Backbone: A network configuration that connects various LANs together into an
integrated network. In a Plant-wide network, that part of the network whose primary
function is to forward data packets between the other smaller networks.
CoGen: Supplementary Power generation facilities, normally operated by a third party.
Demilitarized Zone (DMZ): A network installed as a “neutral zone” between two
networks with different security levels that require exchanging information. The DMZ
network prevents information and network traffic from passing directly between the two
networks; in Saudi Aramco’s case, between the Corporate Network and the PAN.
Firewall: A firewall is a set of related programs, located at a network gateway server
that protects the resources of a private network from users of other networks.
Human Machine Interface (HMI): The display, data entry devices and supporting
software to allow a user access to applications.
Interfaces: Software modules for collecting data from data sources or sending data to
other systems. Typical data sources are Distributed Control Systems (DCSs), Programmable Logic Controllers (PLCs), OPC Servers, lab systems, and process models. However, the data source could be as simple as a text file.
L3 Switch: A network device that joins multiple computers together at the network
protocol layer of the Open System Interconnection (OSI) model eliminating the need for
a router. L2 network switches operate at layer two (Data Link Layer) of the OSI model.
Local Area Network (LAN): A private data communications network, used for
transferring data among computers and peripherals devices; a data communications
network consisting of host computers or other equipment interconnected to terminal
devices, such as personal computers, often via twisted pair or coaxial cable.
Logical Separation: use of different Layer 3 network subnets or software running on
common hardware to separate two or more networks and systems.
Logs: Files or prints of information in chronological order.
OPC: OPC (originated from OLE for Process Control, now referred as open
connectivity via open standards) is a standard established by the OPC Foundation task
force to allow applications to access process data from the plant floor in a consistent
manner. Vendors of process devices provide OPC Servers, whose communications
interfaces comply with the specifications laid out by the task force (the OPC Standard),
and any client software that complies with that standard can communicate with any of
those servers without regard to hardware releases or upgrades. The connection between
the client and the OPC Server is either through the Microsoft COM interface or through
OLE Automation, and the client accesses data from the data cache maintained by the
OPC Server or requests that the server read the device directly.
Physical Separation: use of different hardware to separate two or more networks and
systems.
Process Automation Network (PAN): is a plant wide network interconnecting Process
Control Systems (PCS) that provides an interface with plant DMZ to communicate with
the Corporate Network or third party external networks. A PAN does not include
proprietary process control networks provided as part of a vendor’s standard process
control system.
Scan Node: Scan Nodes run interfaces. Interfaces get the data from the data sources
and send it to the plant historian servers. Each different data source needs an interface
that can interpret it.
Secured Node: A server or a workstation is located in a room with controlled physical
access. It is assigned with a fixed IP address and the remote desktop service is disabled;
however, remote desktop client can be enabled. Access to the room must be logged
with information such as, Name, Date, time of entry/exit and type of activity.
Server: A server is a dedicated un-manned data provider.
Virtual Private Network (VPN): A private communications network existing within a
shared or public network platform (i.e., the Internet).
Abbreviations:
CCTV – Closed Circuit Television
CSMA/CD – Carrier Sense Multiple Access / Collision Detection
DAHS – Data Acquisition and Historization System
DCS – Distributed Control Systems
DHCP – Dynamic Host Configuration Protocol
DMZ – Demilitarized Zone
DNS – Domain Name System
FTP – File Transfer Protocol
IP – Information Protocol
LAN – Local Area Network
OSI – Open Systems Interconnection
PAN – Process Automation Network
SCADA – Supervisory Control and Data Acquisition
TCP – Transmission Control Protocol
UDP – User Datagram Protocol
UPS – Uninterruptable Power Supply
VLAN – Virtual LAN
VMS – Vibration Monitoring System
WiFi – Wireless Fidelity