RTCA DO-356A / EUROCAE ED-203A — Airworthiness Security Methods and Considerations

DO-356A

Section 07: The Big Standards Map

Definition

A companion document to DO-326A that provides detailed methods and considerations for implementing the airworthiness security process. While DO-326A defines the process framework, DO-356A provides practical guidance on security risk assessment methods, threat modeling, vulnerability analysis, security requirements development, security architecture design, and security verification. DO-356A addresses topics such as attack surface analysis, threat identification, security testing (penetration testing, fuzz testing), and the relationship between security assurance and development assurance levels.

Where This Shows Up

DO-356A provides the 'how-to' guidance that complements the 'what-to-do' framework of DO-326A. Together, they form a comprehensive airworthiness security framework that enables applicants to systematically identify and mitigate cybersecurity risks in aircraft systems as part of the type certification process.

Primary Sources

RTCA DO-356A (2018) / EUROCAE ED-203A — Airworthiness Security Methods and Considerations

The primary document providing detailed security assessment methods and implementation guidance.

Related Terms

RTCA DO-326A / EUROCAE ED-202A — Airworthiness Security Process Specification (DO-326A)RTCA DO-355 — Information Security Guidance for Continuing Airworthiness (DO-355)

Need help navigating certification?

Understanding the terminology is the first step. If you need expert guidance on DO-178C, DO-254, ARP4754B, or any aspect of FAA, EASA, or TCCA certification, our team is here to help.