SlideShare utilise les cookies pour améliorer les fonctionnalités et les performances, et également pour vous montrer des publicités pertinentes. Si vous continuez à naviguer sur ce site, vous acceptez l’utilisation de cookies. Consultez nos Conditions d’utilisation et notre Politique de confidentialité.
SlideShare utilise les cookies pour améliorer les fonctionnalités et les performances, et également pour vous montrer des publicités pertinentes. Si vous continuez à naviguer sur ce site, vous acceptez l’utilisation de cookies. Consultez notre Politique de confidentialité et nos Conditions d’utilisation pour en savoir plus.
Key DescriptionCTRL+( Unhides any hidden rows within the selection.CTRL+) Unhides any hidden columns within the selection.CTRL+& Applies the outline border to the selected cells.CTRL+_ Removes the outline border from the selected cells.CTRL+~ Applies the General number format. Applies the Currency format with two decimal placesCTRL+$ (negative numbers in parentheses).CTRL+% Applies the Percentage format with no decimal places. Applies the Exponential number format with two decimalCTRL+^ places.CTRL+# Applies the Date format with the day, month, and year. Applies the Time format with the hour and minute, and AM orCTRL+@ PM. Applies the Number format with two decimal places,CTRL+! thousands separator, and minus sign (-) for negative values.CTRL+- Displays the Delete dialog box to delete the selected cells. Selects the current region around the active cell (the data areaCTRL+* enclosed by blank rows and blank columns). In a PivotTable, it selects the entire PivotTable report.CTRL+: Enters the current time.CTRL+; Enters the current date. Alternates between displaying cell values and displayingCTRL+` formulas in the worksheet. Copies a formula from the cell above the active cell into theCTRL+ cell or the Formula Bar. Copies the value from the cell above the active cell into theCTRL+" cell or the Formula Bar.CTRL++ Displays the Insert dialog box to insert blank cells.CTRL+1 Displays the Format Cells dialog box.CTRL+2 Applies or removes bold formatting.CTRL+3 Applies or removes italic formatting.CTRL+4 Applies or removes underlining.CTRL+5 Applies or removes strikethrough. Alternates between hiding objects, displaying objects, andCTRL+6 displaying placeholders for objects.CTRL+7 Displays or hides the Standard toolbar.CTRL+8 Displays or hides the outline symbols.
CTRL+9 Hides the selected rows.CTRL+0 Hides the selected columns. Selects the entire worksheet. If the worksheet contains data, CTRL+A selects the current region. Pressing CTRL+A a second time selects the entire worksheet.CTRL+A When the insertion point is to the right of a function name in a formula, displays the Function Arguments dialog box. CTRL+SHIFT+A inserts the argument names and parentheses when the insertion point is to the right of a function name in a formula.CTRL+B Applies or removes bold formatting. Copies the selected cells.CTRL+C CTRL+C followed by another CTRL+C displays the Microsoft Office Clipboard. Uses the Fill Down command to copy the contents and formatCTRL+D of the topmost cell of a selected range into the cells below. Displays the Find dialog box.CTRL+F SHIFT+F5 also displays this dialog box, while SHIFT+F4 repeats the last Find action. Displays the Go To dialog box.CTRL+G F5 also displays this dialog box.CTRL+H Displays the Find and Replace dialog box.CTRL+I Applies or removes italic formatting. Displays the Insert Hyperlink dialog box for new hyperlinksCTRL+K or the Edit Hyperlink dialog box for selected existing hyperlinks.CTRL+L Displays the Create List dialog box.CTRL+N Creates a new, blank file. Displays the Open dialog box to open or find a file.CTRL+O CTRL+SHIFT+O selects all cells that contain comments.CTRL+P Displays the Print dialog box. Uses the Fill Right command to copy the contents and formatCTRL+R of the leftmost cell of a selected range into the cells to the right. Saves the active file with its current file name, location, andCTRL+S file format.CTRL+U Applies or removes underlining.
Inserts the contents of the Clipboard at the insertion point andCTRL+V replaces any selection. Available only after you cut or copied an object, text, or cell contents.CTRL+W Closes the selected workbook window.CTRL+X Cuts the selected cells.CTRL+Y Repeats the last command or action, if possible. Uses the Undo command to reverse the last command or to delete the last entry you typed.CTRL+Z CTRL+SHIFT+Z uses the Undo or Redo command to reverse or restore the last automatic correction when AutoCorrect Smart Tags are displayed. Function keys Key Description Displays the Help task pane. CTRL+F1 closes and reopens the current task pane. F1 ALT+F1 creates a chart of the data in the current range. ALT+SHIFT+F1 inserts a new worksheet. Edits the active cell and positions the insertion point at the end of the cell contents. It also moves the insertion point into the F2 Formula Bar when editing in a cell is turned off. SHIFT+F2 edits a cell comment. Pastes a defined name into a formula. F3 SHIFT+F3 displays the Insert Function dialog box. Repeats the last command or action, if possible. F4 CTRL+F4 closes the selected workbook window. Displays the Go To dialog box. F5 CTRL+F5 restores the window size of the selected workbook window. Switches to the next pane in a worksheet that has been split (Window menu, Split command). SHIFT+F6 switches to the previous pane in a worksheet that F6 has been split. CTRL+F6 switches to the next workbook window when more than one workbook window is open.
