Honeywell Unified Platforms: Changing the Landscape of Cyber Security in the Supply Chain
Barry J. Ewell
May 22, 2020
Honeywell understands the importance of protecting both critical business data used to make vital decisions and control of systems around automated warehousing, retail, distribution centers, and so much more. Many companies focus just on data. Honeywell’s goals are to help companies abide by the law and make good on their promises of protecting data and to ensure that control of operations remains in the hands of the company. We do this to ensure the device has these features out of the box. We make the deployment of updates and security patches as easy as possible for our customers. To simplify this deployment, Honeywell builds many of its solutions on unified platforms such as Mobility Edge or SafetySuite so that updates, can be certified once and sent effortlessly to all devices connected to the platform.
Mobility Edge is based upon extensive research gathered from Honeywell’s global community of customers from a range of technologies. Honeywell recognized that businesses wanted a unified hardware and software platform for all form factors – one that allowed for rapid deployments, robust performance, and adaptability to changing needs.
We completely innovated our approach to meeting the challenges of supporting a mobile workforce, and Mobility Edge was the answer. This unified, dynamic platform for mobile computing is designed to:
- Accelerate Deployments. Validate once. Deploy everywhere. Faster, easier, and at lower cost. Enabling versatile out-of-the-box capabilities and a rapid provisioning suite, Mobility Edge expedites development, certification, setup, and training involving multiple form factors at once.
- Optimize Business Performance. Boost productivity and drive efficiency. Powerful, embedded tools across the platform drive faster data capture and secure, enhanced worker communications. The unified, intuitive experience facilitates user adoption and helps employees complete vital tasks.
- Extend Lifecycle. Forward compatible. Future-proof. Mobility Edge reduces TCO and minimizes headaches with an enterprise-wide approach to patch releases, and hardware designed to support upgrades to the operating system through Android R and extended support 5 years beyond that – much longer than our competitors’ products.
- Strengthen Security. Mobility Edge is designed to unleash you from the burdens of fragmented mobile computing. How? By providing a unified, dynamic hardware-and-software platform that offers an agile approach to enabling enterprise IT to deliver better mobile solutions across your business.
Established service and support data went into the development of Mobility Edge. We optimized our mobility devices based on the work patterns of many customers and actual users to deliver more realistic and precise engineering requirements. Using historical insights from service data, we addressed common failure points during the design phase, making our Mobility Edge products more resilient and stable. We also mined our detailed support data to further improve and refine product quality. By providing a unified hardware and software platform with an agile approach, we can bring you more secure and reliable solutions across your operation and we can do it continuously evolving to meet new threats, threat actors.
Mobility Edges Strengthens Security
When we build Mobility Edge we strengthen security with:
Secure software development lifecycle (SSDL). SSDL refers to a security process that deploys a holistic and practical approach to software development to ensure that security and privacy are considered every stage of the development process. We focus on identifying any security problems before one line of code is written. We do this by
- Defining security and privacy requirements. This planning allows our development teams to identify security and privacy objectives for each application and associated development environment.
- Providing secure architecture and design. Our teams have process in place that confirms the application architecture is established on secure and proven patterns, algorithms and frameworks. This ensures that environment, OS, database design, and system architecture for each application achieve compliance with security and privacy legislation, regulations, and official and industry standards.
- Ensuring secure code implementation. We check security of our source code at every step of the application development to confirm that our code has implemented the required security features. It is important that our software is designed and developed with the ability to protect itself against all security-related vulnerabilities.
- Verifying security requirements.We verify that our products and applications meet all specified stringent security requirements. We preform vulnerability testing along the applications “attack surface” to identify all areas that require additional review and development and look at any third party components that go into our overall solution.
Security through Android R and beyond. Mobility Edge platform devices can be upgraded through Android 11 and beyond. Honeywell also provides critical security updates for up to two years past Google’s last security patch through its Sentinel service, giving customers a product lifecycle through at least 2028.
Honeywell Sentinel™ Security Cadence. Timing of delivery of updates to customers will be quarterly, or less if no severe patches applicable to the supported operating system version are reported. Applicable patches will generally be delivered within 90 days of public disclosure with exceptions possible for imminent threats.
Coordinated Ethical Disclosure via ICS-Cert and NVD. Honeywell is closely aligned with multiple organizations such as the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), ISA Global Security Alliance, and U.S. National Vulnerability Database (NVD). We work with these groups to learn of potential system security issues as early as possible. We have also implemented an escalation protocol that mobilizes resources company-wide on a priority basis to address issues as we learn about them.
Proactive collaboration with suppliers and partners. We leverage relationships to receive pre-disclosures of vulnerabilities from industry councils and partners including Intel, Qualcomm and Google.
Standards-based security such as ISA 62443. We employ the standards such as ISA 62443 which provides a flexible framework to address and mitigate current and future security vulnerabilities in industrial automation and control systems (IACSs).
