This section contains an alphabetical list of commonly used industrial cyber security terms and acronyms, along with definitions.Can't find what you a looking for? Let us know and we'll get it added. Either email us or connect with us on social media
  • A
  • B
  • C
  • D
  • E
  • F
  • G
  • H
  • I
  • L
  • M
  • N
  • O
  • P
  • Q
  • R
  • S
  • T
  • U
  • V
  • W
  • X
ACL Access Control List
AES Advanced Encryption Standard
AH Authentication Header
ARP Address Resolution Protocol
Active Attack Active attack is an assault on system security that derives from an intelligent threat, i.e., an intelligent act that is a deliberate attempt (especially in the sense of a method or technique) to evade security services and violate the security policy of a system Source
Adversary An adversary is a malicious entity whose aim is to prevent the users of the computer system from achieving data privacy, system integrity and availability. Actual adversaries are known as attackers
Alert An alert is a communication about a known cyber security issue, typically with details of how to mitigate the issue
Badware See Malware
BERT Bit Error Test
BIND Berkeley Internet Name Domain
BIOS Basic Input/Output System
BSS Basic Service Set
Blacklist (Application Blacklisting) Application blacklisting, sometimes just referred to as blacklisting, is a network administration practice used to prevent the execution of undesirable programs. Such programs include not only those known to contain security threats or vulnerabilities but also those that are deemed inappropriate within a given organization. Blacklisting is the method used by most antivirus programs, intrusion prevention/detection systems and spam filters Source
Business Continuity Planning (BCP) BCP involves keeping all essential aspects of a business functioning despite significant disruptive events, of which disaster recovery planning (DRP) is a subset of it.
Canaries A Canary is an early test version of software, alluding to a Canary in a coal mine
CERT Computer Emergency Response Team, sometimes aka Computer Security Incident Response Team. These are organizations, in APAC they are usually government-linked agencies, responsible for maintaining vigilance on cyber security threats and the need for creating awareness of such. Formerly, before CERTs evolved to such focus today, they were expert groups that handle computer security incidents. At national level, CERTs differ from one country to another in terms of their portfolio. Certain countries' CERTs are legislated with enforcement authority while others just at advisory functions.
Computer Network Defense Analysis Uses defensive measures and information collected from a variety of sources to identify, analyze, and report events that occur or might occur within the network in order to protect information, information systems, and networks from threats Source
CISO Chief Information Security Officer
Critical infrastructure Critical infrastructure are the assets, systems, and networks, whether physical or virtual, so vital to a country or company that their incapacitation or destruction would have a debilitating effect on security, national economic security, national public health or safety, or any combination thereof. Source
DCS Distributed Control System. For Honeywell DCS offerings, please click here
Denial of Service (attack) A denial-of-service (DoS) attack is an attempt to make a machine or network resource unavailable to its intended users. A DoS attack generally consists of efforts to temporarily or indefinitely interrupt or suspend services of a server host serving mutliple users connected in a network.

Perpetrators of DoS attacks typically target sites or services hosted on mission-critical servers, including DCS/SCADA systems, or high-profile web servers such as banks, credit card payment gateways, and even root name servers.

DHCP Dynamic Host Configuration Protocol
DMZ Demilitarized Zone
DNS Domain Name System
Disaster Recovery Planning (DRP) Disaster Recovery Planning involves a set of policies and procedures to enable the recovery or continuation of vital technology infrastructure and systems following a natural or human-induced disaster. Disaster recovery focuses on the IT or technology systems supporting critical business functions, as opposed to business continuity, which involves keeping all essential aspects of a business functioning despite significant disruptive events. Disaster recovery is therefore a subset of business continuity planning (BCP).
EAP Extensible Authentication Protocol
Endpoint Protection Endpoint security is an approach to network protection that requires each computing device on a corporate network to comply with certain standards before network access is granted. Source

FAT Factory Acceptance Test
Firewall A firewall is a technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts. It is a network security system that controls the incoming and outgoing network traffic based on an applied rule set.

