Aerodrome |
New Guide for Best Practices, Minimum Requirements, and General Recommendations for Reliable, Cyber Secure, and Upgradable Security Control Systems |
ASTM WK44589 |
ASTM |
|
TBD |
Draft |
|
|
|
|
|
|
|
|
x |
x |
|
|
|
|
|
|
|
|
|
|
x |
|
|
|
Focus on detention facility cyber security requirements - may have relevance to aerodrome security |
Aircraft |
Onboard Secure WiFi Network Profile Standard |
ARINC 687 |
ARINC |
|
2021 |
Published |
|
|
|
|
|
|
x |
|
|
|
x |
|
|
|
|
|
|
x |
|
|
|
|
|
|
|
Aircraft |
Supply Chain Management Handbook |
SCMH 7.19 Cybersecurity |
IAQG |
|
June 2023 |
Published |
|
|
|
|
|
|
x |
|
|
|
|
|
|
x |
|
|
|
|
|
x |
|
x |
|
|
|
Aircraft |
Guidance for Security Event Logging in an IP Environment |
ARINC 852 |
ARINC |
|
2017 |
Published |
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
x |
|
|
x |
|
|
|
x |
|
|
|
Aircraft |
Information Security Guidance For Continuing Airworthiness |
ED-204A |
EUROCAE |
WG-72 |
2020 |
Published |
RTCA DO-355A |
|
|
|
|
x |
|
|
x |
|
|
|
|
x |
x |
|
|
|
|
x |
x |
x |
x |
|
|
Aircraft |
Internet Protocol Suite (IPS) for Aeronautical Safety Services |
ARINC 858 |
ARINC |
|
2021 |
Published |
|
|
|
|
|
|
x |
|
|
|
x |
|
|
|
|
|
|
x |
|
|
|
|
|
|
|
Aircraft |
Intersystem Network Integration |
ARINC 688 |
ARINC |
|
2021 |
Published |
|
|
|
|
|
|
x |
|
|
|
x |
|
|
|
|
|
|
x |
|
|
|
|
|
|
|
Aircraft |
Airworthiness Security Methods And Considerations |
ED-203A |
EUROCAE |
WG-72 |
2018 |
Published |
RTCA DO-356A |
|
|
|
|
x |
x |
|
|
x |
x |
|
|
|
x |
|
|
x |
|
x |
|
|
x |
|
|
Aircraft |
|
|
|
|
|
|
|
Rule Making Task.0648 |
EASA |
2020 |
Published |
|
|
|
|
x |
|
|
|
|
|
|
|
x |
x |
x |
x |
x |
|
|
Update of Certification Specifications and AMC to include Cybersecurity objectives and considerations for products. Certification specification CS-25, CS-23, CS-29, CS-27, CS-P, CS-E, CS-ETSO and AMC 2042 NPA 1Q2019 ED 2020/006/R released updating CS-23, CS-25, CS-27, CS-29, CS-E, CS-P, CS-APU, CS-ETSO and Part 21. Issue of AMC 20-42 |
Aircraft |
Guidance for Security of Loadable Software Parts Using Digital Signatures |
ARINC 835-1 |
ARINC |
|
2014 |
Published |
|
|
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
|
x |
|
|
|
|
|
|
|
Aircraft |
MASPS for AMS(R)S Data and Voice Communications Supporting Required Communications Performance (RCP) and Required Surveillance Performance (RSP) |
ED-242D |
EUROCAE |
WG-82 |
June 2024 |
Draft |
RTCA DO-343E |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
x |
|
|
|
Details are captured in EASCG RDP (www.eascg.eu). |
Aircraft |
Aviation Industry Standards for Digital Information Security |
ATA 42 rev 2020.1 |
ATA (now A4E) |
|
2020 |
Published |
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
x |
|
|
x |
|
|
|
|
|
|
|
Aircraft |
Process management for avionics – Management plan – Part 2: Preparation and maintenance of an electronic COTS assemblymanagement plan |
IEC TS 62239-2 |
IEC |
|
2017 |
Published |
|
|
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
|
|
|
|
|
|
|
|
Not directly cyber standard but support ED-203A on establishing an ECMP to avoid counterfeit and other suspect components. |
Aircraft |
Process management for avionics – Counterfeit prevention – Part 2: Managing electronic components from non-franchised sources |
IEC 62668-2 |
IEC |
|
2019 |
Published |
|
|