Note When the task pane is visible, F6 and SHIFT+F6 include that pane when switching between panes. Displays the Spelling dialog box to check spelling in the active worksheet or selected range.F7 CTRL+F7 performs the Move command on the workbook window when it is not maximized. Use the arrow keys to move the window, and when finished press ESC. Turns extend mode on or off. In extend mode, EXT appears in the status line, and the arrow keys extend the selection. SHIFT+F8 enables you to add a non-adjacent cell or range to a selection of cells by using the arrow keys.F8 CTRL+F8 performs the Size command (on the Control menu for the workbook window) when a workbook is not maximized. ALT+F8 displays the Macro dialog box to run, edit, or delete a macro. Calculates all worksheets in all open workbooks. F9 followed by ENTER (or followed by CTRL+SHIFT+ENTER for array formulas) calculates the selected a portion of a formula and replaces the selected portion with the calculated value. SHIFT+F9 calculates the active worksheet.F9 CTRL+ALT+F9 calculates all worksheets in all open workbooks, regardless of whether they have changed since the last calculation. CTRL+ALT+SHIFT+F9 rechecks dependent formulas, and then calculates all cells in all open workbooks, including cells not marked as needing to be calculated. CTRL+F9 minimizes a workbook window to an icon. Selects the menu bar or closes an open menu and submenu at the same time. SHIFT+F10 displays the shortcut menu for a selected item.F10 ALT+SHIFT+F10 displays the menu or message for a smart tag. If more than one smart tag is present, it switches to the next smart tag and displays its menu or message. CTRL+F10 maximizes or restores the selected workbook window. Creates a chart of the data in the current range.F11 SHIFT+F11 inserts a new worksheet.
ALT+F11 opens the Visual Basic Editor, in which you can create a macro by using Visual Basic for Applications (VBA). ALT+SHIFT+F11 opens the Microsoft Script Editor, where you can add text, edit HTML tags, and modify any script code. F12 Displays the Save As dialog box. Other useful shortcut keys Key Description Move one cell up, down, left, or right in a worksheet. CTRL+ARROW KEY moves to the edge of the current data region (data region: A range of cells that contains data and that is bounded by empty cells or datasheet borders.) in a worksheet. SHIFT+ARROW KEY extends the selection of cells by one cell. CTRL+SHIFT+ARROW KEY extends the selection of cells to the last nonblank cell in the same column or row as the active cell.ARROW KEYS LEFT ARROW or RIGHT ARROW selects the menu to the left or right when a menu is visible. When a submenu is open, these arrow keys switch between the main menu and the submenu. DOWN ARROW or UP ARROW selects the next or previous command when a menu or submenu is open. In a dialog box, arrow keys move between options in an open drop--down list, or between options in a group of options. ALT+DOWN ARROW opens a selected drop down list. drop-down Deletes one character to the left in the Formula Bar.BACKSPACE Also clears the content of the active cell. Removes the cell contents (data and formulas) from selected cells without affecting cell formats or comments. DELETE In cell editing mode, it deletes the character to the right of the insertion point. Moves to the cell in the lower lower-right corner of the window when SCROLL LOCK is turned on. Also selects the last command on the menu when a menu or submenu is visible. END CTRL+END moves to the last cell on a worksheet, in the lowest used row of the rightmost used column. CTRL+SHIFT+END extends the selection of cells to the last used cell on the worksheet (lower (lower-right corner).
Completes a cell entry from the cell or the Formula Bar, and selects the cell below (by default). In a data form, it moves to the first field in the next record. Opens a selected menu (press F10 to activate the menu bar) or performs the action for a selected command. In a dialog box, it performs the action for the default ENTER command button in the dialog box (the button with the bold outline, often the OK button). ALT+ENTER starts a new line in the same cell. CTRL+ENTER fills the selected cell range with the current entry. SHIFT+ENTER completes a cell entry and selects the cell above. Cancels an entry in the cell or Formula Bar. ESC It also closes an open menu or submenu, dialog box, or message window. Moves to the beginning of a row in a worksheet. Moves to the cell in the upper-left corner of the window when SCROLL LOCK is turned on. Selects the first command on the menu when a menu or HOME submenu is visible. CTRL+HOME moves to the beginning of a worksheet. CTRL+SHIFT+HOME extends the selection of cells to the beginning of the worksheet. Moves one screen down in a worksheet. ALT+PAGE DOWN moves one screen to the right in a worksheet.PAGE DOWN CTRL+PAGE DOWN moves to the next sheet in a workbook. CTRL+SHIFT+PAGE DOWN selects the current and next sheet in a workbook. Moves one screen up in a worksheet. ALT+PAGE UP moves one screen to the left in a worksheet. PAGE UP CTRL+PAGE UP moves to the previous sheet in a workbook. CTRL+SHIFT+PAGE UP selects the current and previous sheet in a workbook. In a dialog box, performs the action for the selected button, orSPACEBAR selects or clears a check box. CTRL+SPACEBAR selects an entire column in a worksheet.
SHIFT+SPACEBAR select an entire row in a worksheet. CTRL+SHIFT+SPACEBAR select the entire worksheet. If the worksheet contains data, CTRL+SHIFT+SPACEBAR selects the current region. Pressing CTRL+SHIFT+SPACEBAR a second time selects the entire worksheet. When an object is selected, CTRL+SHIFT+SPACEBAR selects all objects on a worksheet. ALT+SPACEBAR displays the Control menu for the Excel window. Moves one cell to the right in a worksheet. Moves between unlocked cells in a protected worksheet. Moves to the next option or option group in a dialog box.TAB SHIFT+TAB moves to the previous cell in a worksheet or the previous option in a dialog box. CTRL+TAB switches to the next tab in dialog box. CTRL+SHIFT+TAB switches to the previous tab in a dialog box.
