The purpose of this document is to provide guidance for aircraft engine and propeller control systems certification for Cybersecurity. This cybersecurity compliance requires that the Engine Control, Propeller Control, Monitoring and Auxiliary equipment, systems and networks be protected from intentional, unauthorized electronic interactions that may result in an adverse effect on the safety of the propulsion system or the airplane. This involves identification of security risks, their mitigation, verification of protections and their maintenance in service.
Rationale: A typical modern aircraft has multiple systems interconnected by data communication networks. The engine or propeller control systems are connected directly or indirectly to some of the aircraft systems and operator interfaces. These control systems may be susceptible to Unauthorized External Access when access by external sources are allowed to connect to :
- aircraft systems (e.g. air data computers, flight and thrust management computers, engine interface units),
- data loaders for field programming of software,
- equipment for making adjustments to embedded software or
- equipment to download from or upload data to the engine or propeller control using wired or wireless communication protocols.
For flight safety, it is important to evaluate information security threats in propulsion systems, incorporate and substantiate threat mitigations, and make provisions for continued airworthiness.