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
|
|
|
|
|
|
|
|
|
Aircraft |
MASPS for AMS(R)S Data and Voice Communications Supporting Required Communications Performance (RCP) and Required Surveillance Performance (RSP) |
ED-242C |
EUROCAE |
WG-82 |
2021 |
Published |
RTCA DO-343D |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
x |
|
|
|
Details are captured in EASCG RDP (www.eascg.eu). |
Aircraft |
Requirements for a COTS Assembly Management Plan |
SAE EIA 993C |
SAE |
|
2020 |
Published |
|
|
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
|
|
|
|
|
|
|
|
|
Aircraft |
Fraudulent/Counterfeit Electronic Parts: Avoidance, Detection, Mitigation, and Disposition - Authorized/Franchised Distribution |
SAE AS 6496 |
SAE |
|
2014 |
Published |
|
|
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
|
|
|
|
|
|
|
|
|
Aircraft |
Airworthiness Security Process Specification |
ED-202A |
EUROCAE |
WG-72 |
2014 |
Published |
RTCA DO-326A |
|
|
|
|
x |
|
|
|
x |
x |
|
|
|
|
|
|
x |
|
|
|
|
|
|
|
Aircraft |
Quality Management Systems - Requirements for Aviation, Space, andDefense Organizations - Deliverable Software (Supplement to 9100:2016) |
SAE AS 9115A |
SAE |
|
2017 |
Published |
|
|
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
|
|
|
|
x |
|
|
|
|
Aircraft |
Non-deliverable software requirements |
AS 9125 |
SAE |
|
TBD |
Draft |
|
|
|
|
|
|
x |
|
|
|
x |
|
|
x |
|
|
|
|
|
|
|
|
|
|
|
ATM/ANS |
Air Traffic Management - Information security for organisations supporting civil aviation operations |
EN 16495 |
CEN |
|
2019 |
Published |
ISO/IEC |
|
|
|
|
|
|
|
|
x |
x |
|
x |
|
|
|
|
|
|
|
|
x |
|
|
European Standard |
Aircraft |
Requirements for an Electronic Components Management Plan |
SAE EIA STD 4899C |
SAE |
|
2017 |
Published |
|
|
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
|
|
|
|
|
|
|
|
|
Aircraft |
Fraudulent/Counterfeit Electronic Parts: Avoidance, Detection, Mitigation, and Disposition - Distributors |
SAE AS 6081 |
SAE |
|
2012 |
Published |
|
|
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
|
|
|
|
|
|
|
|
|
ATM/ANS |
ICT Security Guidance |
Edition 1.0, May 2008 |
EUROCONTROL |
|
2008 |
Published |
|
|
|
|
|
x |
|
|
x |
x |
x |
|
|
|
|
|
|
|
x |
x |
x |
|
|
|
|
ATM/ANS |
Air Traffic Management - Specification for software assurance levels |
CEN/TS 16501 |
CEN |
|
2013 |
Published |
ISO/IEC |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Technical Specification |
ATM/ANS |
Manual for National ATM Security Oversight |
Edition 3.0, December 2016 |
EUROCONTROL |
|
2016 |
Published |
|
|
|
|
|
|
|
|
x |
|
|
|
x |
|
|
|
|
|
|
|
|
|
|
|
|
ATM/ANS |
Security Risk Assessment Methodology for SESAR 2020 (SecRAM 2.0 + corresponding catalogue) |
|
SESAR 2020 |
|
2017 |
Published |
|
|
|
|
|
x |
|
|
|
x |
x |
|
x |
|
|
|
|
|
|
x |
x |
|
|
|
Internal S2020 standard |
Transversal |
PKI SecurityPolicy |
Doc. 10095 |
ICAO |
|
2022 |
Draft |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Information to be completed. |
Transversal |
Secure Dialog Service Tech Manual / ConOps / Guidance |
Doc. 10094 |
ICAO |
|
2022 |
Draft |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Information to be completed. |
Transversal |
Security and Privacy Controls for Federal Information Systems and Organizations |
US NIST 800-53 rev.4 |
NIST |
|
2013 |
Published |
|
|
|