Control Systems Procurement & Maintenance Specifications Terms List SCADA Procurement Project Procurement Specifications Terms List The list of terms is critical to ensure there is a common understanding in developing procurement language. The objective was to provide definitions that are clear, concise and applicable to the procurement effort. This common terms document will be a living document and can grow and change over time.ACL (Access Control List) — An access control list is a concept in computer security,used to enforce privilege separation. It is a means of enforcing the appropriate access rights to agiven object given certain aspects of the user process that is requesting them, principally theprocesss user identity. On a router an access list specifies which addresses are allowed to accessservices. Access lists can be used to control both inbound and outbound traffic on a router.Active Directory — Active Directory is an implementation of LDAP directory services byMicrosoft for use in Windows environments. Active Directory allows administrators to assignenterprise-wide policies, deploy programs to many computers, and apply critical updates to anentire organization. An Active Directory stores information and settings relating to anorganization in a central, organized, accessible database. Active Directory networks can varyfrom a small installation with a few hundred objects, to a large installation with millions ofobjects.AES — AES is the Advanced Encryption Standard (AES) that is a block cipher adopted as anencryption standard by the US government. It is expected to be used worldwide and analyzedextensively, as was the case with its predecessor, the Data Encryption Standard (DES). AES wasadopted by National Institute of Standards and Technology (NIST) as US FIPS PUB 197 inNovember 2001.AP (Access Point) — A wireless access point (WAP or AP) is a device that "connects"wireless communication devices together to create a wireless network. The WAP is usuallyconnected to a wired network, and can relay data between devices on each side.API (Application Programming Interface) — APIs are a set of definitions of theways in which one piece of computer software communicates with another. It is a method ofachieving abstraction, usually (but not necessarily) between lower-level and higher-levelsoftware.Asynchronous Transfer Mode (ATM) — ATM is a cell relay network protocolwhich encodes data traffic into small fixed-sized (53 byte; 48 bytes of data and 5 bytes of headerinformation) cells instead of variable sized packets as in packet-switched networks (such as theInternet Protocol or Ethernet). It is a connection-oriented technology, in which a connection isestablished between the two endpoints before the actual data exchange begins.5/13/2010 Page 1 of 13
Control Systems Procurement & Maintenance Specifications Terms ListAuthentication — Authentication is the process of verifying an identity claimed by or for asystem entity. Also, any security measure designed to establish the validity of a transmission,message, or originator, or a means of verifying and individual’s eligibility to receive specificcategories of information [http://www.its.bldrdoc.gov/fs-1037/]. As perceived by a computeruser, authentication is generally associated with a password and/or token(s) entered into a hostsystem for the purpose of gaining access to computer application(s). As examples of userauthentication to a host computer, the authentication mechanism might be a password or string ofcharacters provided by the user at a prompt (something you know), and/or a token (somethingyou have), and/or a fingerprint (something you are).Authorization — Authorization is a right or a permission that is granted to a system entity toaccess a system resource.BPL (Broadband over Power Lines) — Also known as Power Line Communications(PLC), can transmit data at up to 200Mbps by utilizing normal electrical power lines. Users ofthe service would plug their broadband modem into a normal power receptacle.CHAP — The Challenge-Handshake Authentication Protocol (CHAP) authenticates a user toan Internet access provider. RFC 1994: PPP Challenge Handshake Authentication Protocol(CHAP) defines the protocol.Cleartext — Data in which the semantic information content (i.e., the meaning) is intelligibleor is directly available as opposed to ciphertext which is encrypted.Client — A Client is any computer whose identification and authorization privileges fornetwork connection are hosted by a server. An HMI interface (e.g., at operator desks in aControl Room) is an example of a client computer configuration.Common Criteria (CC) — ISO/IEC 15408, a standard for evaluating informationtechnology products and systems, such as operating systems, computer networks, distributedsystems, and applications. It states requirements for security functions and for assurancemeasures, which addresses data confidentiality, data integrity, and availability, focuses on threats to information arising from human activities, malicious or otherwise, applies to security measures implemented in hardware, firmware, or softwareConfiguration Management — The term configuration management has the followingmeanings: The management of features and assurances (including security) through control of changes made to hardware, software, firmware, documentation, test, test fixtures and test documentation of an automated information system, throughout the development and operational life of a system. Source Code Management or revision control is part of this.5/13/2010 Page 2 of 13
Control Systems Procurement & Maintenance Specifications Terms List The control of changes made to the hardware, software, firmware, and documentation throughout the system lifecycle.Control System — An interconnection of components (computers, sensors, actuators,communication pathways, etc.) connected or related in such a manner as to command, direct, orregulate itself or another system (e.g., chemical process plant equipment/system, oil refineryequipment/systems, electric generation/distribution equipment/systems, water/waste watersystems, manufacturing control systems, etc.).Data Acquisition — The sampling of the real world to acquire data that can be recordedand/or manipulated by a computer. Sometimes abbreviated DAQ, data acquisition typicallyinvolves acquisition of signals and waveforms and processing the signals to obtain desiredinformation.Database Server — A server hosting a database system (usually an RDBMS) typically usedas a historian and/or business link to the process control environment.Data Logger — A data logger is an electronic instrument that records digital or analogmeasurements over time.DCS (Distributed Control System) — Distributed control systems are used inindustrial and civil engineering applications to monitor and control distributed equipment withremote human intervention.DES — The Data Encryption Standard (DES) is a cipher (a method for encryptinginformation) selected as an official Federal Information Processing Standard (FIPS) for theUnited States in 1976, and which has subsequently enjoyed widespread use internationally. It isbeing replaced by AES.DNP3 (Distributed Network Protocol) — DNP3 is an open, standards-basedcommunication protocol commonly used in the utility industry. DNP3 provides multiplexing,data fragmentation, error checking, link control, prioritization, and layer 2 addressing servicesfor user data.DoS (Denial of Service) — An attack on a computer system or network that causes a lossof service to users, typically the loss of network connectivity and services by consuming thebandwidth of the victim network or overloading the computational resources of the victimsystem. A DDoS (Distributed Denial of Service) attack consists of hundreds or thousands ofglobally distributed sources.Direct-sequence spread spectrum (DSSS) — In telecommunications, direct-sequence spread spectrum is a modulation technique where the transmitted signal takes up5/13/2010 Page 3 of 13
