This document provides a list of acronyms commonly used in industrial control systems (ICS), operational technology (OT), information technology (IT), and information security (InfoSec). It includes terms from A-Z related to these fields. The acronyms cover topics such as protocols, standards, vulnerabilities, security controls, and more. This quick start guide is intended to help familiarize users with basic acronyms used in SANS ICS courses and materials.
This document provides a list of acronyms commonly used in industrial control systems (ICS), operational technology (OT), information technology (IT), and information security (InfoSec). It includes terms from A-Z related to these fields. The acronyms cover topics such as protocols, standards, vulnerabilities, security controls, and more. This quick start guide is intended to help familiarize users with basic acronyms used in SANS ICS courses and materials.
This document provides a list of acronyms commonly used in industrial control systems (ICS), operational technology (OT), information technology (IT), and information security (InfoSec). It includes terms from A-Z related to these fields. The acronyms cover topics such as protocols, standards, vulnerabilities, security controls, and more. This quick start guide is intended to help familiarize users with basic acronyms used in SANS ICS courses and materials.
• NSM - Network Security Monitoring • SHA - Secure Hash Algorithm • NST - Network Stress Testing • SHE - Safety, Health, and Environmental • NSTB - National SCADA Test Bed Program • SHS - Secure Hash Standard • NTP - Network Time Protocol • SIEM - Security Information Event Management • NVD - National Vulnerability Database • SIF - Safety Instrumented Functions • ODVA - Open DeviceNet Vendors Association • SIL - Safety Integrity Level • OLE - Object Linking and Embedding • SIS - Safety Instrumented System • OOB - Out-of-Band • SLE - Single Loss Expectancy • OPC - OLE for Process Control • SMB - Service Message Bus • OS - Operating Systems • SME - Subject-Matter Expert • OSHA - Occupational Safety and Health Administration • SNL - Sandia National Laboratories • OSI - Open Systems Interconnect • SOC - Security Operations Center Acronyms • OT - Operational Technology • SoC - System on a Chip • • OTA - Over-The-Air OUI - Organizationally Unique Identifier • • SP - Setpoint SPAN - Switched Port Analyzer Quick Start Guide v0.1 • P-NET - Process NETwork • SQL - Structured Query Language • PAW - Privileged Access Workstations • SQLi - SQL Injection SANS ICS By Dean Parsons & Don C. Weber • PCS - Process Control System • SRP - Software Restriction Policies ics.sans.org dparsons@sans.org | don@cutawaysecurity.com • PEAP - Protected Extensible Authentication Protocol • SSA - System Security Assurance • SSL - Secure Sockets Layer This guide covers the basic acronyms used in SANS Industrial Control • PERA - Purdue Enterprise Reference Architecture • PHA - Process Hazards Analysis • SSO - Single-Sign-On System Security courses and includes terms from Operational • PICREL - Preparation, Identification, Containment, Recovery, • SSP - Secure Simple Pairing Technology (OT), Information Technology (IT), and Information Eradication, Lessons Learned • ST - Structured Text Security (InfoSec). • PID - Proportional Integral Derivative Algorithm • STIX - Structured Threat Information eXpression • PIN - Personal Identification Number • TAXII - Trusted Automated eXchange of Indicator Information Terms: A - B • PLC - Programmable Logic Controller • TCP - Transmission Control Protocol • ACDC - Active Cyber Defense Cycle • PMU - Phasor Measurement Unit • TDMA - Time Division Multiple Access • ACL - Access Control List • PNNL - Pacific Northwest National Laboratory • TEM - Threat and Environment Manipulation • AD - Active Directory • PoC - Proof-of-Concept • TKIP - Temporal Key Integrity Protocol • AES - Advanced Encryption Standard • PPE - Personal Protective Equipment • TLS - Transport Layer Security • AGC - Automatic Generation Control • PTP - Precision Time Protocol • TTL - Time-To-Live • AH - Authentication Header Protocol • PV - Process Value/Variable • TTP - Tactics, Techniques, and Procedures • ALE - Annualized Loss Expectancy • QoS - Quality-of-Service • TTX - Tabletop Exercise • AM - Amplitude