AFuzion Launches New Aviation Cyber-Security Services & Training at Aerospace Tech Week

AFuzion, the world’s leader in aviation development optimization and certification, announces the launch of its new Aviation Cyber-Security Services and Training to coincide with Europe’s largest aviation conference. Aerospace Tech Week taking place in Munich, Germany on March 12-13, will host the world leaders in aviation technology. Over 1,000 aviation technology participants are expected to converge on Munich in six weeks to showcase emerging technologies and capabilities. Dozens of technical presentations will be made and aviation-certification related classes will be held to further enable aviation development optimization. Foremost among these new technologies is Aviation Cyber-Security, meant to ensure prevention and mitigation of electronic incursions into the aircraft operational ecosystem.

March 12, 2019 at Aerospace Tech Week will feature AFuzion’s 1-day course on Aviation Cyber Security and DO-326A / ED-202A compliance. In addition AFuzion’s DO-178C and ARP4754A courses which will also be taught at Aerospace Tech Week, AFuzion’s new Aviation Cyber-Security course on March 12, 2019 will enable attendees to understand the emerging requirements for aviation developers to meet compliance with these new cyber-security standards and ensure safe development and operation of aircraft, avionics and related systems. Details of this March 12, 2019 course at Aerospace Tech Week in Munich, Germany can be found here: https://www.aerospacetechweek.com/event/certified-training/

Why is aviation cyber-security so important and what are the new requirements? Says Aharon David, the manager of AFuzion’s new Aviation Cyber-Security division: “DO-326A/ED-202A is an ‘Airworthiness Security Process Specification’, used to mitigate effects of intentional electrical equipment intrusion, a.k.a. “IUEI” (Intentional Unauthorized Electronic Interaction) which could impact aircraft safety. DO-326A/ED-202A currently has 3 (three) companion documents: ED-201, DO-355/ED-204 and DO-356A / ED-203A (see below for detailed information) , and a few more planned. DO-326A / ED202A provide requirements and objectives in a similar fashion to DO-178C, DO-254, and ARP4754A; while the DO-326A guidance is just that, certification authorities increasingly assess DO-326A compliance as added requirements for aviation suppliers. Currently, DO-326A/ED-202A only applies to larger commercial aircraft, greater than 19 seats, hence is for Part 25 fixed-wing aircraft, however – clear FAA recommendations already exist for the adaptation/tailoring of DO-326A/ED-202A for general aviation (Part 23),rotorcraft (Parts 27 and 29), engines (Part 33) and propellers (Part 35). AFuzion’s participation in various committees and client work indicates DO-326/ED-202 will increasingly be applied to these other aircraft including military beginning in 2022 or thereafter. DO-326A focuses upon type certification during the first three phases of an aircraft (including avionics) type: 1) Initiation, 2) Development or Acquisition, and 3) Implementation. We will be introducing and explaining all these concepts in Munich at Aerospace Tech Week on March 12, 2019.”

Adds AFuzion’s Chief Technical Officer and Founder Vance Hilderman: “Avionics and aircraft manufacturers need to address both developmental and operational aspects of their aircraft/systems. This ecosystem of secure safety within aviation development and operation focuses upon prevention of malware entering the avionics systems while they are being developed or data-loaded, and also during flight operations where such malware (or external hacking) could alter intended aircraft operations and safety. We will be showcasing various technologies which enable aviation developers to comply with these new standards. More details of our DO-326A / ED-202A training class can be found at AFuzion’s website here: https://afuzion.com/training/do-326a-ed-202a-training-aviation-cyber-security/

As their titles suggest, ED-201 serves as the top-level “WHY” guide for the entire information security process. DO-326A/ED-202A define the “WHAT”, including risk assessment for ARP4761A; DO-356A/ED-203A comprise the “HOW” – more or less the “security-companions” of DO-178C/ED-12C et al; DO-355/ED-204 are the “WHAT THEN” – feeding to ARP5150; and the new ED-205 is for the ground (CNS/ATM, e.g. companions to DO-278A), more or less the “security-companions” of DO-278A/ED-109A, et al. Where the base aviation guidelines (DO-178C, DO-254, DO-278A, ARP4754A,…) suggest safe and verifiable engineering processes, the aforementioned security-related documents provide guidance and rules which augment those engineering processes for security intrusions and extend through aircraft operations.

For hands-on insight into the important new emerging requirements and needs for aviation cyber-security, come to Aerospace Tech Week in Munich Germany on March 12-13, 2019.

Leave a Reply