Control Systems Procurement & Maintenance Specifications Terms Listmore bandwidth than the information signal that is being modulated, which is the reason that it iscalled spread spectrum.Discretionary Access Control (DAC) — Discretionary access control defines basicaccess control policies to objects in a file system. Generally, these are done at the discretion ofthe object owner -- file/directory permissions and user/group ownership.Demilitarized Zone (DMZ) — Isolation zone between a protected control network (CN)and external users, such that all production traffic “flowing” between the CN and those externalusers actually flows through an access control device, such as a firewall.DSL — Digital Subscriber Line (also, ADSL, RDSL) is the typical technology used fordelivering broadband communications over copper circuits. Widely used for home and smalloffice broadband connection.EAP — Extensible Authentication Protocol, or EAP (pronounced "eep"), is a universalauthentication mechanism, frequently used in wireless networks and Point-to-Point connections.Although the EAP protocol is not limited to wireless LAN networks and can be used for wiredLAN authentication, it is most often used in wireless LAN networks. The WPA and WPA2standard has officially adopted five EAP types as its official authentication mechanisms.Embedded System/OS — A special-purpose computer controlled electro-mechanicalsystem in which the computer is completely encapsulated by the device it controls. An embeddedsystem has specific requirements and performs pre-defined tasks, unlike a general-purposepersonal computer.Encryption — In cryptography, encryption is the process of obscuring information to makeit unreadable without special knowledge.Ethernet — Ethernet is a frame-based computer networking technology for local areanetworks (LANs). It defines wiring and signaling for the physical layer, and frame formats andprotocols for the media access control (MAC)/data link layer of the OSI model. Ethernet ismostly standardized as IEEE 802.3.Factory Acceptance Test — A test conducted at the vendor premise usually by a third-party to ensure operability of a system according to specifications.Front End Processor (FEP) — A computer which handles communications processingfor a larger computer. Data collection systems may include a front end processor which acceptsdata from instruments and partially processes it before transfer to a larger computer.5/13/2010 Page 4 of 13
Control Systems Procurement & Maintenance Specifications Terms ListFrequency-hopping spread spectrum (FHSS) — Frequency-hopping spreadspectrum (FHSS) is a spread-spectrum method of transmitting radio signals by rapidlyswitching a carrier among many frequency channels, using a pseudorandom sequence known toboth transmitter and receiver.FIELDBUS — Fieldbus control system is a form of decentralized control which linksPLCs via a Controller Area Network (CAN) to control the manufacturing processes at theworkshop-floor level. Such systems include Profibus, Netbus, LonWorks, Industrial Ethernetand many others.Firewall — Firewall is hardware and/or software which functions in a networked environmentto prevent some communications forbidden by the security policy. It has the basic task ofcontrolling traffic between different zones of trust. Typical zones of trust include the Internet (azone with no trust) and an internal network (a zone with higher trust).FTP (File Transfer Protocol) — The File Transfer Protocol is a software standard fortransferring computer files between machines. It belongs to the application layer of the TCP/IPprotocol suite. Since FTP is non-secure it is being replaced by sftp - Secure File TransferProtocol.Gateway — Gateway in a communications network is a network node equipped forinterfacing with another network that uses different protocols.GPRS — GPRS is the General Packet Radio Service a standard for digital overlay on the GSMdigital cellular system. It allows high speed digital and IP connections to be established usingexisting GSM voice infrastructure and is generally used to provide IP connectivity to RTUs.GSM — GSM is Global System for Mobile communications. It is the most common digitalcellular system. GSM can be used for both voice and data applications. It is also used to provideserial communications to RTUs.Hardened System/OS — Hardened hardware and/or software that has been modified withhigh security and hardening features, packages and enhanced toolkits, kernel patches and othercryptography and security related enhancements.HMI (Human-Machine Interface) — A term that refers to the "layer" that separates ahuman that is operating a machine from the machine itself. One example of a HMI is thecomputer hardware and software that enables a single operator to monitor and control largemachinery remotely.5/13/2010 Page 5 of 13
Control Systems Procurement & Maintenance Specifications Terms ListHost-based intrusion detection system (HIDS) — HIDS is an application thatdetects possible malicious activity on a host from characteristics such as change of files (filesystem integrity checker), operating system call profiles, etc.Hyper-text Transfer Protocol (HTTP) — HTTP is a request/response protocolbetween clients and servers. The originating client, such as a web browser, spider, or other end-user tool, is referred to as the user agent. The destination server, which stores or createsresources such as HTML files and images, is called the origin server.ICMP — Internet Control Message Protocol (ICMP) is one of the core protocols of the Internetprotocol suite. It is chiefly used by networked computers operating systems to test other systemsand return error messages—indicating, for instance, that a requested service is not available orthat a host or router could not be reached.IDS (Intrusion Detection System) — An IDS is software or an appliance used todetect unauthorized access or malicious or abnormal operation to a computer system or network.IDS systems that operate on a host to detect malicious activity are called host-based IDS systemsor HIDS, and IDS systems that operate on network data flows are called network-based IDSsystems or NIDS.IEC — International Electrotechnical Commission, is a European standards body which hasdeveloped IEC60870-5 series of SCADA protocols. IEC is now working on IEC-62351 a secureprotocol envelope for DNP3 and IEC60870-5.IED (Intelligent Electronic Device) — A device on the network that contains anembedded system (an embedded system is a special-purpose computer system, which iscompletely encapsulated by the device it controls).Inter-Control Center Communications Protocol (ICCP) — A standard real-time network protocol for data exchange over wide area networks. ICCP is the most commoncommunications protocol between RTO/ISO and control centers (aka, Telecontrol ApplicationService Element.2 (TASE.2)).IP (Internet Protocol) — A data-oriented protocol used by source and destination hostsfor communicating data across a packet-switched internetwork. Data in an IP internetwork aresent in blocks referred to as packets or datagrams (the terms are basically synonymous in IP).IPS (Intrusion Prevention System) — Any hardware and/or software system thatproactively exercises access control to protect computers from exploitation. "Intrusionprevention" technology is considered by some to be an extension of intrusion detection (IDS)5/13/2010 Page 6 of 13
