Browse Learn C1949

DO-326A and ED-202A: An Introduction to the New and Mandatory Aviation Cyber-Security Essentials C1949


Discounted pricing is in effect during the COVID-19 pandemic. Registration fee  applies to the special live, online September  2020 offering.

The international standards D-326A (U.S.) and ED-202A (Europe) titled "Airworthiness Security Process Specification" are the cornerstones of the "DO-326/ED-202 Set" and they are the only Acceptable Means of Compliance (AMC) by FAA & EASA for aviation cyber-security airworthiness certification, as of 2019. The "DO-326/ED-202 Set" also includes companion documents DO-356A/ED-203A: "Airworthiness Security Methods and Considerations" & DO-355/ED-204: "Information Security Guidance for Continuing Airworthiness" (U.S. & Europe) and ED-201: "Aeronautical Information System Security (AISS) Framework Guidance" & ED-205: "Process Standard for Security Certification / Declaration of Air Traffic Management / Air Navigation Services (ATM/ANS) Ground Systems“ (Europe only).

This two-day seminar will introduce attendees to industry best practices for real-world aviation cyber-security risk-assessment, development & assurance. This seminar presents the information necessary to help minimize DO-326/ED-202-set compliance risks and costs, while also optimizing cyber-security levels for the development, deployment & in-service phases. The instructor will guide attendees through topics such as aircraft security aspects of safety, systems-approach to security, security planning, the airworthiness security process, and security effectiveness assurance. The entire ecosystem of aviation avionics software development will be revisited to include the DO-326/ED-202-Set as a new, integral member of the "classic" safety-oriented development process including the SAE standards ARP-4761 for Safety & ARP-4754A for Systems Development, and software & hardware development standards DO-178C & DO-254, respectively.


Learning Objectives
By attending this seminar, you will be able to:
  • Combine IT & OT cyber-security definitions, methods & considerations and relate them to aviation
  • Identify the background, references & processes that conceived the DO-326/ED-202-set and keep updating it, & the components & inter-relations of which it comprises
  • Integrate the DO-326/ED-202-set into the avionics development & certification processes
  • Apply DO-326/ED-202-set components, processes, steps, activities & objectives
  • Devise practical cyber-security certification strategies for avionics initial Airworthiness, modifications, COTS/pre-certified items selection and continued airworthiness
  • Prepare for upcoming FAA/EASA Aviation cyber-security mandates & recommendations.

Who Should Attend
It is recommended that attendees have at least a college degree in a technical area along with a basic understanding of software or IT. To gain full benefit, it is recommended that attendees have at least some basic knowledge of safety-related airworthiness certification of avionics.

DAY ONE
  • Course Overview & Introduction 
  • Cyber-Security Essentials: From a DO-326/ED-202-Set Point Of View
    • Cyber-Threats Definitions
    • Cyber-Threats Modus Operandi
    • Cyber-Security Fundamentals
    • Cyber-Physical-Systems' Security
  • Aviation Cyber-Security: The DO-326/ED-202-Set
    • The Status, Context, Background & References of the DO-326/ED-202-Set
    • The DO-326/ED-202-set Structure, Contents and Relations to the ARP-4754 "Regime"
    • ED-201: "Aeronautical Information System Security (AISS) Framework Guidance"
  • The DO-326/ED-202-Set "Core"
    • DO-326A/ED-202A & DO-356A/ED-203A: "Airworthiness Security Process Specification" & "Airworthiness Security Methods & Considerations"
    • The Airworthiness Security Process Steps
  • In-Service Cyber-Security
    • DO-355/ED-204: "Information Security Guidance for Continuing Airworthiness"
    • Aircraft, Ground Equipment, Generic InfoSec, Organizational & Personnel Aspects
    • Security Events/Incidents Management
  • ATM/ANS Cyber-Security Certification
    • ED-205: "Process Standard for Security Certification / Declaration of Air Traffic Management / Air Navigation Services (ATM/ANS) Ground Systems"
  • DAY ONE Q&A

DAY TWO
  • DAY ONE Review
  • The Airworthiness Security Process In-Depth: Steps, Activities & Objectives
    • Cyber-Security Plan for Certification
    • Security Risk Assessment Process
    • Security Development Process
    • Cyber-Physical-Systems' Security
  • Security Effectiveness Assurance
    • DO-356A/ED-203A: "Airworthiness Security Methods and Considerations"
  • Cyber-Security for Development-Supplements
    • Modifications
    • COTS & Previously-Certified Systems
  • Summary & Conclusion

Registration for the web seminar (live, online) is available on a per-person basis, similar to purchasing a seat in a classroom. The fee includes one connection to WebEx training center, using a PC with internet access and VoIP or a telephone,* and access to a secure course in the SAE Learning Center for presentations, supplemental materials, assignments, and learning assessment. To enjoy a more personalized experience, use of a webcam is encouraged.

*Global toll-free telephone numbers are provided for many countries outside the U.S., but are limited to those on the WebEx call-in toll-free number list. Check here to see if your country has a global call-in toll free telephone number for this web seminar. If your country is not listed, you may still connect using the US/Canada Call-in toll number or VoIP. 

Although WebEx will automatically launch when you join the web seminar, you are encouraged to test your setup in advance of the course start date. Click here, then follow the onscreen instructions.

Aharon David

Since 1981, Mr. Aharon David has worked in engineering of software and systems avionics, including junior-to-senior technical management positions. Among other duties, Mr. David served as the commander of the Israeli Air Force's Avionics & Control Software-development Center (ACSC) and head of System-Engineering & Interoperability of the Israeli Missile Defense Organization (IMDO) – and along the way developed, taught & commanded technical courses in the US and Israel, and was a speaker at international technical conferences . In recent years, Mr. David has been a senior advisor to the Civil Air Authority of Israel (CAAI), specifically on software certification and recently – aviation Cyber-Security. Mr. David is currently a member of both RTCA's SC-216 & EUROCAE's WG-72 "Aeronautical Systems Security“, and is the Chief WHO (White Hat Officer) of AFuzion-InfoSec, providing Aviation Cyber-Security Certification training & consulting services worldwide. Mr. David holds a BSc in Aerospace Engineering from the Technion –Israel's Institute of Technology, and an MBA from the Tel-Aviv University.

Fees: $1200.00
SAE Members: $1080.00 - $1080.00

1.3 CEUs
You must complete all course contact hours and successfully pass the learning assessment to obtain CEUs.

If paying by a credit card, click the Register button above. If paying by any other method or for general inquiries, please contact SAE Customer Service 1-877-606-7323 (724-776-4970 outside the U.S. and Canada) or at CustomerService@sae.org.

Duration: 13 Hours
September 14-17, 2020 (4 Sessions) - Live Online
  • Session 1 - September 14 (11:30 a.m. - 3:30 p.m. ET)
  • Session 2 - September 15 (11:30 a.m. - 3:30 p.m. ET)
  • Session 3 - September 16 (11:30 a.m. - 3:30 p.m. ET)
  • Session 4 - September 17 (11:30 a.m. - 3:30 p.m. ET)
  •   A discounted fee of $1200 applies only to the special live, online September 7th 2020 date. An additional SAE Member discount will be applied for SAE Professional Members at the time of registration. Note: A Multiple Seat Discount is also available for groups of 5 or more wishing to participate online. Contact the Corporate Learning Sales Team at corplearn@sae.org for more information or to register.

    Corporate Learning Solutions

    Private training your team needs – delivered to your location.

    Request Information »
    X