- measures taken to protect a system.
- condition of a system that results from the establishment and maintenance of measures to protect the system.
- condition of system resources being free from unauthorized access and from unauthorized or accidental change, destruction, or loss .
- capability of a computer-based system to provide adequate confidence that unauthorized persons and systems can neither modify the software and its data nor gain access to the system functions, and yet to ensure that this is not denied to authorized persons and systems .
- prevention of illegal or unwanted penetration of or interference with the proper and intended operation of an industrial automation and control system.
- NOTE: Measures can be controls related to physical security (controlling physical access to computing assets) or logical security (capability to login to a given system and application.)
Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National Standard