Control Systems Procurement & Maintenance Specifications Terms Listtechnology, but it is actually another form of access control, like an application layer firewall,that uses knowledge of malicious behavior.IPSec — IPsec is a set of cryptographic protocols for securing packet flows and key exchange.Of the former, there are two: Encapsulating Security Payload (ESP) provides authentication, dataconfidentiality and message integrity; Authentication Header (AH) provides authentication andmessage integrity, but does not offer confidentiality. Originally AH was only used for integrityand ESP was used only for encryption; authentication functionality was added subsequently toESP.IPv6 (Internet Protocol version 6) — IPv6 is version 6 of the Internet Protocol; IPv6is intended to replace the current standard, IPv4.ISO (International Organization for Standardization) — The InternationalOrganization for Standardization, also known as ISO, is global network of the nationalstandards bodies of 156 countries dedicated to technical standards development.L2TP — The Layer 2 Tunneling Protocol (L2TP) is a tunneling protocol used to supportvirtual private networks (VPNs). L2TP can be described as "PPP over IP" with additionalfeatures.LAN (Local Area Network) — A LAN is a computer network that spans a relativelysmall area. Most LANs are confined to a single building or group of buildings (campus).LDAP — The Lightweight Directory Access Protocol, or LDAP, is a networking protocol forquerying and modifying directory services running over TCP/IP. An LDAP directory usuallyfollows the X.500 model: It is a tree of entries, each of which consists of a set of namedattributes with values.LINUX — LINUX is a computer operating system. It is among the most famous examples offree software and of open-source development.MAC (Media Access Control) Address — A media access control address (MACaddress) is a unique identifier attached to most forms of networking equipment. It is used atlayer 2 of the OSI protocol. Most layer 2 network protocols use one of three numbering spacesmanaged by the IEEE: MAC-48, EUI-48, and EUI-64, which are designed to be globallyunique.Malware — Malware is malicious software designed to infiltrate or damage a computersystem, without the owners consent. Malware is commonly taken to include computer viruses,worms, Trojan horses, rootkits, spyware and adware.5/13/2010 Page 7 of 13
Control Systems Procurement & Maintenance Specifications Terms ListMODEM — A modem is a device that modulates an analog carrier signal (sound), to encodedigital information, and that also demodulates such a carrier signal to decode the transmittedinformation.NAT — NAT is the process of network address translation and involves re-writing thesource and/or destination address of IP packets as they pass through a router or firewall. NAT isused to enable multiple hosts on a private network to access the Internet using a single public IPaddress.Network-based intrusion detection system (NIDS) — Application that reads allpackets, not just those sent to it, from a network and detects potentially malicious packets basedon rules or algorithms.Network Topology — Network topology is the network structure (logical and/or physical)that may be represented as a collection of nodes, some of which are connected by links. Bustopology: A bus network is such that there is a single line (the bus) to which all nodes areconnected and the nodes connect only to this bus. Mesh topology: A network topology in whichthere are at least two nodes with two or more paths between them. Ring topology: A networktopology in which every node has exactly two branches connected to it. Star topology: Anetwork topology in which peripheral nodes are connected to a central node only when using ahub. The more commonly used switch does not rebroadcast to all nodes, including theoriginating node. Tree topology: A network topology in which the nodes are arranged as a tree.A hybrid topology is a combination of any two or more network topologies in such a way thatthe resulting network does not have one of the standard forms.Network File System (NFS) — NFS is a file system which allows a computer to accessfiles over a network as easily as if they were on its local disks.NIDS — Network Intrusion Detection System is a hardware tool which monitors IP traffic ona network segment (or segments) to detect unauthorized access to a computer system or network.OPC (Open Connectivity via Open Standards) — OPC is open connectivity inindustrial automation and the enterprise systems that support industry. Interoperability is assuredthrough the creation and maintenance of open standards specifications. OPC has been termed“OLE for Process Control”.Open Systems Interconnection Reference Model (OSI) — The Open SystemsInterconnection Reference Model is a layered abstract description for communications andcomputer network protocol design, developed as part of the Open Systems Interconnectinitiative. It is also called the OSI seven layer model as follows: Physical layer Layer 1; Datalink layer Layer 2; Network layer Layer 3; Transport layer Layer 4; Session layer Layer 5;Presentation layer Layer 6; Application layer Layer 7.5/13/2010 Page 8 of 13
Control Systems Procurement & Maintenance Specifications Terms ListPatch — A fix for a software program where the actual binary executable and related files aremodified.PCI Express — PCI Express is an implementation of the PCI computer bus that uses existingPCI programming concepts and communications standards, but bases it on a much faster serialcommunications system.PCS (Process Control System) — A generic term applied to the hardware, firmware,communications, and software used to enable automation of the physical systems.PEAP — Protected Extensible Authentication Protocol, Protected EAP, or simply PEAP(pronounced "peep"), is a method to securely transmit authentication information, includingpasswords, over wireless networks. It was jointly developed by Microsoft, RSA Security andCisco Systems. It is an IETF open standard.PID (Proportional-Integral-Derivative controller) — A standard feedback loopcomponent in industrial control applications. It measures an "output" of a process and controlsan "input", with a goal of maintaining the output at a target value, which is called the "setpoint".PLC (Programmable Logic Controller) — A small computer used for automationof real-world processes, such as control of machinery on factory assembly lines.Port — Hardware Port: A hardware port is an outlet on a piece of equipment into which aplug or cable connects. Network port: A network port is an interface for communicating witha computer program over a network. I/O or machine port - port-mapped I/O: Nearly allprocessor families use the same assembly instructions for both memory access and hardware I/O.Software port: Software is sometimes written for specific processors, operating systems, orprogramming interfaces. A software port is software that has been changed to work on anothersystem.PPP — The Point-to-Point Protocol, or PPP, is commonly used to establish a direct connectionbetween two nodes. It can connect computers using serial cable, phone line, trunk line, cellulartelephone, specialized radio links, or fiber optic links. Most internet service providers use PPPfor dial-up access to the Internet.Process Control — An engineering discipline that deals with architectures, mechanisms,and algorithms for controlling the output of a specific process. For example, heating up thetemperature in a room is a process that has the specific, desired outcome to reach and maintain adefined temperature (e.g. 20°C), kept constant over time. Here, the temperature is the controlledvariable. At the same time, it is the input variable since it is measured by a thermometer andused to decide whether to heat or not to heat. The desired temperature (20°C) is the set point.5/13/2010 Page 9 of 13