Integrated, Repeatable, Scalable Approach to Device Management
Mobility Edge offers an integrated, repeatable, scalable approach to device management that is based on a common hardware and software platform. Designed for Android™, it delivers a unified platform that all software solutions are based on. Businesses can develop and deploy faster while reducing development costs.
The Mobility Edge common platform is composed of:
- Common SOM (System On Module), which includes the CPU, memory, WWAN (in selected devices), WLAN, Bluetooth®, near-field communication (NFC), and Zigbee (in selected devices).
- Common Operating System Image with support for multiple generations of Android, from Android 8 through Android 10.
- Common Software Ecosystem that includes not just Honeywell software, but also Honeywell-approved ISVs (independent software vendors).
Together these common elements minimize your company’s cost, effort, and risk. They accelerate your time-to-value so you can start deploying devices into the hands of your mobile workers much faster. And they maximize your ROI by extending the lifecycle of your devices.
Businesses wishing to extend product lifecycle and gain a better return on their technology investment will be assured by the fact that Mobility Edge platform devices can be upgraded through Android 11. Honeywell also provides critical security updates for up to two years past Google’s last security patch through its Sentinel service, giving customers a product lifecycle through at least 2028.
Honeywell is committed to the longevity and quality of the Mobility Edge platform. The current family of devices include: Honeywell™ CT40, CT60, CN80, CK65, and Thor™ VM1A, and VM3A all running on Mobility Edge.
Honeywell's Pillars to a Foundation of Trust
Every day, around the world, businesses are at risk of cyber-attacks. Honeywell acknowledges the risk and believes the best way to minimize attacks and the losses that result from them is to take a pervasive and holistic approach to security. Pervasive means Honeywell approaches security from multiple angles which include gathering intelligence on cyber events in multiple industries, building protections directly into devices and software, and maintaining a 24/7 level of vigilance on the cyber climate. A holistic approach to security means that we need to pay attention to the entire picture and individual aspects of a product offering. Honeywell aims to integrate all these elements designed to safeguard an organization to empower our customers to build a solution with security built in from the beginning. We focus on protecting you and our products (e.g., mobile computers, scanners, and printers) against sophisticated attacks at all levels from low level opportunistic hackers to industrial espionage and cyber criminals. Honeywell is a founding member of the ISA Global Security Alliance which means that all of our products go through ISA62433 security requirements from their inception1.
Honeywell’s story begins 100+ years ago as a global leader in industrial manufacturing and advanced technology. We have used that expertise to drive cybersecurity innovation with over 15+ years as a key leader in industrial cybersecurity solutions helping transform and protect the world’s most critical infrastructures. Our broad portfolio includes Operational Technology (OT) cybersecurity software products and services that allow customers to simplify, strengthen and scale industrial cybersecurity across an enterprise.
Our global team of 300+ Certified Cybersecurity Experts have successfully implemented over 5000+ cybersecurity projects, managed 400+ industrial cybersecurity sites, conducted hundreds of risk assessments and have the breadth of resources to help execute projects of every size and complexity 70 industry sectors often involving critical infrastructure and national security. For example, this includes: supply chain, healthcare, oil and gas, refining, pulp and paper, industrial power generation, chemicals and petrochemicals, biofuels, life sciences, CPG, F&B, utilities, water/waste, metals, minerals and mining industries.
Honeywell’s large footprint in multiple industries gives us a broad view of emerging cybersecurity threats in their earliest stages in industries where the typical cybersecurity offerings are not usually present. This allows us to identify issues, develop countermeasures, and deploy them to our customers earlier than our competition in this industry that usually does not receive attention. We also leverage relationships to receive pre-disclosures of vulnerabilities from industry councils and partners including Intel, Qualcomm, and Google as well as from our participation and work with various organizations such as ICS-CERT (concentrated around Industrial Controls), NVD, DHS CISA and many more. Furthermore, Honeywell’s size, strength and global presence allows us to leverage the broad investment in security across our enterprise.
Cybersecurity is core to Honeywell. We design security into our products, policies, and processes. Our baked-in from inception approach to cybersecurity, design-to-delivery process has a strong emphasis on building security into products to anticipate and mitigate risk before a breach can happen. We do this by embedding deep domain knowledge, product testing and security requirements of industry-leading security practices throughout our full design and development process to ensure our solutions are as secure as possible from the start.
We aim to make our solutions as free of vulnerabilities and attack surface as possible through such measures as continuous testing, authentication safeguards, and adherence to best programming practices. We believe security must evolve with the product that our customers purchase. A group of dedicated white-hat penetration testers with industry leading certifications such as OSCE/OSCP certified, completely independent from the engineering team, continuously test our solutions to ensure we have the highest standards for defense.
Contact a Honeywell Solutions Expert today! Call 1-800-934-3163.
Barry J. Ewell is a Senior Content Marketing Communications Specialist for Honeywell Safety and Productivity Solutions. He has been researching and writing on supply chain topics since 1991.