Plain-language definitions of the protocols, standards, and terminology used in industrial cybersecurity.
A serial communication protocol originally published in 1979 for connecting PLCs. Modbus is one of the most widely used protocols in industrial automation, particularly in water treatment, power distribution, and manufacturing. It has no built-in authentication or encryption, making monitoring essential.
The TCP/IP variant of Modbus that operates over Ethernet networks on port 502. Modbus TCP allows standard IT networking equipment to carry industrial control traffic, which also means IT-side attackers can directly interact with OT devices using readily available tools.
A communication protocol used primarily in electric utilities and water/wastewater SCADA systems. DNP3 operates on TCP port 20000 and provides reliable communication between control centers and field devices. It supports event-based reporting, which reduces bandwidth but complicates monitoring.
An industrial network protocol that adapts the Common Industrial Protocol (CIP) to standard Ethernet. EtherNet/IP is widely used in manufacturing environments with Allen-Bradley and Rockwell Automation PLCs. It carries both real-time control data and configuration commands on the same network.
Hardware and software that monitors or controls physical processes, devices, and infrastructure. OT includes the PLCs, RTUs, and SCADA systems that run water plants, power grids, and manufacturing lines. Unlike IT systems, OT failures can have immediate physical consequences.
The collection of control systems used to operate industrial processes, including SCADA systems, distributed control systems (DCS), and PLCs. ICS security focuses on ensuring these systems operate safely and reliably even when connected to broader networks.
A system architecture used to monitor and control geographically distributed industrial processes from a central location. SCADA systems collect data from remote sensors and RTUs, display it to operators, and transmit control commands. They are the backbone of utility operations.
A ruggedized computer used to automate industrial processes such as controlling pumps, valves, and motors. PLCs execute programmed logic in real time and communicate using industrial protocols like Modbus and EtherNet/IP. They are designed for reliability but rarely include security features.
A microprocessor-controlled device that interfaces sensors and actuators to a SCADA system, typically at remote field sites. RTUs collect data from physical processes and transmit it to the central control system over serial or TCP/IP links using protocols like DNP3 or Modbus.
The display panel or software application that allows operators to interact with industrial control systems. HMIs show process data, alarm states, and control options. They are often the target of attacks because compromising an HMI gives an attacker the same capabilities as a plant operator.
A set of mandatory cybersecurity standards developed by the North American Electric Reliability Corporation for bulk electric system operators. NERC CIP covers electronic security perimeters (CIP-005), system security management (CIP-007), and configuration change management (CIP-010), among others. Non-compliance can result in penalties up to $1 million per day.
An international series of standards addressing cybersecurity for industrial automation and control systems. IEC 62443 provides a framework for securing industrial communication networks across their entire lifecycle, from design through operation and maintenance. It is increasingly referenced in procurement requirements for OT security products.
A security strategy that layers multiple independent defensive measures so that if one fails, others continue to protect the system. In OT environments, defense-in-depth typically includes network segmentation, access control, passive monitoring, and physical security. No single product provides complete protection, which is why monitoring is essential even in well-segmented networks.
See how Kyntic monitors these protocols and generates compliance evidence automatically.
View Sample Report