More info
Description / Abstract:
The guidance of this document adds to current guidance for
aircraft certification to handle the threat of intentional
unauthorized electronic interaction to aircraft safety. It adds
data requirements and compliance objectives, as organized by
generic activities for aircraft development and certification, to
handle the threat of unauthorized interaction to aircraft safety
and is intended to be used in conjunction with other applicable
guidance material, including SAE ARP 4754A/ED-79A, DO-178C/ED-12C,
and DO-254/ED-80 and with the advisory material associated with FAA
AC 25.1309-1A and EASA AMC 25.1309, in the context of part 25 for
Transport Category Aircraft which include an approved passenger
seating configuration of more than 19 passenger seats. This
guidance is not intended for CFR parts 23, 27, 29, 33.28, and
35.15, normal, utility, acrobatic, and commuter category airplanes,
normal category rotorcraft, transport category rotorcraft, engines,
and propellers.
This document does not address:
a. Physical security or physical attacks on the aircraft (or
ground element),
b. Airport, Airline or Air Traffic Service Provider security
(e.g., access to airplanes, ground control facilities, data
centers),
c. Communication, navigation, and surveillance services managed
by national agencies or their international equivalents (e.g., GPS,
SBAS, GBAS, ATC communications, ADS-B).
This guidance material is for equipment manufacturers, aircraft
manufacturers, and anyone else who is applying for an initial Type
Certificate (TC), and afterwards ( e.g. for Design Approval Holders
(DAH)), Supplemental Type Certificate (STC), Amended Type
Certificate (ATC) or changes to Type Certification for installation
and continued airworthiness for aircraft systems.
Special caution is recommended when applying this guidance to
developments or operations already in place. This guidance is
designed to be implemented across the full life cycle of an
aircraft from design, through operations, to disposal. As such, it
should first be applied to the design stage before its use in
subsequent stages of the life cycle. If objectives are applied to
aircraft which were not previously subject to these objectives
during all stages of its life cycle, then it should be borne in
mind that some aspects of the objectives will not be applicable.
These aspects should be described and dealt with separately. For
existing aircraft or aircraft in development, alternate processes
are acceptable which may utilize some or all of processes of this
document.
Intentional unauthorized electronic interaction (also known as
"unauthorized interaction" within the scope of this document) is
defined as human-initiated actions with the potential to affect the
aircraft due to unauthorized access, use, disclosure, denial,
disruption, modification, or destruction of electronic information
or electronic aircraft system interfaces. This definition includes
the effects of malware on infected devices and the logical effects
of external systems on aircraft systems, but does not include
physical attacks or electromagnetic jamming.
Purpose
This document is a resource for Airworthiness Authorities (AA)
and the aviation industry for certification when the development or
modification of aircraft systems and the effects of intentional
unauthorized electronic interaction can affect aircraft safety. It
deals with the activities that need to be performed in support of
the airworthiness process when it comes to the threat of
intentional unauthorized electronic interaction. The companion
document DO-355/ED-204 "Information Security Guidance for
Continuing Airworthiness" addresses airworthiness security for
continued airworthiness.
A companion document will provide a set of methods and
guidelines that may be used within the airworthiness security
process defined in DO-326A. The provision of methods in that
document is not intended to mean that will be the only acceptable
set of methods; there will be other equally valid methods.
Applicants and authorities should consider those methods, and
alternative practices if and when they are proposed.
The FAA publishes additional guidance that may be used in
combination with this document. Since aircraft electronic security
requirements and regulations change, it is highly recommended that
applicants contact the applicable certification offices (FAA or
International Civil Aviation Authorities) to obtain the most recent
guidance on the use of this document for certification
projects.