Glossary
Browse the IADC Lexicon alphabetically or by category. Get comprehensive definitions of drilling industry terms.
Security Intrusion
Definition(s)
Security Intrusion
Security event, or a combination of multiple security events, that constitutes a security incident in which an intruder gains, or attempts to gain, access to a system (or system resource) without having authorization to do so [11]. Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National StandardSecurity Function
Definition(s)
Security Function
Function of a zone or conduit to prevent unauthorized electronic intervention that can impact or influence the normal functioning of devices and systems within the zone or conduit.
Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National StandardSecurity Event
Definition(s)
Security Event
Occurrence in a system that is relevant to the security of the system [11]. Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National StandardSecurity Control
Definition(s)
Security Control
See “countermeasure.” Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National StandardSecurity Components
Definition(s)
Security Components
Assets such as firewalls, authentication modules, or encryption software used to improve the security performance of an industrial automation and control system (See “countermeasure”). Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National StandardSecurity Audit
Definition(s)
Security Audit
Independent review and examination of a system's records and activities to determine the adequacy of system controls, ensure compliance with established security policy and procedures, detect breaches in security services, and recommend any changes that are indicated for countermeasures [7]. Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National StandardSecurity Architecture
Definition(s)
Security Architecture
Plan and set of principles that describe the security services that a system is required to provide to meet the needs of its users, the system elements required to implement the services, and the performance levels required in the elements to deal with the threat environment [11].- NOTE: In this context, security architecture would be an architecture to protect the control network from intentional or unintentional security events.
Security
Definition(s)
Security
- measures taken to protect a system.
- condition of a system that results from the establishment and maintenance of measures to protect the system.
- condition of system resources being free from unauthorized access and from unauthorized or accidental change, destruction, or loss [11].
- capability of a computer-based system to provide adequate confidence that unauthorized persons and systems can neither modify the software and its data nor gain access to the system functions, and yet to ensure that this is not denied to authorized persons and systems [14].
- prevention of illegal or unwanted penetration of or interference with the proper and intended operation of an industrial automation and control system.
- NOTE: Measures can be controls related to physical security (controlling physical access to computing assets) or logical security (capability to login to a given system and application.)
Secret
Definition(s)
Secret
Condition of information being protected from being known by any system entities except those intended to know it [11]. Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National StandardSafety Network
Definition(s)
Safety Network
Network that connects safety-instrumented systems for the communication of safety-related information.
Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National StandardRouter
Definition(s)
Router
Gateway between two networks at OSI layer 3 and that relays and directs data packets through that internetwork. The most common form of router passes Internet Protocol (IP) packets [11]. Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National StandardRole-based Access Control
Definition(s)
Role-based Access Control
Form of identity-based access control where the system entities that are identified and controlled are functional positions in an organization or process [11]. Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National StandardRisk Mitigation Controls
Definition(s)
Risk Mitigation Controls
Combination of countermeasures and business continuity plans.
Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National StandardRepudiation
Definition(s)
Repudiation
Denial by one of the entities involved in a communication of having participated in all or part of the communication.
Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National StandardRemote Client
Definition(s)
Remote Client
Asset outside the control network that is temporarily or permanently connected to a host inside the control network via a communication link in order to directly or indirectly access parts of the control equipment on the control network.
Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National StandardRemote Access
Definition(s)
Remote Access
Use of systems that are inside the perimeter of the security zone being addressed from a different geographical location with the same rights as when physically present at the location. Source: DNVGL-RP-G108, Cyber security in the oil and gas industry based on IEC 62443, DNV GL, September 2017. Global StandardsRemote Access
Use of systems that are inside the perimeter of the security zone being addressed from a different geographical location with the same rights as when physically present at the location.- NOTE: The exact definition of “remote” can vary according to situation. For example, access may come from a location that is remote to the specific zone, but still within the boundaries of a company or organization. This might represent a lower risk than access that originates from a location that is remote and outside of a company’s boundaries
Reference Model
Definition(s)
Reference Model
Structure that allows the modules and interfaces of a system to be described in a consistent manner.
Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National StandardProtocol
Definition(s)
Protocol
Set of rules (i.e., formats and procedures) to implement and control some type of association (e.g., communication) between systems [11]. Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National StandardPrivilege
Definition(s)
Privilege
Authorization or set of authorizations to perform specific functions, especially in the context of a computer operating system [11].- NOTE: Examples of functions that are controlled through the use of privilege include acknowledging alarms, changing setpoints, modifying control algorithms.
Outsider
Definition(s)
Outsider
Person or group not trusted with inside access, who may or may not be known to the targeted organization.Source: DNVGL-RP-G108, Cyber security in the oil and gas industry based on IEC 62443, DNV GL, September 2017. Global Standards
Outsider
Person or group not “trusted” with inside access, who may or may not be known to the targeted organization (See “insider”).- NOTE: Outsiders may or may not have been insiders at one time.
Nonrepudiation
Definition(s)
Nonrepudiation
Security service that provides protection against false denial of involvement in a communication [11]. Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National StandardManufacturing Operations
Definition(s)
Manufacturing Operations
Collection of production, maintenance, and quality assurance operations and their relationship to other activities of a production facility.- NOTE: Manufacturing operations include:
- manufacturing or processing facility activities that coordinate the personnel, equipment, and material involved in the conversion of raw materials or parts into products.
- functions that may be performed by physical equipment, human effort, and information systems.
- managing information about the schedules, use, capability, definition, history, and status of all resources (personnel, equipment, and material) within the manufacturing facility
Local Area Network
Definition(s)
Local Area Network
Communications network designed to connect computers and other intelligent devices in a limited geographic area (typically less than 10 kilometers) [10]. Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National StandardLines, Units, Cells
Definition(s)
Lines, Units, Cells
Lower-level elements that perform manufacturing, field device control, or vehicle functions.- NOTE: Entities at this level may be connected together by an area control network and may contain information systems related to the operations performed in that entity.
Key Management
Definition(s)
Key Management
process of handling and controlling cryptographic keys and related material (such as initialization values) during their life cycle in a cryptographic system, including ordering, generating, distributing, storing, loading, escrowing, archiving, auditing, and destroying the keys and related material [11]. Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National StandardIP address
Definition(s)
IP address
Address of a computer or device that is assigned for identification and communication using the Internet Protocol and other protocols.
Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National StandardInterface
Definition(s)
Interface
Relations between a modular drilling rig and various systems (such as safety, oil, gas, water, electricity, instrumentation, communication, structures, etc.) on the platform. Source: ISO 18647:2017, Petroleum and natural gas industries — Modular drilling rigs for offshore fixed platforms, First Edition, August 2017. Global StandardsInterface
Logical entry or exit point that provides access to the module for logical information flows.
Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National StandardInterception
Definition(s)
Interception
Capture and disclosure of message contents or use of traffic analysis to compromise the confidentiality of a communication system based on message destination or origin, frequency or length of transmission, and other communication attributes.
Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National Standard