DO-326A: An Introduction to Cybersecurity & Safety in Aviation and Aircraft Systems

Written by: Hanna Taller

Read Time: 3 minutes

The aviation industry plays a crucial role in transport and commerce. Just to give you an idea (the last few years of COVID aside), the 4.3 billion passengers traveling by plane in 2018 are expected to grow to around 10 billion by 2040 according to the International Civil Aviation Organization (ICAO). So it’s no wonder that cybersecurity is a growing concern for the aviation industry, especially when it comes to aviation development safety and certification. Any potential failure has a huge impact on public safety, the global economy, and national security. That’s why the European Aviation Safety Agency introduced the DO-326 cybersecurity standard in 2018. Read on to understand more about DO-326A’s standards for aviation system development and how they will affect your organization!

At the turn of the millennium, it became clear that all aircrafts could already be considered “digital aircrafts” as well as “connected” aircrafts. Of course, components like GPS and radio systems could be found in airplanes for decades — but where old aircrafts operated in a closed system, modern aircrafts contain thousands and thousands of processors operating in an open system. This is due to the fact that airplanes nowadays and the aviation network itself are increasingly connected to the internet and other networks, to facilitate in-flight internet, weather broadcasts, and data services. 

And hackers have taken note: according to Eurocontrol’s recent analysis of the increasing risk levels to the aviation industry from hackers and state-sponsored cybercriminals, commercial airlines accounted for 61 percent of all detected aviation-related cyberattacks in 2020. The traditional way of ensuring aviation development security while creating and maintaining aviation networks and avionics equipment is extremely vulnerable to cyberattacks. That’s where aviation cybersecurity standards like DO-326A come in.

What is DO-326A?

RTCA DO-326A, “Airworthiness Security Process Specification” is the de facto industry standard for cybersecurity in aircrafts. It provides guidance on how to systematically avoid and mitigate malicious interference with aircraft systems, also known as “Intentional Unauthorized Electronic Interaction” (IUEI) or cybersecurity threats. It is often referred to in the industry as “an intro to aviation cybersecurity”. 

DO-326A represents the official European compliance requirements for all aircraft, engines, rotorcraft, and propellers. The contents of the standard explore what it means to create an ecosystem of secure safety, while outlining compliance objectives and data requirements for manufacturers. The primary focus of DO-326A is outlining how to prevent malware infecting the avionics systems during development and flight operations, when an attack could severely affect the way the aircraft is supposed to work, and endanger passenger and operator safety.

Why not just follow DO-178, ARP4754, and DO-254?

Definitive guidance regarding aviation and avionics development security was very deliberately left out of its sibling standards DO-178C, ARP4754, and DO-254. This is because aircraft cybersecurity is considered its own discipline. It requires different evaluations, assurances, and overall technical expertise to ensure avionics development safety.

ARP4754 and DO-178C do deal with issues of Information Security, but since these are not necessarily all about software, the decision was made to keep cybersecurity out of them. On top of that, the “source of legitimacy” i.e. reason for failure in ARP4754 and DO-178C is quite vaguely defined as an “event” that does not extend to include sabotage. Changing this documentation would have vastly delayed the whole process of laying out cybersecurity guidelines, so they just decided to create new ones instead of losing time amending old documents.

What and who does DO-326A apply to?

DO-326A currently covers and applies to:

  • General aviation (part 23)
  • Fixed-wing aircraft (part 25)
  • Rotorcraft (Parts 27 and 29)
  • Engines (Part 33)
  • And propellers (part 35)

From 2022 onwards, the EASA will announce whether or not DO-326A will also address other industry components like military aircraft for example.

In terms of who is affected, anybody related to aircraft and aviation system development and production is affected by DO-326A at this point. This includes (but is by no means an exhaustive list) the following:

  • Aerospace equipment manufacturers
  • Developers / producers of aerospace platforms
  • Managers of aircraft, avionics, and in-flight entertainment
  • Aircraft operators
  • MROs (Maintenance, Repair, and Overhaul managers)
  • Design engineers
  • Quality assurance specialists
  • Certification personnel
  • Other aerospace stakeholders / related service providers

If the regulation expands further in the future, air traffic managers and air navigation services in Europe could be affected too. Basically, any aviation stakeholder who needs to be up to date with cybersecurity regulatory compliance and stay on top of it for their organization should be familiar with the DO-236A.


Contents of the DO-326A

According to DO-326A, anyone deploying new avionics onto an aircraft (like an in-flight entertainment system, in-flight WiFi, or a navigation system for example) is obliged to demonstrate the safety measures that are in place. They also need to be able to demonstrate that they have explored all potential cybersecurity threats and how these measures will mitigate them.

DO-326 puts an emphasis on type certification during the initial three phases of developing an aircraft:

  1. Initiation
  2. Development or Acquisition
  3. Implementation

It also provides guidance for the full development of the avionics cybersecurity safeguards which it lays out in seven steps:

  1. Plan for Security Aspects of Certification
  2. Security Scope Definition
  3. Security Risk Assessment
  4. Risk Acceptability Determination
  5. Security Development
  6. Security Effectiveness Assurance
  7. Communication of Evidence

Together, these steps form a process in which all threat scenarios are evaluated. This is how DO-326A empowers all the stakeholders involved to identify use cases and possible threats, and ensure that the proper security measures are in place to handle them. Following the recommendations DO-326A lays out will help your organization to cut development and compliance costs while ensuring the highest cybersecurity and safety levels possible for your aviation and aircraft systems.

The guidance that DO-326A provides works alongside other hardware/software certification guidance documents like RTC DO-178C and RTCA DO-254. If you’re looking into ways to streamline the development of airborne products, aviation software, and embedded avionics systems while achieving compliance with DO-178C and other aviation standards.


Start Your Free Trial of Codebeamer

Simplify complex product and software engineering at scale. Start your free trial of the Codebeamer open platform that extends ALM functionalities with product line configuration capabilities and provides unique configurations for complex processes. Get Started
Tags: Application Lifecycle Management (ALM) Codebeamer

About the Author

Hanna Taller

Hanna Taller is a content creator for PTC’s ALM Marketing team. She is responsible for increasing brand awareness and driving thought leadership for Codebeamer. Hanna is passionate about creating insightful content centered around ALM, life sciences, automotive technology, and avionics.