C

 

Change Management

A structured process for documenting, reviewing, and approving OT system changes to avoid introducing vulnerabilities.

​

Command Injection

An attack technique sending unauthorized commands to manipulate OT systems or devices.

​

CRA (Cyber Resilience Act)

EU regulation requiring cybersecurity-by-design for connected products, including industrial devices.

​

Critical Infrastructure

Essential systems and assets such as power grids, water treatment, healthcare facilities, and transportation.

​

Cyber-Physical System (CPS)

Integrated computing, networking, and physical systems used to control industrial processes.

​

 

D

 

Data Diode

A one-way communication hardware device preventing inbound traffic to an OT network.

​

Defense-in-Depth

A layered security model applying multiple protective measures at different levels.

​

Denial-of-Service (DoS)

An attack that disrupts normal operations by overwhelming networks or devices.

​

Distributed Control System (DCS)

Automation architecture with decentralized control elements spread across the facility.

​

 

E

 

Edge Computing

Processing and analyzing data at local OT devices instead of sending it to centralized systems.

​

Endpoint Security

Security controls applied to individual OT devices like PLCs, HMIs, or sensors.

​

Event Logging

Recording system events for monitoring, troubleshooting, and forensics.

​

Exploit

A method or tool used to take advantage of a system vulnerability.

 

F

​Fail-Safe State

A design principle ensuring equipment defaults to a safe condition during failures.

​

Firewall

A hardware or software system controlling network traffic based on predetermined rules.

​

Firmware

Low-level software embedded in OT hardware.

​

Firmware Signing

Verification method to ensure firmware updates are from trusted sources.

​

 

G

 

Gateway

A device enabling communication between different networks or protocols, often a security-critical point.

​

Geofencing

Restricting system access based on defined physical locations using GPS or location data.

​

GICS (Global Industry Classification Standard)

A global standard for categorizing industry sectors, used in risk assessments.

​

 

H

 

Hardening

The process of securing a system by disabling unnecessary services, ports, and protocols.

​

High Availability (HA)

System design that ensures minimal downtime during failures or incidents.

​

HMI (Human-Machine Interface)

The user interface allowing operators to monitor and control OT systems.

​

HoneyPot

A decoy system placed to lure and detect cyber attackers.

​

 

I

 

ICS (Industrial Control System)

General term for systems controlling industrial processes, including SCADA and DCS.

​

IEC 62443

International industrial control cybersecurity standard.

​

Incident Response Plan (IRP)

Documented procedures for detecting, responding to, and recovering from cyber incidents.

​

Industrial IoT (IIoT)

Connected OT devices that enhance operational efficiency but increase cyber risks.

​

Intrusion Detection System (IDS)

A tool that detects suspicious or unauthorized network activity.

​

 

J

 

JTAG (Joint Test Action Group)

A hardware interface for diagnostics and debugging that must be secured to avoid exploitation.

​

 

K

 

Key Management

Processes for securely handling encryption keys in OT environments.

​

Kill Chain (Cyber Kill Chain)

A model describing stages of a cyberattack from reconnaissance to data exfiltration.

​

 

L

 

Least Privilege Principle

Limiting user/system permissions to only those required for their function.

​

Legacy System

Older OT systems with limited or no built-in cybersecurity features.

​

Load Shedding

Intentional shutdown or reduction of system operations to avoid overload.

​

 

M

 

Maintenance Port Security

Protection measures for physical and logical maintenance interfaces.

​

Microsegmentation

Dividing OT networks into small, secure zones to contain incidents.

​

MITM (Man-in-the-Middle)

An attack where a third party intercepts and potentially modifies communications.

​

Modbus

A widely used industrial communication protocol.

​

 

N

 

NAC (Network Access Control)

Tools enforcing compliance checks before permitting a device connection.

​

Network Segmentation

Dividing a network to limit the spread of breaches.

​

NIST CSF (Cybersecurity Framework)

A standard providing best practices for managing cyber risks.

​

Node Authentication

Verifying device identities before allowing network access.

​

 

O

 

Operational Continuity

The ability to maintain essential operations during adverse events.

​

Operational Technology (OT)

Hardware and software controlling and monitoring physical processes.

​

OWE (Opportunistic Wireless Encryption)

A wireless standard providing encryption without pre-shared keys.

​

One-Way Data Flow

​

Design where data flows in one direction

​

 

P

 

Patch Management

Process for testing and deploying security and stability updates.

​

Penetration Testing (Pentest)

Simulated cyberattacks to identify vulnerabilities.

​

PLC (Programmable Logic Controller)

Industrial computer controlling machinery and processes.

​

Protocol Whitelisting

Allowing only approved communication protocols in an OT network.

​

 

Q

 

Quality of Service (QoS)

Ensuring critical OT network traffic is prioritized to avoid delays.

​

 

R

 

Remote Access Gateway

A secured entry point for external OT network access.

​

Resilience Engineering

Designing systems to maintain operations during cyber or physical disruptions.

​

Risk Assessment

Identifying threats, vulnerabilities, and potential impacts.

​

 

S

 

SCADA (Supervisory Control and Data Acquisition)

Systems for remotely monitoring and controlling industrial processes.

​

Secure Boot

Firmware process that allows only trusted code to load during startup.

​

Secure Remote Access

Controlled, monitored, and encrypted remote OT connections.

​

Security Information and Event Management (SIEM)

Centralized platform for log collection and threat analysis.

​

Supply Chain Security

Measures to protect against third-party or vendor-related cyber risks.

​

 

T

 

Threat Hunting

Proactively searching an environment for undetected threats.

​

TLS (Transport Layer Security)

Protocol ensuring secure communications over networks.

​

Time-Sensitive Networking (TSN)

Standards for deterministic and reliable OT communication.

​

Trusted Platform Module (TPM)

Dedicated hardware storing cryptographic keys securely.

​

 

U

 

Unidirectional Gateway

Similar to a data diode, allows data to travel only one way.

​

USB Control Policy

Rules for USB use in OT to prevent malware spread.

​

 

V

 

Virtual LAN (VLAN)

Logical network segmentation without changing physical network design.

​

Vulnerability Management

Ongoing process of identifying, analyzing, and mitigating security weaknesses.

​

 

W

​

Whaling Attack

Phishing targeting senior executives.

​

WIDS (Wireless Intrusion Detection System)

Detected unauthorized or rogue wireless activity.

​

Wireless Access Control

Restricting and monitoring which wireless devices can connect.

​

 

X

 

XML Injection

An attack inserting malicious XML into a system to manipulate its operation.

​

 

Z

 

Zero Trust Architecture (ZTA)

Security model requiring continuous verification of every connection and action.

​

Zone and Conduit Model

IEC 62443 network design segmenting OT assets into secure zones with controlled conduits.

​