FTP File Transfer Protocol
Governance Governance, largely in the context of corporate and IT, focuses on compliance in an organization's management of its operations and processes - in the best interest of stakeowners and shareholders. Governance has its interest in the set of multi-disciplinary structures, policies, process and procedural controls implemented to order to meet the statutory and regulatory compliance, legal, risk and environmental requirements.
Heartbeat Signals Heartbeat signals indicate the communication health of the system and is a periodic signal generated by hardware or software to indicate normal operation or to synchronize other parts of a system
HMI Human-Machine Interface
Host Intrusion Detection Systems (HIDS) Developed for mainframe computers, HIDS is the earliest type of intrusion software that monitors and analyzes the internals of a computing system and sometimes the network packets on its network interfaces
HTTP Hypertext Transfer Protocol
IDPS Intrusion Detection and Prevention Systems
I/O Input/Output
ISASecure ISASecure independently certifies industrial automation and control (IAC) products and systems to ensure that they are robust against network attacks and free from known vulnerabilities. Source
ISC Internet Software Consortium
LAN Local Area Network
LR-WPAN Low-Rate Wireless Personal Area Networks
MAC Media Access Control
Malware Malware (short for malicious software) is any software used to disrupt a computers operation, collect sensitive data, or gain access to private computer systems. Also known as Badware
MISPC Minimum Interoperability Specification for PKI Components
MITM Man-in-the-Middle
NAT Network Address Table
NERC North American Electric Reliability Corporation
Network security The provisions and policies adopted by a network administrator to prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources
Network Intrusion Detection Systems (NIDS) A network based device or software application that monitors network activities for malicious activities or policy violations and produces reports to a management station
OLE Object Linking and Embedding
OPC OLE for Process Control
OSI Open Systems Interconnectivity
PCS Process Control System
Penetration Testing Penetration testing is often confused as "vulnerability assessment" (VA). Essentially, it is a further step into simulating the exploitation on a system vulnerability discovered in a VA. Its purpose is to confirm if a security breach or a catastrophic damage can really be inflicted on the system if it would have been a real cyber attack.
PLC Programmable Logic Controller
PROFIBUS Process Field Bus
Qualified Anti-malware Definitions Testing and qualification of newly released anti-malware definition or signature files adds to system stability by identifying and restricting potential ICS conflicts before implementation on site.
Qualified OS Patch Updates Testing and qualification of newly released Microsoft security updates adds to system stability by identifying and restricting potential ICS conflicts before implementation on site.
Remote Terminal Unit A Remote Terminal Unit (or RTU) is a microprocessor-controlled electronic device that interfaces objects in the physical world to a DCS (distributed control system) or SCADA (supervisory control and data acquisition) system by transmitting telemetry data to a master system, and by using messages from the master supervisory system to control connected objects. For details of Honeywell's RTU offerings please click here
SCADA Supervisory Control and Data Acquisition
– for Honeywell's SCADA offerings please click here
Security Assessments and Audits Security assessments are usually with the purpose to survey and review the security health or posture of a system, processes or an organisation's susceptibility to cyber security threats. Audits are essentially inspections on the state of compliance to governance requirement. While security assessments would promptly raise findings on vulnerabilities for quick remediation, audits will aim to report on non-compliances and systemic weaknesses to executive management for managerial actions.
Security Information & Event Management (SIEM) SIEM technology provides real-time analysis of security alerts generated by network hardware and applications. SIEM is sold as managed services, software, or appliances and are also used to log security data and generate reports for compliance purposes. SIEM is primarily about real-time monitoring, correlation of events, notifications and console views, and secondarily about reporting of log data and long-term archiving.
SIS Safety Instrumented System
SMTP Simple Mail Transfer Protocol
SSL Secure Sockets Layer
TCP Transmission Control Protocol
TDEA Triple Data Encryption Algorithm
UDP User Datagram Protocol
USB Universal Serial Bus
Vulnerability Assessment (VA) In a vulnerability assessment, data is collected from the system and compared with documented issues to deduce if the system is vulnerable to any known exploits. "Documented issues" refer to vulnerabilities or systems weaknesses that have been discovered and therefore known and, hence, they have been documented and most probably made available to the public for awareness. VA can be easily confused as "Penetration Testing" which essentially can be the next step into simulating the exploitation on a system vulnerability discovered during a VA.
VLAN Virtual LAN
VPN Virtual Private Network
WiFi Wireless Fidelity
WPA WiFi Protected Access
XSS Cross-Site Scripting