Control Systems Procurement & Maintenance Specifications Terms ListThe state of the heater (e.g., the setting of the valve allowing hot water to circulate through it) iscalled the manipulated variable since it is subject to control actions.PROFIBUS (Process Field Bus) — PROFIBUS is the most popular type of fieldbusfor factory and industrial automation with worldwide more than 10 million nodes (2004) in use.Proxy Server — Computer process – often used as, or as part of, a firewall – that relays aprotocol between client and server computer systems, by appearing to the client to be the serverand appearing to the server to be the client.PSTN (Public Switched Telephone Network) — The public telephone system inthe United States used for voice and data communications.Public Key Infrastructure (PKI) — In cryptography, a public key infrastructure (PKI)is an arrangement using digital certificates which provides for third-party vetting of, andvouching for, user identities.QoS (Quality of Service) — In packet-switched networks QoS refers to the probabilityof the network meeting a given traffic contract, or in many cases is used informally to refer theprobability of a packet passing between two points in the network.RADIUS — Remote Authentication Dial-In User Service is an authentication, authorizationand accounting protocol for applications such as network access or IP mobility. It is intended towork in both local and roaming situations. The RADIUS server checks that the information iscorrect using authentication schemes like PAP, CHAP or EAP.RBAC (Role Based Access Control) — An approach to restricting system access toauthorized users. It is a newer and alternative approach to Mandatory Access Control (MAC) andDiscretionary Access Control (DAC).Rootkits — Rootkits are sets of programs which are introduced into a computer systemwithout permission of the computer operator to obtain privileged access which would allowcontrol of the computer, usually with capabilities to avoid detection.Router — A router is a computer networking device that forwards data packets toward theirdestinations between disparate networks through a process known as routing. Routing occurs atlayer 3 of the OSI seven-layer model. Routers can implement other functions and theRTU (Remote Terminal Unit) — An RTU, or Remote Terminal Unit is a devicewhich interfaces objects in the physical world to a DCS or SCADA system by transmittingtelemetry data to the system and/or altering the state of connected objects based on controlmessages received from the system.5/13/2010 Page 10 of 13
Control Systems Procurement & Maintenance Specifications Terms ListSCADA (Supervisory Control and Data Acquisition) — A SCADA computersystem is developed for gathering and analyzing real time data. SCADA systems are used tomonitor and control a plant or equipment in industries such as telecommunications, water andwaste control, energy, oil and gas refining and transportation.Serial Communications — Serial communications is the process of sending data one bitat one time, sequentially, over a communications channel or computer bus. Serialcommunications is used for all long-haul communications and most computer networks, wherethe cost of cable and synchronization difficulties makes parallel communications impractical.Serial computer busses are becoming more common as improved technology enables them totransfer data at higher speeds.Server — A server is a computer or device on a network that manages network resources. Forexample, a file server is a computer and storage device dedicated to storing files, a web serverfor access to web content, a DNS server for domain name services, a database server for accessto relational tables, an email server for access to email, etc.Server Message Block (SMB) — Server Message Block (SMB) is a network protocolmainly applied to share files, printers, serial ports, and miscellaneous communications betweennodes on a network. It also provides an authenticated Inter-process communication mechanism.Synchronous optical networking (SONET) — The Synchronous opticalnetwork, commonly known as SONET, is a standard for communicating digital informationusing lasers or light emitting diodes (LEDs) over optical fiber as defined by GR-253-CORE fromTelcordia.SPP-ICS (System Protection Profile – Industrial Control Systems) — Adocument developed by the National Institute of Standards and Technology (NIST) thatidentifies a starting point for formally stating the security requirements for industrial controlsystems in a logical and structured manner.SSH — Secure Shell Terminal Emulation communications protocol widely used for remoteRTU configuration/ diagnostic.SSID (Service Set Identifier) — A service set identifier (SSID) is a code attached toall packets on a wireless network to identify each packet as part of that network.SSL (Secure Sockets Layer) — Secure Sockets Layer (SSL) and Transport LayerSecurity (TLS), its successor, are cryptographic protocols which provide securecommunications over TCP/IP.5/13/2010 Page 11 of 13
Control Systems Procurement & Maintenance Specifications Terms ListStateful Firewall — A stateful firewall is a firewall that keeps track of the state of networkconnections (such as TCP streams) traveling across it. Source packets are entered into the statetable. Response packets are checked against the state table and only those packets constituting aproper response are allowed through the firewall.Switch — A network switch is a computer networking device that serves as a connectionpoint for devices in a network. A switch forwards packets to the appropriate port based on thepacket’s address.TCP (Transmission Control Protocol) — TCP is one of the main protocols inTCP/IP networks. Whereas the IP protocol deals only with packets, TCP enables two hosts toestablish a connection and exchange streams of data over many packets. TCP includesmechanisms and protocols to ensure delivery of the data in the correct sequence from source todestination.Telnet — Telenet is a terminal emulation communications protocol widely used for remoteRTU configuration/ diagnostic. Telenet is being replaced by SSH.Terminal Server — A device used as an interface between Network (IP) communicationsand serial communication communications.TLS (Transport Layer Security) — See SSL.UDP (User Datagram Protocol) — UDP is a connection-less transport layer protocolthat is currently documented in IETF RFC 768. In the TCP/IP model, UDP provides a verysimple interface between a network layer below and an application layer above. UDP has nomechanism to ensure delivery of the data in the packets nor can it ensure that delivery of thepackets is in the proper sequence. If desired, this must be performed by the application layer.Upgrade — Generally an upgrade is a new release of software, hardware and/or firmwarereplacing the original components to fix errors and/or vulnerabilities in software and/or provideadditional functionality and/or improve performance.URL (Uniform Resource Locator) — URL is a standardized address for someresource (such as a document or image) on the Internet (or elsewhere).USB (Universal Serial Bus) — Universal Serial Bus (USB) provides a serial busstandard for connecting devices, usually to a computer, but it also is in use on other devices.Virus — See Malware.5/13/2010 Page 12 of 13