|
|
x |
x |
x |
x |
x |
x |
x |
x |
x |
x |
x |
|
x |
x |
x |
x |
|
|
|
|
Other available standards |
Protection profiles for secure signature creation device - Part 6: Extension for device with key import and trusted channel to signature creation application |
EN 419211-6 |
CEN |
|
2014 |
Published |
|
|
|
|
|
|
|
|
|
|
x |
x |
|
|
|
|
|
|
|
x |
|
x |
|
|
European Standard |
Other available standards |
Protection profiles for secure signature creation device - Part 1: Overview |
EN 419211-1 |
CEN |
|
2014 |
Published |
|
|
|
|
|
x |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
European Standard |
Other available standards |
Information technology - Security techniques - Guidelines for the analysis and interpretation of digital evidence (ISO/IEC 27042:2015) |
EN ISO/IEC 27042 |
CEN and CENELEC |
|
2016 |
Published |
ISO/IEC |
|
|
|
|
|
x |
|
|
x |
x |
x |
|
x |
x |
|
|
|
|
x |
|
x |
|
|
European Standard |
Transversal |
Cyber Physical Systems Software Assurance. |
JA6678 |
SAE G-32 Cyber Physical Systems Security |
|
2022 |
Draft |
|
|
|
|
|
x |
|
|
|
x |
|
x |
|
x |
|
|
|
x |
|
x |
x |
x |
|
|
|
Other available standards |
Security requirements for device for authentication - Part 1: Protection profile for core functionality |
EN 419251-1 |
CEN |
|
2013 |
Published |
|
|
|
|
|
|
|
|
|
|
x |
x |
|
|
|
|
|
|
|
x |
|
x |
|
|
European Standard |
Other available standards |
Information technology - Security techniques - Information security management systems - Overview and vocabulary (ISO/IEC 27000:2016) |
EN ISO/IEC 27000 |
CEN and CENELEC |
|
2017 |
Published |
ISO/IEC |
|
|
|
|
x |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
European Standard |
security management systems — |
Information technology - Security techniques - Guidelines for identification, collection, acquisition and preservation of digital evidence (ISO/IEC 27037:2012) |
EN ISO/IEC 27037 |
CEN and CENELEC |
|
2016 |
Published |
ISO/IEC |
|
|
|
|
|
x |
|
|
x |
x |
x |
|
x |
x |
|
|
|
|
x |
|
x |
|
|
European Standard |
Other available standards |
Information technology - Security techniques - Code of practice for information security controls (ISO/IEC 27002:2013 including Cor 1:2014 and Cor 2:2015) |
EN ISO/IEC 27002 |
CEN and CENELEC |
|
2022 |
Published |
ISO/IEC |
|
|
|
|
|
x |
|
|
x |
x |
x |
|
x |
x |
|
|
|
|
x |
|
x |
|
|
European Standard - 2017 title: Information technology - Security techniques - Code of practice for information security controls (ISO/IEC 27002:2013 including Cor 1:2014 and Cor 2:2015 |
Other available standards |
Industrial communication networks - Network and system security - Part 3-3: System security requirements and security levels |
prEN IEC 62443-3-3 |
CENELEC |
|
2014 |
Published |
IEC |
|
|
|
|
|
x |
|
|
|
x |
x |
|
|
|
|
|
|
|
x |
|
x |
|
|
European Standard |
Transversal |
|
|
|
|
|
|
|
ESCP - Regulatory Processes Work Stream |
EASA |
2021/4Q |
Ongoing |
x |
x |
|
x |
x |
x |
x |
x |
x |
x |
|
|
|
|
x |
x |
x |
x |
|
Coordinating the discussion about Rule Making Task.0720 (aka "horizontal rule") - Implementing Rule NPA June 2019, Opinion 2Q2020 |
Transversal |
Security Services for Aeronautical Communications |
Doc. 10090 |
ICAO |
|
2022 |
Draft |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Information to be completed. |
Other available standards |
