Demonstrate Compliance to ED-202A/DO-326A with Type Certificates

Since 2021, the civil aviation cyber security standard set DO-326A/ED-202A entered into force in Europe. The set provides guidance for developing secure aircraft systems throughout the design, development and product life cycle. It is the only Acceptable Means of Compliance (AMC) by FAA & EASA for aviation cyber security airworthiness certification for all types of aircraft, rotorcraft, engines and propellers. The HENSOLDT Cyber Security Engineers are ensuring successful type certifications for your products.

Our Services

  • Provide guidance and support at all ECSS project phases.
  • Identification of assets, threat conditions and scenarios.
  • Conduct security risk assessments with adaption for military context (if needed).
  • Propose effective security measures to mitigate unacceptable risks.
  • Provide engineering input, to help your solution comply to the required DAL and SAL levels.
  • Perform product penetration tests to evaluate the security of IT systems in order to point out weaknesses that might be overlooked (e.g. in the development process).
  • Integration of DO-326A/ED-202A into the development process for continued airworthiness.
  • Provide insights in terms of laws, regulations, and requirements to allow your team to focus on the best product possible.

Distinction to Safety

Airworthiness security adds a new layer to the safety-oriented aviation development processes. It requires unique expertise with different analysis techniques and assurance considerations by addressing the principles Confidentiality, Integrity and Availability (CIA).

Importance of Cyber Security

A special focus on security by design is required due to increasing aircraft connectivity and the elimination of the “air gap” (physical isolation). It is necessary to demonstrate compliance with airworthiness regulations to protect the electronic systems of the aircraft against intentional unauthorized electronic interactions.

Applicability of Regulation

All aviation stakeholders (manufacturer, suppliers, operator, integrator, maintainer) are either directly or indirectly be affected with the standard set. Any significant modification, addition, removal or altered functionality of the system requires re-processing according to DO-326A/ED-202A.

Relationship of Aviation Standards

The mandatory Cyber Security Standards (shown in green) have direct relations with the already existing Aviation Standards (shown in gray). We guide you through the complex interconnections of the standards and make sure that all relevant aspects for the certification are fully covered. 

Contact us

We are looking forward to hear from you. Please do contact us: consulting.cyber@hensoldt.net for further information.