Control Systems Procurement & Maintenance Specifications Terms ListVLAN (Virtual LAN) — A virtual LAN, commonly known as a VLAN, is a logicallysegmented network mapped over physical hardware.VPN (Virtual Private Network) — A private, encrypted communications networkusually used within a company, or by several different companies or organizations, used forcommunicating in a software tunnel over a public network.VoIP — Voice over Internet Protocol (also called VoIP, IP Telephony, Internet telephony,and Digital Phone) is the routing of voice conversations over the Internet or any other IP-basednetwork. The voice data flows over a general-purpose packet-switched network, instead oftraditional dedicated, circuit-switched voice transmission lines.WEP (Wired Equivalent Privacy) — WEP is part of the IEEE 802.11 standard, and isa protocol used to secure wireless networks (WiFi).WiFi (Wireless Fidelity) — Short for wireless fidelity and is meant to be usedgenerically when referring of any type of 802.11 network, whether 802.11b/a/g dual-band, etc.WiMax (Worldwide Interoperability of Microwave Access) — WiMax isthe name commonly given to the IEEE 802.16 standard. A wireless protocol designed fordistances as far as 30 miles but more commonly 3 – 5 miles.WPA — Wi-Fi Protected Access (WPA and WPA2) are wireless standards providing higherlevels of security than WEP. WPA2 is based on IEEE 802.11i and provides government gradesecurity based on NIST standards and AES encryption.5/13/2010 Page 13 of 13
GlossaryThis glossary is only a tiny subset of all of the various terms and other things that peopleregularly use on The Net. For a more complete (and very entertaining) reference, its suggestedyou get a copy of The New Hackers Dictionary, which is based on a VERY large text file calledthe Jargon File. Edited by Eric Raymond (firstname.lastname@example.org), it is available from theMIT Press, Cambridge, Massachusetts, 02142; its ISBN number is 0-262-68069-6. Also seeRFC-1208, A Glossary of Networking Terms.:-) This odd symbol is one of the ways a person can portray ``mood in the very flat medium of computers---by using ``smilies. This is `metacommunication, and there are literally hundreds of them, from the obvious to the obscure. This particular example expresses ``happiness. Dont see it? Tilt your head to the left 90 degrees. Smilies are also used to denote sarcasm.address resolution Conversion of an Internet address to the corresponding physical address. On an ethernet, resolution requires broadcasting on the local area network.administrivia Administrative tasks, most often related to the maintenance of mailing lists, digests, news gateways, etc.anonymous FTP Also known as ``anon FTP; a service provided to make files available to the general Internet community---see section Anonymous FTP.ANSI The American National Standards Institute disseminates basic standards like ASCII, and acts as the United States delegate to the ISO. Standards can be ordered from ANSI by writing to the ANSI Sales Department, 1430 Broadway, New York, NY 10018, or by telephoning (212) 354- 3300.archie A service which provides lookups for packages in a database of the offerings of countless of anonymous FTP sites. See section The archie Server for a full description.archive server Page | 1
An email-based file transfer facility offered by some systems.ARPA (Advanced Research Projects Agency) Former name of DARPA, the government agency that funded ARPAnet and later the DARPA Internet.ARPAnet A pioneering long haul network funded by ARPA. It served as the basis for early networking research as well as a central backbone during the development of the Internet. The ARPAnet consisted of individual packet switching computers interconnected by leased lines. The ARPAnet no longer exists as a singular entity.asynchronous Transmission by individual bytes, not related to specific timing on the transmitting end.auto-magic Something which happens pseudo-automatically, and is usually too complex to go into any further than to say it happens ``auto-magically.backbone A high-speed connection within a network that connects shorter, usually slower circuits. Also used in reference to a system that acts as a ``hub for activity (although those are becoming much less prevalent now than they were ten years ago).bandwidth The capacity of a medium to transmit a signal. More informally, the mythical ``size of The Net, and its ability to carry the files and messages of those that use it. Some view certain kinds of traffic (FTPing hundreds of graphics images, for example) as a ``waste of bandwidth and look down upon them.BITNET (Because Its Time Network) An NJE-based international educational network.bounce The return of a piece of mail because of an error in its delivery.btw An abbreviation for ``by the way. Page | 2
CFV (Call For Votes) Initiates the voting period for a Usenet newsgroup. At least one (occasionally two or more) email address is customarily included as a repository for the votes. See See section Newsgroup Creation for a full description of the Usenet voting process.ClariNews The fee-based Usenet newsfeed available from ClariNet Communications.client The user of a network service; also used to describe a computer that relies upon another for some or all of its resources.Cyberspace A term coined by William Gibson in his fantasy novel Neuromancer to describe the ``world of computers, and the society that gathers around them.datagram The basic unit of information passed across the Internet. It contains a source and destination address along with data. Large messages are broken down into a sequence of IP datagrams.disassembling Converting a binary program into human-readable machine language code.DNS (Domain Name System) The method used to convert Internet names to their corresponding Internet numbers.domain A part of the naming hierarchy. Syntactically, a domain name consists of a sequence of names or other words separated by dots.dotted quad A set of four numbers connected with periods that make up an Internet address; for example, 126.96.36.199.email The vernacular abbreviation for electronic mail.email address Page | 3
The UUCP or domain-based address that a user is referred to with. For example, the authors address is email@example.com A 10-million bit per second networking scheme originally developed by Xerox Corporation. Ethernet is widely used for LANs because it can network a wide variety of computers, it is not proprietary, and components are widely available from many commercial sources.FDDI (Fiber Distributed Data Interface) An emerging standard for network technology based on fiber optics that has been established by ANSI. FDDI specifies a 100-million bit per second data rate. The access control mechanism uses token ring technology.flame A piece of mail or a Usenet posting which is violently argumentative.FQDN (Fully Qualified Domain Name) The FQDN is the full site name of a system, rather than just its hostname. For example, the system lisa at Widener University has a FQDN of lisa.cs.widener.edu.FTP (File Transfer Protocol) The Internet standard high-level protocol for transferring files from one computer to another.FYI An abbreviation for the phrase ``for your information. There is also a series of RFCs put out by the Network Information Center called FYIs; they address common questions of new users and many other useful things. See section Requests for Comments for instructions on retrieving FYIs.gateway A special-purpose dedicated computer that attaches to two or more networks and routes packets from one network to the other. In particular, an Internet gateway routes IP datagrams among the networks it connects. Gateways route packets to other gateways until they can be delivered to the final destination directly across one physical network.header The portion of a packet, preceding the actual data, containing source and destination addresses and error-checking fields. Also part of a message or news article.hostname Page | 4