Security for industrial automation and control systems - Part 3-2: Security risk assessment and system design |
prEN 62443-3-2 |
CENELEC |
|
2020 |
Published |
IEC |
|
|
|
|
|
x |
|
|
|
x |
x |
|
|
|
|
|
|
|
x |
|
x |
|
|
European Standard |
Transversal |
Security and Privacy Controls for Federal Information Systems and Organizations |
US NIST 800-53 rev.5 |
NIST |
|
2020 |
Published |
|
|
|
|
|
x |
x |
x |
x |
x |
x |
x |
x |
x |
x |
x |
|
x |
x |
x |
x |
|
|
|
|
Other available standards |
Protection profile for trustworthy systems supporting time stamping |
FprEN 419231 |
CEN |
|
2019 |
Ongoing |
|
|
|
|
|
|
|
|
|
|
x |
x |
|
|
|
|
|
|
|
x |
|
x |
|
|
European Standard |
Other available standards |
Industrial-process measurement, control and automation - Evaluation of system properties for the purpose of system assessment - Part 2: Assessment methodology |
EN 61069-2 |
CENELEC |
|
2016 |
Published |
IEC |
|
|
|
|
|
|
|
|
x |
x |
|
|
|
|
|
|
|
|
x |
|
x |
|
|
European Standard |
Requirements |
Information technology - Security techniques - Specification for digital redaction (ISO/IEC 27038:2014) |
EN ISO/IEC 27038 |
CEN and CENELEC |
|
2016 |
Published |
ISO/IEC |
|
|
|
|
|
x |
|
|
x |
x |
x |
|
x |
x |
|
|
|
|
x |
|
x |
|
|
European Standard |
Other available standards |
Industrial-process measurement, control and automation - Evaluation of system properties for the purpose of system assessment - Part 1: Terminology and basic concepts |
EN 61069-1 |
CENELEC |
|
2016 |
Published |
IEC |
|
|
|
|
x |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
European Standard |
Other available standards |
Industrial-process measurement, control and automation - Evaluation of system properties for the purpose of system assessment - Part 3: Assessment of system functionality |
EN 61069-3 |
CENELEC |
|
2016 |
Published |
IEC |
|
|
|
|
|
|
|
|
x |
x |
|
|
|
|
|
|
|
|
x |
|
x |
|
|
European Standard |
Other available standards |
Privacy; Attribute-based encryption for data protection on smart devices, cloud and mobile services |
TS 103 458 |
ETSI /TC CYBER |
|
2018 |
Published |
|
|
|
|
|
|
|
x |
|
|
|
x |
|
|
|
|
|
|
|
|
|
|
|
|
|
Other available standards |
Privacy; introductory guide |
TR 103 370 |
ETSI /TC CYBER |
|
2019 |
Published |
|
|
|
|
|
|
|
x |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Other available standards |
Industrial-process measurement, control and automation - Evaluation of system properties for the purpose of system assessment - Part 5: Assessment of system dependability |
EN 61069-5 |
CENELEC |
|
2016 |
Published |
IEC |
|
|
|
|
|
|
|
|
x |
x |
|
|
|
|
|
|
|
|
x |
|
x |
|
|
European Standard |
Other available standards |
Privacy; Mechanisms for privacy assurance and verification |
Doc. Nb. TS 103 485 |
ETSI /TC CYBER |
|
2019 |
Ongoing |
|
|
|
|
|
|
|
x |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Other available standards |
Global Cyber Security Ecosystem |
Doc. Nb. TR 103 306 Ver. 1.3.1 |
ETSI /TC CYBER |
|
2018 |
Published |
|
|
|
|
|
x |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Other available standards |
Middlebox Security Protocol |
Doc. Nb. TS 103 523-2 |
ETSI /TC CYBER |
|
2019 |
Ongoing |
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
|
|
|
|
|
|
|
|
|
|
|
Other available standards |
Network Gateway Cyber Defence |
Doc. Nb. TR 103 421 Ver. 1.1.1 |
ETSI /TC CYBER |
|
