OT Glossary

A physical device that "acts" on some part of a physical process. In industrial systems, actuators (like motors, valves, or switches) receive commands (often from a controller) to adjust physical processes (e.g. opening a valve or turning a robot arm).

A (near mythical) network security measure where a system or network is physically isolated, with no direct connection to other networks. A true air-gapped OT system has no wired or wireless links to IT networks, reducing risk of remote cyber-attack. However, data (and possibly malware) almost always traverses the air gap via other means like USB and laptops.

AKA application whitelisting - A security approach that permits only pre-approved (trusted) software to run on a system and blocks everything else. In OT, allow-listing is used instead of traditional antivirus because industrial systems benefit from only allowing known-good applications and blocking new, unknown program. This strategy helps prevent malware execution, though it requires maintaining the list and doesn’t stop in-memory or script-based attacks.

Advanced persistent threat - A stealthy and sophisticated threat actor (often nation-state or well-funded group) that gains unauthorized, persistent access to a system and remains undetected for a long period. In OT environments, APTs often target critical infrastructure to gain the capability to cause harm to an unfriendly nation in case a physical war breaks out.

In ICS security context, any device, system, or component that has value and needs protection. This can range from physical equipment (PLCs, RTUs, sensors, etc.) to software and data. Asset inventory refers to the process of cataloging all these devices in an OT network. 

Building Automation and Control Network

A protocol for building automation systems. It’s widely used to allow HVAC, lighting, access control, fire detection, and other building systems to communicate and interoperate, even if they are from different manufacturers. 

Bulk electric system

Basically refers to the larger power grid as a whole. This abbreviation is used in the NERC CIP regulations.

Building management system or BAS (Building automation system)

This is the control system found in large buildings (offices, campuses, etc.) that monitors and controls the building’s electrical and mechanical equipment. A BMS oversees things like heating/cooling (HVAC), lighting, elevators, and security systems to maintain comfort and efficiency. 

Blowout preventer - Safety device in the oil&gas industry to prevent the release of oil and gas while drilling.

A term describing an existing industrial facility or system that is already in operation (often with legacy equipment). Brownfield projects involve upgrading or securing an established OT environment, which can be challenging due to older technology in place. (Contrast with Greenfield, a brand-new installation built from scratch.) Securing a brownfield ICS often means dealing with legacy systems that weren’t designed with cybersecurity in mind.