The name given to a machine. (See also FQDN.)IMHO (In My Humble Opinion) This usually accompanies a statement that may bring about personal offense or strong disagreement.Internet A concatenation of many individual TCP/IP campus, state, regional, and national networks (such as NSFnet, ARPAnet, and Milnet) into one single logical network all sharing a common addressing scheme.Internet number The dotted-quad address used to specify a certain system. The Internet number for the site cs.widener.edu is 188.8.131.52. A resolver is used to translate between hostnames and Internet addresses.interoperate The ability of multi-vendor computers to work together using a common set of protocols. With interoperability, PCs, Macs, Suns, Dec VAXen, CDC Cybers, etc, all work together allowing one host computer to communicate with and take advantage of the resources of another.ISO (International Organization for Standardization) Coordinator of the main networking standards that are put into use today.kernel The level of an operating system or networking system that contains the system-level commands or all of the functions hidden from the user. In a Unix system, the kernel is a program that contains the device drivers, the memory management routines, the scheduler, and system calls. This program is always running while the system is operating.LAN (Local Area Network) Any physical network technology that operates at high speed over short distances (up to a few thousand meters).mail gateway A machine that connects to two or more electronic mail systems (especially dissimilar mail systems on two different networks) and transfers mail messages among them.mailing list Page | 5
A possibly moderated discussion group, distributed via email from a central computer maintaining the list of people involved in the discussion.mail path A series of machine names used to direct electronic mail from one user to another.medium The material used to support the transmission of data. This can be copper wire, coaxial cable, optical fiber, or electromagnetic wave (as in microwave).multiplex The division of a single transmission medium into multiple logical channels supporting many simultaneous sessions. For example, one network may have simultaneous FTP, telnet, rlogin, and SMTP connections, all going at the same time.net.citizen An inhabitant of Cyberspace. One usually tries to be a good net.citizen, lest one be flamed.netiquette A pun on ``etiquette; proper behavior on The Net. See section Usenet ``Netiquette.network A group of machines connected together so they can transmit information to one another. There are two kinds of networks: local networks and remote networks.NFS (Network File System) A method developed by Sun Microsystems to allow computers to share files across a network in a way that makes them appear as if theyre ``local to the system.NIC The Network Information Center.node A computer that is attached to a network; also called a host.NSFnet The national backbone network, funded by the National Science Foundation and operated by the Merit Corporation, used to interconnect regional (mid-level) networks such as WestNet to one another. Page | 6
packet The unit of data sent across a packet switching network. The term is used loosely. While some Internet literature uses it to refer specifically to data sent across a physical network, other literature views the Internet as a packet switching network and describes IP datagrams as packets.polling Connecting to another system to check for things like mail or news.postmaster The person responsible for taking care of mail problems, answering queries about users, and other related work at a site.protocols A formal description of message formats and the rules two computers must follow to exchange those messages. Protocols can describe low-level details of machine-to-machine interfaces (e.g., the order in which bits and bytes are sent across a wire) or high-level exchanges between allocation programs (e.g., the way in which two programs transfer a file across the Internet).recursion The facility of a programming language to be able to call functions from within themselves.resolve Translate an Internet name into its equivalent IP address or other DNS information.RFD (Request For Discussion) Usually a two- to three-week period in which the particulars of newsgroup creation are battled out.route The path that network traffic takes from its source to its destination.router A dedicated computer (or other device) that sends packets from one place to another, paying attention to the current state of the network.RTFM (Read The Fantastic Manual) Page | 7
.This anacronym is often used when someone asks a simple or common question. The word `Fantastic is usually replaced with one much more vulgar.SMTP (Simple Mail Transfer Protocol) The Internet standard protocol for transferring electronic mail messages from one computer to another. SMTP specifies how two mail systems interact and the format of control messages they exchange to transfer mail.server A computer that shares its resources, such as printers and files, with other computers on the network. An example of this is a Network File System (NFS) server which shares its disk space with other computers.signal-to-noise ratio When used in reference to Usenet activity, signal-to-noise ratio describes the relation between amount of actual information in a discussion, compared to their quantity. More often than not, theres substantial activity in a newsgroup, but a very small number of those articles actually contain anything useful.signature The small, usually four-line message at the bottom of a piece of email or a Usenet article. In Unix, its added by creating a file .signature in the users home directory. Large signatures are a no-no.summarize To encapsulate a number of responses into one coherent, usable message. Often done on controlled mailing lists or active newsgroups, to help reduce bandwidth.synchronous Data communications in which transmissions are sent at a fixed rate, with the sending and receiving devices synchronized.TCP/IP (Transmission Control Protocol/Internet Protocol) A set of protocols, resulting from ARPA efforts, used by the Internet to support services such as remote login (telnet), file transfer (FTP) and mail (SMTP).telnet Page | 8
The Internet standard protocol for remote terminal connection service. Telnet allows a user at one site to interact with a remote timesharing system at another site as if the users terminal were connected directly to the remote computer.terminal server A small, specialized, networked computer that connects many terminals to a LAN through one network connection. Any user on the network can then connect to various network hosts.@TeX A free typesetting system by Donald Knuth.twisted pair Cable made up of a pair of insulated copper wires wrapped around each other to cancel the effects of electrical noise.UUCP (Unix to Unix Copy Program) A store-and-forward system, primarily for Unix systems but currently supported on other platforms (e.g. VMS and personal computers).WAN (Wide-Area Network) A network spanning hundreds or thousands of miles.workstation A networked personal computing device with more power than a standard IBM PC or Macintosh. Typically, a workstation has an operating system such as unix that is capable of running several tasks at the same time. It has several megabytes of memory and a large, high- resolution display. Examples are Sun workstations and Digital DECstations.worm A computer program which replicates itself. The Internet worm (see section The Internet Worm) was perhaps the most famous; it successfully (and accidentally) duplicated itself on systems across the Internet.wrt With respect to. Page | 9