2017 |
Published |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Other available standards |
Critical Security Controls for Effective Cyber Defence; |
Doc. Nb. TR 103 305-4 Ver. 2.1.1 |
ETSI /TC CYBER |
|
2018 |
Published |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
|
|
Other available standards |
Middlebox Security Protocol |
TS 103 523-3 |
ETSI /TC CYBER |
|
2018 |
Published |
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
|
|
|
|
|
|
|
|
|
|
|
Other available standards |
Cryptography: Guide to Identity Based Encryption |
DTR/CYBER-0045 |
ETSI /TC CYBER |
|
2020 |
Ongoing |
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
|
|
|
x |
|
|
|
|
|
|
|
Other available standards |
Quantum-Safe Cryptography |
All published work |
ETSI /TC CYBER |
|
2018 |
Published |
|
|
|
|
|
|
|
|
x |
|
|
|
|
|
|
|
|
x |
|
|
|
|
|
|
|
Other available standards |
Methods and protocols; Part 2: Protocol Framework Definition; Security Counter Measures |
Doc. Nb. TS 102 165-2 |
ETSI /TC CYBER |
|
2019 |
Ongoing |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
x |
|
x |
|
|
|
|
|
Other available standards |
Quantum-Safe Cryptography |
ongoing work |
ETSI /TC CYBER |
|
2019 |
Ongoing |
|
|
|
|
|
|
|
|
x |
|
|
|
|
|
|
|
|
x |
|
|
|
|
|
|
|
Other available standards |
Digital signatures: creation and validation (formats, procedures, sign policies) |
All published work |
ETSI/TC ESI |
|
2019 |
Published |
|
|
|
|
|
|
|
|
|
|
|
x |
|
x |
|
|
|
|
|
|
|
|
|
|
|
Other available standards |
Cyber Security for Consumer Internet of Things |
TS 103 645 |
ETSI /TC CYBER |
|
2019 |
Published |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
|
|
|
|
|
Other available standards |
Critical Infrastructure; ICT Metrics for Identification of CI |
Ref. DTR/CYBER-0024 |
ETSI /TC CYBER |
|
2020 |
Ongoing |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
|
|
Other available standards |
Open Trusted Technology Provider Standard – Mitigating maliciously tainted and counterfeit products – Part 2: Assessment procedures for the O-TTPS and ISO/IEC 20243-1:2018 |
ISO/IEC 20243-2 |
ISO/IEC |
|
2018 |
Published |
IEC |
|
|
|
|
|
x |
|
|
|
|
|
|
x |
|
|
|
|
|
|
|
|
|
|
|
Other available standards |
Digital Signatures: registered electronic mail services |
All published work |
ETSI/TC ESI |
|
2019 |
Published |
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
|
|
|
|
|
|
|
|
|
|
|
Other available standards |
Digital signatures; Trust Service Providers Supporting Digital Signatures (audit req, conformity assessment, protocols for remote signature creation and validation) |
All published work |
ETSI/TC ESI |
|
2019 |
Published |
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
|
|
|
|
|
|
|
|
|
|
|
Other available standards |
Information technology — Security techniques —Vulnerability disclosure |
ISO/IEC 29147 |
ISO/IEC |
|
2020 |
Published |
IEC |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
|
|
ED-206 ISEM is intended to include vulnerability disclosure programme guidance. ED-206 ISEM is intended to provide aviation-specific VDP guidance and this ISO standards provides good interum guidance. |
Other available standards |
Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations |
NIST SP 800-161r1 |
NIST |
|
2022 |
Published |
|
|
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
|
|
|
|