Modulation • QRA - Quantitative Risk Analysis • UA - Unified Architecture • ANSI - American National Standards Institute • RADIUS - Remote Authentication Dial-In User Service • UAC - User Account Control • AP - Access Point • RARP - Reverse Address Resolution Protocol • UDP - User Datagram Protocol • API - Application Programming Interface • RAT - Remote Access Trojans • VCSP - Vehicle Cyber Security Program • APT - Advanced Persistent Threat • RDP - Remote Desktop Protocol • VSAT - Very Small Aperture Terminal • ARC - Application Runtime Control • RF - Radio Frequency • VIT - Vulnerability Identification Testing • ARO - Annualized Rate Occurrence • RFC - Request for Comment • VLAN - Virtual Local Area Network • ARP - Address Resolution Protocol • RFI - Remote File Inclusions • VM - Virtual Machine • ASAP-SG - Advanced Security Acceleration Project for the Smart Grid • RPC - Remote Procedure Call • VNC - Virtual Network Computing • AV - Asset Value • RPI - Requested Packet Interval Rate • VPN - Virtual Private Network • BACnet - Building Automation and Control Network • RT - Real-Time • WAN - Wide Area Network • BC - Business Continuity • RTOS - Real-Time Operating Systems • WAP - Wireless Access Point • BCP - Business Continuity Plan • RTU - Remote Terminal (Telemetry) Unit • WEP - Wired Equivalent Privacy • BE2 - BlackEnergy2 • SAT - Site Acceptance Test • WIDS - Wireless Intrusion Detection Systems • BE3 - BlackEnergy3 • SCADA - Supervisory Control and Data Acquisition • WiTECK - Wireless Industrial Technology Konsortium • BES - Bulk Electric System • SCCM - System Center Configuration Manager • WLAN - Wireless Local Area Network • BGAN - Broadband Global Area Network • SCM - Security Compliance Manager • WMIC - Windows Management Instrumentation Console • BITS - Background Intelligent Transfer Service • SCT - Security Compliance Toolkit • WPA - Wi-Fi Protected Access • BLE - Bluetooth Low Energy • SDA-S - Security Development Artifacts for Embedded Devices • WSUS - Windows Server Update Services • BMS - Building Management System • SDLA - Security Development Lifecycle Assurance • XSRF - Cross-Site Request Forgery • BP - Business Continuity • SDR - Software-Defined Radios • XSS - Cross-Site Scripting • BPF - Berkeley Packet Filter • SFC - Sequential Function Chart • Terms: B (continued) - E Terms: E (continued) - I Terms: I (continued) - N • BTS - Base Transceiver Station • EMT - Electro Magnetic Transmission • IPC - Inter Process Communication • BYOD - Bring-Your-Own-Device • ENIP - EtherNet/Industrial Protocol • IPFIX - IP Flow Information Export • C&C - Command-and-Control • ENISA - European Union Agency for Network and Information • IPS - Intrusion Prevention systems • C2 - Command-and-Control Security • IPv4 - Internet Protocol Version 4 • CANbus - Controlled Area Network Bus • EoL - End-of-Life • IPv6 - Internet Protocol Version 6 • CART - Complete, Accurate, Relevant, and Timely • EOP - Emergency Operations and Preparedness • IR - Incident Response • CBC - Cipher Block Chaining • EPA - Ethernet for Plant Automation • IRP - Incident Response Plan • CCTV - Closed-Circuit Television • EPCIP - European Programme for Critical Infrastructure Protection • IRT - Isochronous Real-Time • CI - Critical Infrastructure • ERO - Electric Reliability Organization • ISA - International Society of Automation • CIA - Confidentiality, Integrity, and Availability • ERT - Embedded Device Robustness Testing • ISCI - ISA Security Compliance Institute • CIKR - Critical Infrastructure Key Resource • ESCSWG - Energy Sector Control Systems Working Group • ISAC - Information Sharing and Analysis Center • CIP - Common Industrial Protocol • ESD - Emergency Shutdown Systems • ISAO - Information Sharing and Analysis Organization • CIP - Critical Infrastructure Protection • ESP - Encapsulating Security Protocol • ISC - SANS Internet Storm Center • CNAP - U.S. White House Cybersecurity National Action Plan • EST - Experience Sharing Tool • ISM - Industrial, Scientific, and Medical • CPU - Central Processing Unit • EUI - Extended Unique Identifier • ISMS - Information Security Management System • CRPA - Cyber Risk Preparedness Assessments • EW - Engineering Workstation • ISO - International Standards Organization • CRT - Communication Robustness Testing • F&G - Fire and Gas • IT - Information Technology • CSF - Cyber Security Framework • FAT - Factory Acceptance Test • ITS - Internet Time Service • CSIRT - Computer Security Incident Response Team • FBD - Function Block Diagram • IV - Initialization Vectors • CSRF - Cross-Site Request Forgery • FDA - U.S. Food and Drug Administration • LAN - Local Area Network • CTR - Counter Mode • FEP - Front-End Processor • LAPS - Local Administrator Password Solution • CVE - Common Vulnerabilities and Exposures • FIP - Factory Instrumentation Protocol • LD - Ladder Diagram (also referred to as Ladder Logic) • CVSS - Common Vulnerability Scoring System • FIPS - Federal Information Processing Standards • LDAP - Lightweight Directory Access Protocol • CWE - Common Weakness Enumeration • FM - Frequency Modulation • LFI - Local File Inclusions • DA - Data Access • FSA-E - Functional Security Assessment for Embedded Devices • LLDP - Link Layer Discovery Protocol • DA - Domain Administrator • GCHQ - UK Government Communications Headquarters • LOPA - Layers of Protection Analysis • DAS - Data Acquisition System • GNSS - Global Navigation Satellite Systems • LoS - Line-of-Sight • DBA - Database Administrator • GPMC - Group Policy Management Console • LotL - Living-off-the-Land • DCE - Distributed Computer Environment • GPO - Group Policy Object • LSASS - Local Security Authority Subsystem Service • DCS - Distributed Control System • GPS - Global Positioning System • MAC - Media Access Control • DDoS - Distributed Denial-of-Service • HART - Highway Addressable Remote Transducer • MAC - Message Authentication Code • DEP - Data Execution Prevention • HAZOP - HAZard and OPerability • MD - Message Digest • DES - Data Encryption Standard • HCF - HART Communication Foundation • MDM - Mobile Device Management • DFIR - Digital Forensics and Incident Response • HIDS - Host Intrusion Detection System • MES - Manufacturing Execution System • DHCP - Dynamic Host Configuration Protocol • HMAC - Hashed Message Authenticity Check • MIMO - Multiple-Input Multiple-Output • DHS - U.S. Department of Homeland Security • HMI - Human Machine Interface • MitM - Machine-in-the-Middle • DLCI - Data Link Connection Identifier • HSE - High-Speed Ethernet • MMC - Microsoft Management Console • DMS - Distribution Management System • HVAC - Heating, Ventilation, and Air Conditioning • MTD - Maximum Tolerable Downtime • DMZ - Demilitarized Zone • HVP - High Voltage Protection • MTU - Management Terminal Unit • DNP - Distributed Network Protocol • I/O - Input/Output • MU-MIMO - Multi-User Multiple-Input Multiple-Output • DNS - Domain Name Service • IACS - Industrial Automation and Control Systems • MV - Manipulated Variable • DOE - U.S. Department of Energy • IAEA - International Atomic Energy Agency • NAC - Network Access Control • DoS - Denial-of-Service • IANA - Internet Assigned Numbers Authority • NAT - Network Address Translation • DPI - Deep Packet Inspection • ICMP - Internet Control Message Protocol • NCCIC - National Cybersecurity and Communications Integration • DPR - Digital Protective Relay • ICS - Industrial Control Systems Center • DR - Disaster Recovery • IDEA - International Data Encryption Algorithm • NERC - North American Electric Reliability Corporation • DRP - Disaster Recovery Plan • IDS - Intrusion Detection systems • NESCOR - National Electric Sector Cybersecurity Organization • DUC - Defense Use Case • IEC - International Electrotechnical Commission Resources • ECB - Electronic Code Book • IED - Intelligent Electronic Device • NIC - Network Interface Card • EDSA - Embedded Device Security Assurance • IEEE - Institute of Electrical and Electronics Engineers • NIDS - Network Intrusion Detection Systems • EEPROM - Electrically Erasable Programmable Read-Only Memory • IETF - Internet Engineering Task Force • NIPS - Network Intrusion Prevention Systems • EF - Exposure Factor • IIoT - Industrial Internet of Things • NIST - National Institute of Standards and Technology • EFS - Encrypted File System • IL - Instruction List • NLB - Network Load Balancing • EMET - Enhanced Mitigation Experience Toolkit • InfoSec - Information Security • NOC - Network Operations Center • EMS - Energy Management System • IoC - Indicators of Compromise • NSA - U.S. National Security Agency