TTAC

TTAC

Definition(s)

TTAC

Tubing to annulus communication .

Source: Norwegian Oil and Gas Association, Guideline No. 135, Recommended Guidelines for Classification and categorization of well control incidents and well integrity incidents, Rev. 4, 27 June 2017, National or Regional Standards
MMV

MMV

Definition(s)

MMV

Manual Master Valve.

Source: Norwegian Oil and Gas Association, Guideline No. 135, Recommended Guidelines for Classification and categorization of well control incidents and well integrity incidents, Rev. 4, 27 June 2017, National or Regional Standards

D&W

D&W

Definition(s)

D&W

Drilling & Well. Source: Norwegian Oil and Gas Association, Guideline No. 135, Recommended Guidelines for Classification and categorization of well control incidents and well integrity incidents, Rev. 4, 27 June 2017, National or Regional Standards
CDRS

CDRS

Definition(s)

CDRS

Common Data Reporting System (NPD/PSA database). Source: Norwegian Oil and Gas Association, Guideline No. 135, Recommended Guidelines for Classification and categorization of well control incidents and well integrity incidents, Rev. 4, 27 June 2017, National or Regional Standards
Well Integrity Incident

Well Integrity Incident

Definition(s)

Well Integrity Incident

A well integrity incident is defined as a failure of barrier(s) or failure to activate barrier(s), resulting in an unintentional flow, leak or release of fluids to the environment or other formations.

Source: Norwegian Oil and Gas Association, Guideline No. 135, Recommended Guidelines for Classification and categorization of well control incidents and well integrity incidents, Rev. 4, 27 June 2017, National or Regional Standards
Well Control Incident

Well Control Incident

Definition(s)

Well Control Incident

A well control incident is in drilling & completion and live well intervention defined as a failure of barrier(s) or failure to activate barrier(s), resulting in an unintentional1 flow of formation fluid –
  1. into the well
  2. into another formation or
  3. to the external environment.
  1. A planned flow is not a well control incident (for instance DST, mini DST etc.).
Source: Norwegian Oil and Gas Association, Guideline No. 135, Recommended Guidelines for Classification and categorization of well control incidents and well integrity incidents, Rev. 4, 27 June 2017, National or Regional Standards
Threat Levels

Threat Levels

Definition(s)

Threat Levels

A progressive, qualitative measure of the likelihood of adversarial actions, from negligible to imminent, based on government or company intelligence or information.
  • Note: Different fixed or variable security measures can be implemented based on the level of threat to the facility.

(Source: Security Vulnerability Assessment Methodology for the Petroleum and Petrochemical Industries.

Source: Canadian Standards Association, Z246.1-09, Security management for petroleum and natural gas industry systems, August 2009, Regional Standards
Security Stakeholder

Security Stakeholder

Definition(s)

Security Stakeholder

Parties who have a direct or indirect vested interest in petroleum and natural gas industry systems infrastructure security.
  • Note: Examples include operators, governments, regulators, advocates, landowners, third parties, and members of the general public.
Source: Canadian Standards Association, Z246.1-09, Security management for petroleum and natural gas industry systems, August 2009, Regional Standards
Security Partner

Security Partner

Definition(s)

Security Partner

Parties who, through formal or informal agreements, establish relationships with each other, governments, regulators, enforcement, and public safety agencies and participate in security risk assessments and risk mitigation strategies, including the sharing of information and the securing of petroleum and natural gas industry systems against acts of vandalism, terrorism, or other security threats.

Source: Canadian Standards Association, Z246.1-09, Security management for petroleum and natural gas industry systems, August 2009, Regional Standards
Security Management Program

Security Management Program

Definition(s)

Security Management Program

An ongoing process to ensure security threats and associated risks are identified and managed with appropriate mitigation and response procedures to prevent and minimize the impact of security incidents adversely affecting people, the environment, assets, and economic stability.

Source: Canadian Standards Association, Z246.1-09, Security management for petroleum and natural gas industry systems, August 2009, Regional Standards
SMP

SMP

Definition(s)

SMP

Security management program. Source: Canadian Standards Association, Z246.1-09, Security management for petroleum and natural gas industry systems, August 2009, Regional Standards  

SMP

An ongoing process to ensure security threats and associated risks are identified and managed with appropriate mitigation and response procedures to prevent and minimize the impact of security incidents adversely affecting people, the environment, assets, and economic stability. Source: Canadian Standards Association, Z246.1-09, Security management for petroleum and natural gas industry systems, August 2009, Regional Standards
Security Countermeasure

Security Countermeasure

Definition(s)

Security Countermeasure

An action or activity intended to improve one or more aspects of the security system to mitigate a specific security risk.

Source: Canadian Standards Association, Z246.1-09, Security management for petroleum and natural gas industry systems, August 2009, Regional Standards
Post Orders

Post Orders

Definition(s)

Post Orders

Written directions informing uniformed security officers of what they are required to do in the event of a security-related incident or threat.