x |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Other available standards |
Zero Trust Architecture |
NIST SP 800-1207 |
NIST |
|
? |
Published |
|
|
|
|
|
x |
x |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Aircraft |
Information security guidance for VTOL and collaborative systems |
ED-305 |
EUROCAE |
WG-112 SG-3 |
December 2024 |
Draft |
|
|
|
|
|
x |
x |
|
|
x |
|
|
|
|
|
|
|
x |
|
|
|
|
|
|
|
Aircraft |
Commercial Aircraft Information Security Concepts of Operation and Process Framework |
ARINC 811 |
ARINC |
|
2005 |
Published |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
|
|
|
|
Old and more of a process framework, so added for the sake of completeness than for relevance. |
Aircraft |
Supplement 2 to ARINC Report 645: Common Terminology and Functions forSoftware Distribution and Loading |
ARINC 645 Supplement 2 |
ARINC |
|
2026 |
Draft |
|
|
|
|
|
|
|
|
|
|
x |
|
|
x |
x |
x |
|
|
|
|
|
|
|
|
MTG18: APIM 23-003 states target date of April/October 2026. Item title needs to be amended to Supplement 2 as the updated version of A645-1
|
Aircraft |
Process management for avionics – Counterfeit prevention – Part 1: Avoiding the use of counterfeit, fraudulent and recycled electronic components |
IEC 62668-1 |
IEC |
|
2019 |
Published |
|
|
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
|
|
|
|
|
|
|
|
|
Aircraft |
Datalink Security Part 1 - ACARS Message Security |
ARINC 823P1 |
ARINC |
|
2007 |
Published |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
|
|
|
|
|
Aircraft |
Aircraft Data Interface Function (ADIF) |
ARINC 834-8 |
ARINC |
|
2021 |
Published |
|
|
|
|
|
|
x |
|
|
|
x |
|
|
|
|
|
|
x |
|
|
|
|
|
|
|
Aircraft |
|
|
|
|
|
|
|
Special Conditions and AMC/GM for VTOL |
EASA |
2021 |
Published |
|
|
|
|
x |
|
|
|
|
|
|
|
x |
x |
x |
x |
x |
|
|
Special Conditions for VTOL includes requirements for cybersecurity for Enhanced Category VTOL |
Aircraft |
Process management for avionics – Management plan – Part 1: Preparation and maintenance of an electronic components management plan |
IEC 62239-1 |
IEC |
|
2018 |
Published |
|
|
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
|
|
|
|
|
|
|
|
Not directly cyber standard but support ED-203A on establishing an ECMP to avoid counterfeit and other suspect components. |
Aircraft |
Guidance for Usage of Digital Certificates |
ARINC 842-1 |
ARINC |
|
2013 |
Published |
|
|
|
|
|
|
|
|
|
|
|
x |
|
x |
x |
|
|
x |
|
|
|
|
|
|
|
Aircraft |
New Practice for Aircraft Systems Information Security Protection |
ASTM F3532 - 22 |
ASTM F44.50 |
|
2022 |
Published |
|
|
|
|
|
x |
|
|
|
x |
|
|
|
|
|
|
|
x |
|
x |
|
|
|
|
|
ATM/ANS |
Security Certification and Declaration of ATM ANS Ground Systems |
ED-205A |
EUROCAE |
WG-72 SG-2 |
2022 |
Published |
RTCA / DO-393 |
|
|
|
|
x |
|
|
x |
x |
x |
x |
x |
|
|
|
|
|
|
x |
x |
|
x |
|
|
ATM/ANS |
Interoperability of Flight Data Processing (Air Traffic Control - Air Traffic Control) for application under the Single European Sky - Interoperability Regulation EC 552/2004 |
CEN/TS 16071 |
CEN |
|
2010 |
Published |
ISO/IEC |
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
|
|
|
|
|
|
|
|
|
Technical Specification |
Aircraft |
Cybersecurity for Propulsion Systems |
SAE AIR7368 |
SAE |
|
September 2023 |
Published |
|
|
|
|
|
|
|
|
|
|
x |
|
|
|
|
|
|
x |
|
|
|
|
|
|
MTG18: Publication |
