Do326a

DO -326A and ED-202A : An Introduction to the New and Mandatory Aviation Cyber-Security Essentials

The international standards D-326A (U.S.) and ED-202A (Europe) titled "Airworthiness Security Process Specification" are the cornerstones of the "DO-326/ED-202 Set" and they are the only Acceptable Means of Compliance (AMC) by FAA & EASA for aviation cyber-security airworthiness certification, as of 2019. The "DO-326/ED-202 Set" also includes companion documents DO-356A/ED-203A: "Airworthiness Security Methods and Considerations" & DO-355/ED-204: "Information Security Guidance for Continuing Airworthiness" (U.S. & Europe) and ED-201: "Aeronautical Information System Security (AISS) Framework Guidance" & ED-205: "Process Standard for Security Certification / Declaration of Air Traffic Management / Air Navigation Services (ATM/ANS) Ground Systems“ (Europe only).
This two-day seminar will introduce attendees to industry best practices for real-world aviation cyber-security risk-assessment, development & assurance. This seminar presents the information necessary to help minimize DO-326/ED-202-set compliance risks and costs, while also optimizing cyber-security levels for the development, deployment & in-service phases. The instructor will guide attendees through topics such as aircraft security aspects of safety, systems-approach to security, security planning, the airworthiness security process, and security effectiveness assurance. The entire ecosystem of aviation avionics software development will be revisited to include the DO-326/ED-202-Set as a new, integral member of the "classic" safety-oriented development process including the SAE standards ARP-4761 for Safety & ARP-4754A for Systems Development, and software & Hardware development standards DO-178C & DO-254, respectively.

Learning Objectives

By attending this seminar, you will be able to:
• Combine IT & OT Cyber-Security definitions, methods & considerations – and relate them to Aviation
• Identify the background, references & processes that conceived the DO-326/ED-202-set & keep updating it, and the components & inter-relations of which it comprises
• Integrate the DO-326/ED-202-set into the avionics development & certification processes
• Apply DO-326/ED-202-set components, processes, steps, activities & objectives
• Devise practical Cyber-Security certification strategies for avionics initial Airworthiness, modifications, COTS/pre-certified items selection and Continued Airworthiness
• Prepare for upcoming FAA/EASA Aviation Cyber-Security mandates & recommendations.

Who Should Attend

• It is recommended that attendees have at least a college degree in a technical area along with a basic understanding of software or IT.
• To gain full benefit, it is recommended that attendees have at least some basic knowledge of safety-related airworthiness certification of avionics.

DAY ONE

• Course Overview & Introduction
• Cyber-Security Essentials: From a DO-326/ED-202-Set Point Of View
o Cyber-Threats Definitions
o Cyber-Threats Modus Operandi
o Cyber-Security Fundamentals
o Cyber-Physical-Systems' Security
• Aviation Cyber-Security: The DO-326/ED-202-Set
o The Status, Context, Background & References of the DO-326/ED-202-Set
o The DO-326/ED-202-set Structure, Contents and Relations to the ARP-4754 "Regime"
o ED-201: "Aeronautical Information System Security (AISS) Framework Guidance"
• The DO-326/ED-202-Set "Core"
o DO-326A/ED-202A & DO-356A/ED-203A: "Airworthiness Security Process Specification" & "Airworthiness Security Methods & Considerations“
o The Airworthiness Security Process Steps
• In-Service Cyber-Security
o DO-355/ED-204: "Information Security Guidance for Continuing Airworthiness"
o Aircraft, Ground Equipment, Generic InfoSec, Organizational & Personnel Aspects
o Security Events/Incidents Management
• ATM/ANS Cyber-Security Certification
o ED-205: "Process Standard for Security Certification / Declaration of Air Traffic Management / Air Navigation Services (ATM/ANS) Ground Systems"
• DAY ONE Q&A

DAY TWO

• DAY ONE Review
• The Airworthiness Security Process In-Depth: Steps, Activities & Objectives
o Cyber-Security Plan for Certification
o Security Risk Assessment Process
o Security Development Process
o Cyber-Physical-Systems' Security
• Security Effectiveness Assurance
o DO-356A/ED-203A: "Airworthiness Security Methods and Considerations"
• Cyber-Security for Development-Supplements
o Modifications
o COTS & Previously-Certified Systems
• Summary & Conclusion

Contact vijay 9440089341

Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License