OT Glossary

Common Industrial Protocol

A family of protocols including EtherNet/IP, DeviceNet, and ControlNet. CIP provides a common language for devices (from various vendors) to share data and commands in an industrial network, but is most popular with Rockwell/Allen Bradley devices.

Cybersecurity and Infrastructure Security Agency
A U.S. government agency responsible for cybersecurity, infrastructure protection, and emergency communications. In the ICS world, CISA (which includes what used to be ICS-CERT) provides alerts, advisories, and support for protecting critical infrastructure control systems.

A fundamental concept in process control where a sensor, controller, and actuator work together to regulate a physical process. In a closed-loop system, a sensor measures a process variable (like temperature), the controller compares it to a desired setpoint, and if there’s a difference it sends a command to an actuator to correct it. This loop continuously “feeds back” so the process stays on target. (Example: a thermostat (sensor/controller) measuring room temperature and turning a heater (actuator) on/off to maintain the set temperature.)

A system that manages, commands, or regulates the behavior of other devices or systems using control loops (with sensor, actuator, and controller). An industrial control system controls an industrial-scale process.

Centre for Protection of National Infrastructure

UK government organization kind of like the US CISA organization, focused on the security of national infrastructure.

Cyber-physical systems

Integrated systems that have both computational (cyber) and physical components, tightly interconnected. An industrial robot, a smart grid, or an autonomous vehicle are examples of CPS: they involve sensors and actuators interacting with the physical world, guided by software and networking. ICS and OT systems are prime examples of CPS, where a cyber attack can have real-world kinetic impact.

(unidirectional gateway)

A hardware-based cybersecurity device that allows data to flow in only one direction. It’s used in OT environments to connect highly sensitive networks to external systems (like sending plant data to a corporate network) without any possibility of data coming back into the secure zone. Not always practical if remote access is needed.

Distributed control system

A control system commonly used in large, continuous industrial processes (like chemical plants, oil refineries, power generation). In a DCS, control intelligence is distributed throughout the plant across multiple controllers rather than centralized. These controllers (often networked PLCs or dedicated DCS controllers) autonomously run different parts of the process, all coordinated by supervisory software. DCS systems typically span an entire building (as opposed to a single machine or a large geographic area).

A security strategy that employs multiple layers of defense to protect a system. In ICS security, this means implementing a combination of physical security, network segmentation, firewalls, intrusion detection, strict user access controls, etc., so that if one layer fails, others still provide protection. For example, even if a firewall is breached (outer layer), an ICS might still be safe thanks to an internal allow-list. 

An industrial network protocol used for connecting simple industrial devices (sensors, actuators) to a PLC. It’s essentially the Common Industrial Protocol (CIP) running over a CAN (Controller Area Network) bus. DeviceNet was widely used for device-level networking (particularly in automotive manufacturing) to reduce complex wiring. It’s slower and more limited compared to EtherNet/IP, and largely legacy now.