Aircraft |
Counterfeit Electrical, Electronic, and Electromechanical (EEE) Parts; Avoidance, Detection, Mitigation, and Disposition |
SAE AS 5553D |
SAE |
|
2022 |
Published |
|
|
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
|
|
|
|
|
|
|
|
|
Transversal |
Supplement 3 to ARINC REPORT 667: GUIDANCE FOR THE MANAGEMENT OF FIELD LOADABLE SOFTWARE |
ARINC 667 Supplement 3 |
ARINC |
|
2022 |
Draft |
|
|
|
|
|
|
|
|
|
|
|
|
|
x |
x |
|
|
x |
|
|
|
|
|
|
A667-3 will include requirements for securely managing operation of dataloaders and handling software |
ATM/ANS |
ATM Security Policy - Guidelines for Implementation |
|
EUROCONTROL/NATO |
|
2015 |
Published |
NATO |
|
|
|
|
|
|
|
|
x |
|
|
x |
|
|
|
|
|
|
x |
|
|
|
|
ATM Security Coordination Group, (NEASCOG) |
ATM/ANS |
ATM Security Risk Management Toolkit - Guidance Material - Appendices |
Edition 1.0, September 2010 |
EUROCONTROL |
|
2010 |
Published |
|
|
|
|
|
|
|
|
|
x |
|
|
x |
|
|
|
|
|
|
x |
|
|
|
|
|
ATM/ANS |
Security Management Handbook - A Framework |
Edition 1.0, May 2008 |
EUROCONTROL |
|
2008 |
Published |
|
|
|
|
|
|
|
|
|
x |
|
|
x |
|
|
|
|
|
|
x |
|
|
|
|
|
ATM/ANS |
ATM Security Risk Management Toolkit - Guidance Material |
Edition 1.0, September 2010 |
EUROCONTROL |
|
2010 |
Published |
|
|
|
|
|
|
|
|
|
x |
|
|
x |
|
|
|
|
|
|
x |
|
|
|
|
|
Transversal |
Supplement 1 to ARINC Report 645: Common Terminology and Functions for Software Distribution and Loading |
ARINC 645 Supplement 1 |
ARINC |
|
2021 |
Published |
|
|
|
|
|
|
|
|
|
|
x |
|
|
x |
x |
|
|
x |
|
|
|
|
|
|
Applies to manufacturers and operators. A645-1 includes definition and technical requirements for secure dataloaders. |
Transversal |
Considerations for Digital Twin Technology and Emerging Standards |
NIST IR 8356 |
NIST |
|
2021 |
Draft |
|
|
|
|
|
|
x |
|
|
|
|
|
|
|
|
|
|
x |
|
|
|
|
|
|
|
Transversal |
Guidance On Security Event Management |
ED-206 |
EUROCAE |
WG-72 |
2022 |
Published |
RTCA DO-392 |
|
|
|
|
|
|
|
|
|
x |
|
x |
|
|
|
|
|
|
x |
x |
x |
x |
|
ED-206 on ISEM provides more detailed guidance than F3286-17 and tailloring toward proposed regulation. F3286-17 "Standard Guide for Cybersecurity and Cyberattack Mitigation" by ASTM was published 09-Jul-05. |
Transversal |
Electronic Distribution of Software by Crate (EDS Crate) |
ARINC 827 |
ARINC |
|
2010 |
Published |
|
|
|
|
|
|
|
|
|
|
|
x |
|
x |
x |
|
|
x |
|
|
|
|
|
|
|
Transversal |
Security Risk Assessment for Aeronautical Comm |
Doc.10145 |
ICAO |
|
2022 |
Draft |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Information to be completed. |
Transversal |
Guidance for Aviation Information Security Management Systems |
ED-ISMS |
EUROCAE |
WG-72 |
March 2025 |
Draft |
RTCA DO-ISMS |
|
|
|
|
x |
x |
|
|
x |
x |
x |
|
x |
x |
x |
|
|
x |
|
x |
|
|
|
MTG18 Date |
Transversal |
Cyber Physical Systems Security Hardware Assurance |
JA6801 |
SAE G-32 Cyber Physical Systems Security |
|
2022 |
Draft |
|
|
|
|
|
x |
|
|
|
x |
|
x |
|
x |
|
|
|
x |
|
x |
x |
x |
|
|
|
Transversal |
Cyber Physical Systems Security Engineering Plan |
JA7496 |
SAE G-32 Cyber Physical Systems Security |
|
2022 |
Published |
|
|
|
|
|
x |
|
|
|
x |
|
x |
|
x |
|
|
|
x |
|
x |
x |
x |
|
|
A cross sector Standard for assessing and addressing vulnerabilities of a cyber physical system to ensure security and reslience throghout the lifecyle of the system. |
