The Emerging & Required DO-326/ED-202-Set Essentials: The Airworthiness Security Process, Methods & Considerations

The DO-326/ED-202 set’s guidance and recommendations are dispersed across all the documents comprising the set, but for establishing airworthiness, the “core” parts of the DO-326/ED-202 set: DO-326A/ED-202A & DO-356A/ED-203A – are to be considered.

This “core” establishes the “Airworthiness Security Process” (AWSP), which is the top level guidance for Airworthiness Security Certification.

The AWSP comprises 7 steps, comprising 14 activities, which include 62 major objectives (combined) to be met, as well as a large number of required artifacts to be produced.

As for the DO-178/DO-254 set development process, the security process is accompanied by integral processes, which, for security, are named “Security Effectiveness Assurance” –comprise 39 objectives, broken down into 118 activities, and are applied as functions of the hierarchical level, severity of consequences and other considerations.

Finally, these processes and methods apply with differing considerations to a variety of development situations, such as – development from scratch, modifications, incorporation of COTS equipment and more.

This detailed tutorial will put all these into their proper places, and clarify the process, methods & considerations for most common cases that require certification, while providing attendees with practical insights and tools to approach this complex process.


• Top-level Airworthiness Security Process (AWSP) review
• AWSP steps in detail
• Certification aspects of airworthiness security
• Airworthiness Security Risk Assessment
• Security architecture development process
• Security measures appraisal and allocation
• Security effectiveness considerations
• The Security Assurance Level (SAL) concept and application
• Security considerations for modifications to existing systems – and how to approach their certification
• Security considerations for previously certified systems – and how to approach their certification
• Security considerations for COTS systems – and how to approach their certification
• Useful insights for implementing the Security Airworthiness Process


Attendees may include all levels of aviation, aircraft, and avionics developers who must understand and comply with the new Security rules.


Aharon David

Mr. Aharon David is AFUZION-InfoSec’s Chief WHO (White Hat Officer). Holding a BSc.AeE. from Israel’s Technion, and an MBA (IT + Tech Management) from Tel-Aviv U., Mr. David previously held some key positions such as the head of the Israeli-Air-Force Avionics & Control Software Development Centre (IAF-ACSDC) and the head of the Israeli-Missile-Defense-Organization (IMDO) System Engineering & Interoperability Department.

Mr. David is currently an advisor for organizations such as CAAI (the Civil Air Authority of Israel) and INCD (Israel’s National Cyber Directorate). Mr. David is the designated instructor and speaker on aviation cyber-security regulation for a variety of esteemed organizations such as the SAE-International (Society of Automotive/Aerospace Engineers), IEEE and AIAA, and is a member of all standard-making committees on the subject, worldwide, such as EUROCAE’s WG-72, RTCA’s SC-216, SAE’s G-32 and more.