Standard: RTCA DO-356
AIRWORTHINESS SECURITY METHODS AND CONSIDERATIONS
This standard is available for individual purchase.
IHS Standards Expert subscription, simplifies and expedites the process for finding and managing standards by giving you access to standards from over 370 standards developing organizations (SDOs).FEATURES & BENEFITS
- Maximize product development and R&D with direct access to over 1.6 million standards
- Discover new markets: Identify unmet needs and discover next-generation technologies
- Improve quality by leveraging consistent standards to meet customer and market requirements
- Minimize risk: Mitigate liability and better understand compliance regulations
- Boost efficiency: Speed up research, capture and reuse expertise
HOW TO SUBSCRIBE
Airworthiness security is the protection of the airworthiness of an aircraft from intentional unauthorized electronic interference. This includes the consequences of malware and forged data and of access of other systems to aircraft systems.
This guidance provides methods and considerations for securing airworthiness during the aircraft development life cycle from project initiation until the Aircraft Type Certificate is issued for the aircraft type design. It was developed in the context of DO-326A/ED-202A "Airworthiness Security Process Specification" which addresses type certification considerations during the first three life cycle stages of an aircraft type (Initiation, Development or Acquisition, and Implementation) and DO-355/ED-204, "Information Security Guidance for Continuing Airworthiness" which addresses airworthiness security for continued airworthiness.
It is intended to be used in conjunction with other applicable guidance material, including SAE ARP 4754A/ED-79A, SAE ARP 4761/ED-135, DO-178C/ED-12C, and DO-254/ED-80 and with the advisory material associated with FAA AC 25.1309-1A and EASA AMC 25.1309, in the context of part 25 for Transport Category Airplanes which include an approved passenger seating configuration of more than 19 passenger seats. This guidance is not intended for CFR parts 23, 27, 29, 33.28, and 35.15, normal, utility, acrobatic, and commuter category airplanes, normal category rotorcraft, transport category rotorcraft, engines, and propellers.
This document does not address:
a. Physical security or physical attacks on the aircraft (or ground element),
b. Airport, Airline or Air Traffic Service Provider security (e.g., access to airplanes, ground control facilities, data centers),
c. Communication, navigation, and surveillance services managed by national agencies or their international equivalents (e.g., GPS, SBAS, GBAS, ATC communications, ADS-B).
The methods and considerations of this document address the assessment of the acceptability of the airworthiness security risk and the design and verification of the airworthiness security attributes as related to system safety and airworthiness. Other aspects of information security for aerospace systems that do not affect the airworthiness security of the type design are excluded. Recommendations for handling those aspects can be found in other guidance.
More specifically, this guidance addresses the following areas.
It provides guidance for accomplishing the activities identified in DO-326A/ED-202A in the areas of Security Risk Assessment and Effectiveness Assurance.
It provides specific methods for Security Risk Analysis and managing technical requirements for Network Security Domains.
This document describes guidelines, methods and tools used in performing an airworthiness security process. The guidelines, methods and tools presented are not intended to be exhaustive and can be expected to be updated with additional methods and considerations, including those needed to meet evolving regulatory assumptions. Applicants can propose alternative practices for consideration by the authorities. Practices for airworthiness security are still undergoing evolution and refinement as new features are deployed and the security threat itself evolves.
RTCA/EUROCAE documents on Aeronautical Systems Security will address information security for the overall Aeronautical Information System Security (AISS) of airborne systems with related ground systems and environment. This guidance material is for equipment manufacturers, aircraft manufacturers, and anyone else who is applying for an initial Type Certificate (TC), and afterwards ( e.g. for Design Approval Holders (DAH)), Supplemental Type Certificate (STC), Amended Type Certificate (ATC) or changes to Type Certification for installation and continued airworthiness for aircraft systems, and is derived from understood best practice.
|Document Number:||rtca do-356|
|Change Type:||NEW ADDITION|
|Most Recent Revision:||YES|
This Standard References
Showing 10 of 23.
Standards That Reference This Standard
Showing 7 of 7.