Source: Canadian Standards Association, Z246.1-09, Security management for petroleum and natural gas industry systems, August 2009, Regional Standards

Intrusion Detection System

Intrusion Detection System

Definition(s)

Intrusion Detection System

A system designed to detect the entry or attempted entry of a person or vehicle into an area.

Source: Canadian Standards Association, Z246.1-09, Security management for petroleum and natural gas industry systems, August 2009, Regional Standards
Change Management

Change Management

Definition(s)

Change Management

A systematic process used to ensure internal and external changes are continuously evaluated in order to assess the potential impact that change will have on the SMP. Source: Canadian Standards Association, Z246.1-09, Security management for petroleum and natural gas industry systems, August 2009, Regional Standards
Asset Characterization

Asset Characterization

Definition(s)

Asset Characterization

The systematic identification and ranking of assets that, if destroyed or damaged, could result in adverse consequences to the operator.
  • Note: Asset characterization can include surrounding and supporting infrastructure.
Source: Canadian Standards Association, Z246.1-09, Security management for petroleum and natural gas industry systems, August 2009, Regional Standards
Asset Attractiveness

Asset Attractiveness

Definition(s)

Asset Attractiveness

An assessment of the perception of value of an asset from an adversary’s perspective that influences the likelihood of a security incident, based on factors such as location, ease of access, size, and vulnerability, with consideration being given to the threat environment.

Source: Canadian Standards Association, Z246.1-09, Security management for petroleum and natural gas industry systems, August 2009, Regional Standards
Restricted Areas

Restricted Areas

Definition(s)

Restricted Areas

Locations that require limited access and a higher degree of security protection in accordance with the security plan. The entire facility may be designated the restricted area, as long as the entire facility is provided the appropriate level of security. Source: API RP 781 Security Plan Methodology for the Oil and Natural Gas Industries.1st Ed. September 2016. Global Standards  

Restricted Areas

An area containing systems or assets that, if compromised, would have a major adverse impact on people, the environment, assets, and economic stability.
  • Note: Restricted areas include control centre operations, security departments, and certain information technology areas.
Source: Canadian Standards Association, Z246.1-09, Security management for petroleum and natural gas industry systems, August 2009, Regional Standards
WAN

WAN

Definition(s)

WAN

Wide Area Network. Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National Standard
SCADA

SCADA

Definition(s)

SCADA

Supervisory control and data acquisition system. Source:  DNVGL-RP-G108, Cyber security in the oil and gas industry based on IEC 62443, DNV GL, September 2017. Global Standards

SCADA

Supervisory control and data acquisition. Source: Canadian Standards Association, Z246.1-09, Security management for petroleum and natural gas industry systems, August 2009, Regional Standards  

SCADA

A computer-based monitoring and control system that collects, displays, and stores information from remotely located data collection units and sensors to support the control of equipment, devices, and facilities. Source: Canadian Standards Association, Z246.1-09, Security management for petroleum and natural gas industry systems, August 2009, Regional Standards

SCADA

The maximum uplift force during spud can extraction.

Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National Standard
NOST

NOST

Definition(s)

NOST

NASA Office of Standards and Technology Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National Standard
NASA

NASA

Definition(s)

NASA

U. S. National Aeronautics and Space Administration Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National Standard
LAN

LAN

Definition(s)

LAN

Local Area Network Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National Standard
FIPS

FIPS

Definition(s)

FIPS

U. S. Federal Information Processing Standards. Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National Standard
DMZ

DMZ

Definition(s)

DMZ

Demilitarized Zone Source:  DNVGL-RP-G108, Cyber security in the oil and gas industry based on IEC 62443, DNV GL, September 2017. Global Standards Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National Standard
CSMS

CSMS

Definition(s)

CSMS

Cyber Security Management System.

Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National Standard
COTS

COTS

Definition(s)

COTS

Commercial off the Shelf. Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National Standard
CIA

CIA

Definition(s)

CIA

Confidentiality, Integrity, and Availability. Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National Standard
Wiretapping

Wiretapping

Definition(s)

Wiretapping

Attack that intercepts and accesses data and other information contained in a flow in a communication system [11].
  • NOTE: Although the term originally referred to making a mechanical connection to an electrical conductor that links two nodes, it is now used to refer to reading information from any sort of medium used for a link or even directly from a node, such as a gateway or subnetwork switch.
  • NOTE: "Active wiretapping" attempts to alter the data or otherwise affect the flow; "passive wiretapping" only attempts to observe the flow and gain knowledge of information it contains
Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National Standard
Wide Area Network

Wide Area Network

Definition(s)

Wide Area Network

Communications network designed to connect computers, networks and other devices over a large distance, such as across the country or world [12]. Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National Standard