Glossary
Browse the IADC Lexicon alphabetically or by category. Get comprehensive definitions of drilling industry terms.
WAN
Definition(s)
WAN
Wide Area Network. Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National StandardSCADA
Definition(s)
SCADA
Supervisory control and data acquisition system. Source: DNVGL-RP-G108, Cyber security in the oil and gas industry based on IEC 62443, DNV GL, September 2017. Global StandardsSCADA
Supervisory control and data acquisition. Source: Canadian Standards Association, Z246.1-09, Security management for petroleum and natural gas industry systems, August 2009, Regional StandardsSCADA
A computer-based monitoring and control system that collects, displays, and stores information from remotely located data collection units and sensors to support the control of equipment, devices, and facilities. Source: Canadian Standards Association, Z246.1-09, Security management for petroleum and natural gas industry systems, August 2009, Regional StandardsSCADA
The maximum uplift force during spud can extraction.
Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National StandardNOST
Definition(s)
NOST
NASA Office of Standards and Technology Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National StandardNASA
Definition(s)
NASA
U. S. National Aeronautics and Space Administration Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National StandardLAN
Definition(s)
LAN
Local Area Network Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National StandardFIPS
Definition(s)
FIPS
U. S. Federal Information Processing Standards. Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National StandardDMZ
Definition(s)
DMZ
Demilitarized Zone Source: DNVGL-RP-G108, Cyber security in the oil and gas industry based on IEC 62443, DNV GL, September 2017. Global Standards Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National StandardCSMS
Definition(s)
CSMS
Cyber Security Management System.
Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National StandardCOTS
Definition(s)
COTS
Commercial off the Shelf. Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National StandardCIA
Definition(s)
CIA
Confidentiality, Integrity, and Availability. Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National StandardWiretapping
Definition(s)
Wiretapping
Attack that intercepts and accesses data and other information contained in a flow in a communication system [11].- NOTE: Although the term originally referred to making a mechanical connection to an electrical conductor that links two nodes, it is now used to refer to reading information from any sort of medium used for a link or even directly from a node, such as a gateway or subnetwork switch.
- NOTE: "Active wiretapping" attempts to alter the data or otherwise affect the flow; "passive wiretapping" only attempts to observe the flow and gain knowledge of information it contains
Wide Area Network
Definition(s)
Wide Area Network
Communications network designed to connect computers, networks and other devices over a large distance, such as across the country or world [12]. Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National StandardUse Case
Definition(s)
Use Case
Technique for capturing potential functional requirements that employs the use of one or more scenarios that convey how the system should interact with the end user or another system to achieve a specific goal.- NOTE: Typically use cases treat the system as a black box, and the interactions with the system, including system responses, are as perceived from outside of the system. Use cases are popular because they simplify the description of requirements, and avoid the problem of making assumptions about how this functionality will be accomplished
Traffic Analysis
Definition(s)
Traffic Analysis
Inference of information from observable characteristics of data flow(s), even when the data are encrypted or otherwise not directly available, including the identities and locations of source(s) and destination(s) and the presence, amount, frequency, and duration of occurrence.
Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National StandardThreat Action
Definition(s)
Threat Action
Assault on system security [11]. Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National StandardSystem Software
Definition(s)
System Software
Special software designed for a specific computer system or family of computer systems to facilitate the operation and maintenance of the computer system and associated programs and data [12]. Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National StandardSupervisory Control and Data Acquisition (SCADA) System
Definition(s)
Supervisory Control and Data Acquisition (SCADA) System
Type of loosely coupled distributed monitoring and control system commonly associated with electric power transmission and distribution systems, oil and gas pipelines, and water and sewage systems.- NOTE: Supervisory control systems are also used within batch, continuous, and discrete manufacturing plants to centralize monitoring and control activities for these sites.
Spoof
Definition(s)
Spoof
Pretending to be an authorized user and performing an unauthorized action [11]. Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National StandardSniffing
Definition(s)
Sniffing
See “interception.” Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National StandardServer
Definition(s)
Server
Device or application that provides information or services to client applications and devices [11]. Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National StandardSensors and Actuators
Definition(s)
Sensors and Actuators
Measuring or actuating elements connected to process equipment and to the control system.
Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National StandardSecurity Zone
Definition(s)
Security Zone
Grouping of logical or physical assets that share common security requirements.- NOTE: All unqualified uses of the word “zone” in this standard should be assumed to refer to a security zone.
- NOTE: A zone has a clear border with other zones. The security policy of a zone is typically enforced by a combination of mechanisms both at the zone edge and within the zone. Zones can be hierarchical in the sense that they can be comprised of a collection of subzones
Security Violation
Definition(s)
Security Violation
Act or event that disobeys or otherwise breaches security policy through an intrusion or the actions of a well-meaning insider.
Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National StandardSecurity Services
Definition(s)
Security Services
Mechanisms used to provide confidentiality, data integrity, authentication, or no repudiation of information [11]. Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National StandardSecurity Program
Definition(s)
Security Program
A combination of all aspects of managing security, ranging from the definition and communication of policies through implementation of best industry practices and ongoing operation and auditing.
Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National StandardSecurity Procedures
Definition(s)
Security Procedures
Definitions of exactly how practices are implemented and executed.- NOTE: Security procedures are implemented through personnel training and actions using currently available and installed technology.
Security Performance
Definition(s)
Security Performance
Program’s compliance, completeness of measures to provide specific threat protection, post-compromise analysis, review of changing business requirements, new threat and vulnerability information, and periodic audit of control systems to ensure security measures remain effective and appropriate.- NOTE: Tests, audits, tools, measures, or other methods are required to evaluate security practice performance
Security Perimeter
Definition(s)
Security Perimeter
Boundary (logical or physical) of the domain in which a security policy or security architecture applies, i.e., the boundary of the space in which security services protect system resources [11]. Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National StandardSecurity Objective
Definition(s)
Security Objective
Aspect of security which to achieve is the purpose and objective of using certain mitigation measures, such as confidentiality, integrity, availability, user authenticity, access authorization, accountability.
Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National Standard