Glossary
Access Control List (ACL): A list of permissions attached to an object. An ACL specifies which users or system processes are granted access to objects, as well as what operations are allowed on given objects.
Application: A software program that runs on your computer. Web browsers, e-mail programs, word processors, games, and utilities are all applications.
Bus Topology – Bus topology is constructed on a single cable, referred to as the bus, that each node on the network connects to. Each of these nodes passively listens for data being transmitted along the bus. If one node wants to transmit data to another node along the bus, it sends out a signal to the entire network, letting everyone know that a transmission is occurring. This transmission then travels down the bus, being ignored by all other nodes until it reaches its destination node and is accepted.
Dedicated lines – Dedicated lines are more secure than leased lines, because they are owned and managed by the asset owner. Unlike leased lines, dedicated lines are not shared with the public, so the exposure is reduced. The capital costs to install a dedicated network can be substantial because of labor and material costs; however, the recurring costs are generally lower than leased lines.
Engineering Workstation – a specialized type of HMI, typically interfaces with the servers to modify the database or controllers to ensure the critical process runs properly.
Field Controller – The devices that consolidate inputs and outputs as well as take the instructions from the operators to make changes in the field. In the field or remotely, controllers can be programmed or updated. These devices were designed as if they were in a “trusted” (the network map should show information about the trusted vs. un-trusted environments) environment. Therefore, when given a command, they obey or respond. Most do not authenticate to make sure they are receiving commands from a specific source.
Field devices are the instruments and sensors that measure process parameters and the actuators that control the process. This is the interface between the ICS and the physical process, be it the mixing of chemicals, the management of trains, or measuring pressures in a gas pipeline.
Human-Machine Interface – The user interface in a manufacturing or process control system. It provides a graphics-based visualization of an industrial control and monitoring system. Previously called an “MMI” (man machine interface), an HMI typically resides on a computer that communicates with a specialized computer in the plant such as a programmable automation controller (PAC), programmable logic controller (PLC) or remote terminal unit (RTU). The HMI generally comes in two forms: either a touch panel or software-based application that is loaded on a personal computer, workstation, tablet, or smart phone.
Industrial Control Systems (ICS) are critical to the operation of the nation’s infrastructure from the power grid to water distribution.
Information Technology (IT): The technology involving the development, maintenance, and use of computer systems, software, and networks for the processing and distribution of data.
Input Discrete – Sensors which support binary events including alarms and states. For example, the tank is full, the door is closed, the pressure is too high, or the pump is turned on.
Input Analog – Sensors (transmitters) which measure continuous processes such as flow, level, or pressures within a range; 0-100%, empty to full, 0 to 100 mph. Typically, they transmit this information to field controllers using analog signal such as a 4 to 20-mA signal.
Input Digital – Sensors which are similar to both discrete and analog instruments in that they measure continuous processes like flows and support binary events. However, instead of using an analog loop signal or clean contacts, they use a digitally encoded ICS communications protocol format (representing an equivalent to 1s and 0s) signal to relay the data.
Leased Lines – Leased lines are dedicated communication circuits, usually provided by a phone company.
Microwave and Cellular – Microwaves are a type of electromagnetic radiation, as are radio waves, ultraviolet radiation, X-rays and gamma-rays. Microwaves have a range of applications, including communications.
Output Analog – The analog output transmits analog signals (voltage or current) that operate controls. Analog outputs are predominantly used to control actuators, valves, and motors in industrial environments. .
Output Digital – A digital output allows you to control a voltage with a computer. If the computer instructs the output to be high, the output will produce a voltage (generally about 5 or 3.3 volts). If the computer instructs the output to be low, it is connected to ground and produces no voltage.
Output Discrete – Like their input counterpart, discrete output devices are also binary appliances. For instance, the field controller issues a signal to an output device, such as a circuit breaker, to open or close a breaker. Discrete output devices can communicate directly with discrete input devices. Furthermore, they can make control decisions and are programmable like a field controller.
Power Lines – Power line carrier systems transmit data on electrical conductors.
Programmable Automation Controller – PAC is a term that is loosely used to describe any type of automation controller that incorporates higher-level instructions. The systems are used in industrial control systems (ICS) for machinery in a wide range of industries, including those involved in critical infrastructure. They provide a highly reliable, high-performance control platform for discrete logic control, motion control, and process control. PAC controllers provide a highly reliable, high-performance control platform for discrete logic control, motion control, and process control.
Programmable Logic Controller – A Programmable Logic Controller, or PLC, is a ruggedized computer used for industrial automation and were created to respond to the needs of the automotive industry. These controllers can automate a specific process, machine function, or even an entire production line.
Protocol: The special set of rules that end points in a telecommunication connection use when they communicate. Protocols specify interactions between the communicating entities.
Radio Frequency – Any of the electromagnetic wave frequencies that lie in the range extending from below 3 kilohertz to about 300 gigahertz and that include the frequencies used for communications signals (as for radio and television broadcasting and cell-phone and satellite transmissions) or radar signals
Remote Terminal Unit (RTU) – A remote terminal unit (RTU) is a microprocessor-controlled electronic device that interfaces objects in the physical world to a distributed control system or SCADA (supervisory control and data acquisition) system by transmitting telemetry data to a master system, and by using messages from the master supervisory system to control connected objects.
Ring Topology – Ring topology is constructed from a closed loop cable, known as a ring, that each node on the network connects to. In this topology, the network forms a circular shape and data is transmitted clockwise via a token that each node in the network actively listens for. If a node does not want to transmit data, the node will act as a repeater and send the token around the ring. If a node does want to transmit data, it must wait until the token makes its way to the node and is no longer carrying data.
Safety Systems – Safety systems provide protection to the process, physical equipment, or people from harmful situations that may arise during operations. It is a counter action critical in industrial operations in the case of a process goes beyond allowable control parameters.
While this would result in a loss of productivity, it would spare the equipment and people harm. Safety systems are traditionally, designed to be separated from the control systems they protect. However, they frequently share some communications, field devices, alarms, etc.
Servers – Used to store configuration for the ICS, as well as saves process data in historians for later retrieval. The servers connect to business networks to allow remote operations, configuration, or information exchanges to improve productivity.
Star Topology – Star topology is constructed from a central device, either a switch, router, or hub, which every other node in the network connects to. In this design, each distinct cable only connects two physical devices, with one end hooking up to a node on the network and the other hooking up the central device. If one node wants to transmit data to another node, it must send its transmission to the central device, which will then act as a relay station and pass along the transmission to the destination node.
Wi-Fi – A wireless networking protocol that allows devices to communicate without direct cable connections.
Wired Media – Fiber and copper lines provide the physical layer in an Ethernet-based environment; this medium is often referred to as wired media. These environments are being used extensively in ICS networks. They are so popular because they offer fast, reliable and inexpensive services. Fiber optic cabling is known to be harder to tap into than copper-wired media, however it is not impossible therefore, a significant cyber risk still exists.