on product introductions, one new product Urso talked about was the S300 SIL3 safety logic solver which is Lean execution of automation projects (LEAP) -enabled with cloud simulation. It has a uniform form factor with universal safety input/output (I/O).

LEAP uses standardized I/O, which facilitates the move from customized cabinets to modular cabinets based on I/O count. This allows the design process to be front-loaded and reduces the impact of late changes on project timelines.

"We extracted software from safety manager and allowed us to run it across the platform," Urso said. "We’ve added the highest level of cybersecurity on both the hardware and software. It is much simpler using the power of software."

The move toward a more connected digital platform allows for:

  • Protect standardization
  • Infinite longevity
  • Connecting data to knowledge.

By allowing the data connection, it is possible for manufacturers to prosper in the digital era.

The numbers seem to back that up with 15% increased costs with inefficient labor planning; 45% of workforce retiring by 2023; $60 billion spent per year in safety and compliance; unplanned downtime up to $3 million a day, and underutilization of equipment up to 30%.

All those negative factors can turn to positive with a smarter, more connected—and secure—digital environment.

With the advances the industry is making, Urso talked about "infinite longevity," which means it is possible to enable the last migration. Going from TDC 3000 to Experion to Enhanced High Performance Manager (EHPM) and then Ethernet, the idea of legacy hardware is going away, while still maintaining intellectual property.

Challenging the norm with digital transformation

John Rudolph, the new president of Honeywell Process Solutions, wants to challenge the status quo."I’d like to change the norm. I want to be challenged. Share your objectives with us on safety, on yield, on energy, on the environment, and we’ll partner with you to achieve them."

In this changing era of moving toward a more digital plant, Rudolph said he was reminded of a quote from Apple leader Steve Jobs.

"He said, ‘Don’t hire smart people and tell them what to do.’ I’d qualify that statement by adding that even smart people need data, and they need an aggregation of experience in order to make the informed decisions. Connected is about empowerment of people.

"With advances in technology there are great benefits, but before going all in on the latest and greatest technology, all end users have to ask the million dollar question of what is in it for them? If they find there would not be a big change, then maybe they shouldn’t go that route.

"How do it get more efficient with what I am doing?" Rudolph asked.

He recalled the day when there would be a call to an expert across the globe to talk about a problem the facility was having and all you would hear on the other end was "that is impossible, it shouldn’t happen."

Well, it is possible and it did happen. That is just one scenario where the digital plant can correct the situation where everyone is seeing the same numbers and experience the issue in real time.

"We want to allow people to make intelligent decisions faster," Rudolph said. "I can fix any problem you have in 15 minutes. The problem is, it may take me six months to find it."

Going digital means there is a new way to do things and the process changes, which can be a good thing.

"At some point, the process has to be cleaned up, that is when you get ahead," he said. "Don’t waste your time on business requirements because they will go away. You can do it differently. You have to look at the process and where we are going with this. Digital transformation has to be about more than just moving data into the cloud. It has to be about the outcomes, including driving increased productivity and savings for our customers while allowing them to increase knowledge capture, knowledge sharing and knowledge retention."

Original content can be found at