Mastering Aviation Safety & Cybersecurity: DO-178C & DO-326A

In an era where the safety and security of aviation systems are paramount, understanding the interplay between DO-178C and DO-326A is crucial for industry professionals. This webinar explores the key objectives of these critical standards, highlighting their distinct yet complementary roles in aviation software development.

DO-178C provides comprehensive guidelines for ensuring the safety and reliability of airborne software systems, focusing on software life cycle processes, design assurance, and verification activities. In contrast, DO-326A addresses the increasing need for robust cybersecurity measures, offering a structured framework for identifying, assessing, and mitigating security threats to aircraft systems.

Watch to gain valuable insights into the implementation of these standards, their relevance to current industry challenges, and evolving nature in response to emerging technologies.

Learn how to:

• Manage compliance with functional safety and security standards.
• Maximize software test automation efficiency.
• Apply safety requirements management methods for security.
• Shift left security testing (SAST, DAST).
• Integrate DevSecOps into your development workflow.

Parasoft Solutions for Aviation Compliance

Parasoft offers a suite of tools that support both DO-178C and DO-326A compliance. These tools provide capabilities such as:

• Static analysis
• Unit testing
• On-target hardware testing
• Structural code coverage
• API testing
• Service virtualization

These solutions integrate with CI pipelines (Jenkins, GitLab, GitHub) and requirements management tools (DOORS Next, Jama, Codebeamer, Jira), streamlining the development and verification process. Parasoft also provides tool qualification kits to help automate the qualification process required by DO-178C, simplifying compliance even when tools are updated. Customers have reported significant time savings and improved efficiency using Parasoft’s tools, particularly for on-target testing and coverage extraction.

Understanding DO-178C: The Foundation of Aviation Safety

The Radio Technical Committee for Aeronautics (RTCA), founded in 1935, works with the FAA and international experts to develop aviation standards. DO-178, first released in 1982, has evolved significantly. Revision B (1992) shifted focus to objectives rather than a “how-to” guide, introducing five software levels (A to E) with Level A being the most stringent. It also emphasized testing based on requirements and introduced bidirectional traceability from requirements to code.

DO-178C, released in 2012, clarified DO-178B and introduced a modular approach with supplemental documents like DO-330 (tool qualification), DO-331 (model-based development), DO-332 (object-oriented software), and DO-333 (formal methods).

Key DO-178C Objective:

• The key objective of DO-178C are to ensure that airborne software is developed with a rigorous, traceable, and verifiable process that mitigates the risk of software-related failures. This is achieved through defined planning, development, verification, configuration management, quality assurance, and certification processes, scaled by the software’s safety level and defined within the DO-178C standard.

Key Challenges in DO-178C Compliance:

• Performing bidirectional requirements traceability.
• Identifying and documenting compliance objectives for the assigned software level.
• Adhering to coding standards (e.g., MISRA C).
• Performing and documenting data and control coupling analysis.
• Validating on the hardware target.
• Achieving structural code coverage (statement, branch, MCDC, object code).
• Using qualified tools or qualifying them.
• Having a robust compliance management plan and expert support.

Integrating Cybersecurity with DO-326A

DO-326A, developed by EUROCAE (as ED-202A) and RTCA (as SC 216), addresses aviation cybersecurity. It complements DO-178C by applying similar process-oriented principles to security. The standard focuses on the airworthiness security process (AWSP), aiming to keep avionics systems secure against threats, both intentional and unintentional.

Key DO-326A Concepts:

• Companion Documents: DO-326A is supported by ED-203A/DO-355 (information security guidance for continuing airworthiness).
• Scope: Applies to general civil aviation, with military aircraft under consideration.
• Life Cycle Phases: Integrates security considerations throughout the development lifecycle, mirroring the V-model.

The Airworthiness Security Process (AWSP) Overview:

1. Certification Management: Planning the certification process, including risk assessment, assurance level assignment, and security requirements validation. This plan must be agreed upon with regulatory authorities.
2. Scope Establishment: Identifying logical and physical assets within the aircraft system (e.g., external communication systems, internal subsystems, data).
3. Security Risk Assessment: Similar to safety assessment, this involves identifying threats, conditions, and scenarios to determine security risk levels.
4. Decision Gate: If security risks are identified, evidence of assessment and mitigation measures must be produced.
5. Security Protection Implementation: Implementing security measures in the design.
6. Effectiveness Measurement: Testing to measure the effectiveness of implemented security protections.
7. Evidence Capture: Collecting all evidence for certification purposes.

Safety and Security Intersect:

Safety and security processes can run in parallel. While safety focuses on mitigating failures, security focuses on mitigating threats and vulnerabilities. These mitigations translate into requirements that need traceability, implementation, and verification, like safety requirements.

Key Considerations for DO-326A:

• Perform security risk assessments.
• Thoroughly test the effectiveness of security solutions.
• Consider common vulnerabilities in systems like USB connections or specific protocols.