Other available standards |
Standard Guide for Credentialing for Access to an Incident or Event Site |
ASTM E2842-14 |
ASTM |
|
2014 |
Published |
|
|
|
|
|
|
|
|
x |
|
|
|
|
|
|
|
|
|
|
|
x |
x |
|
|
|
Other available standards |
Protection profiles for secure signature creation device - Part 2: Device with key generation |
EN 419211-2 |
CEN |
|
2013 |
Published |
|
|
|
|
|
|
|
|
|
x |
x |
x |
|
|
|
|
|
|
|
x |
|
x |
|
|
European Standard |
Other available standards |
mobile networks security; 3G, 4G, 5G |
all security work 3G and beyond |
.3GPP SA3 |
|
|
Published |
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
|
|
|
x |
|
|
|
|
|
|
|
Other available standards |
Protection profiles for secure signature creation device - Part 3: Device with key import |
EN 419211-3 |
CEN |
|
2013 |
Published |
|
|
|
|
|
|
|
|
|
|
x |
x |
|
|
|
|
|
|
|
x |
|
x |
|
|
European Standard |
Other available standards |
Security requirements for device for authentication - Part 3: Additional functionality for security targets |
EN 419251-3 |
CEN |
|
2013 |
Published |
|
|
|
|
|
|
|
|
|
|
x |
x |
|
|
|
|
|
|
|
x |
|
x |
|
|
European Standard |
Other available standards |
Protection profiles for secure signature creation device - Part 4: Extension for device with key generation and trusted channel to certificate generation application |
EN 419211-4 |
CEN |
|
2013 |
Published |
|
|
|
|
|
|
|
|
|
|
x |
x |
|
|
|
|
|
|
|
x |
|
x |
|
|
European Standard |
Other available standards |
Security for industrial automation and control systems - Part 4-1: Secure product development lifecycle requirements |
EN IEC 62443-4-1:2018 |
CENELEC |
|
2018 |
Published |
IEC |
|
|
|
|
|
x |
|
|
x |
x |
x |
|
|
|
|
|
|
|
x |
|
x |
|
|
European Standard |
Other available standards |
Security for industrial automation and control systems - Part 4-2: Technical security requirements for IACS components |
FprEN IEC 62443-4-2 |
CENELEC |
|
2019 |
Published |
IEC |
|
|
|
|
|
x |
|
|
|
x |
x |
|
|
|
|
|
|
|
x |
|
x |
|
|
European Standard |
Other available standards |
Protection profiles for secure signature creation device - Part 5: Extension for device with key generation and trusted channel to signature creation application |
EN 419211-5 |
CEN |
|
2013 |
Published |
|
|
|
|
|
|
|
|
|
|
x |
x |
|
|
|
|
|
|
|
x |
|
x |
|
|
European Standard |
Other available standards |
Security for industrial automation and control systems - Part 2-4: Security program requirements for IACS service providers |
prEN 62443-2-4 |
CENELEC |
|
2017 |
Published |
IEC |
|
|
|
|
|
x |
|
|
x |
x |
x |
|
|
|
|
|
|
|
x |
|
x |
|
|
European Standard |
Other available standards |
Information security, cybersecurityand privacy protection — Informationsecurity management systems —Requirements |
EN ISO/IEC 27001 |
CEN and CENELEC |
|
2022 |
Published |
ISO/IEC |
|
|
|
|
|
x |
|
|
x |
x |
x |
|
x |
x |
|
|
|
|
x |
|
x |
|
|
European Standard - 2017 title: Information technology - Security techniques - Information security management systems - Requirements (ISO/IEC 27001:2013 including Cor 1:2014 and Cor 2:2015) |
Other available standards |
Security requirements for device for authentication - Part 2: Protection profile for extension for trusted channel to certificate generation application |
EN 419251-2 |
CEN |
|
2013 |
Published |
|
|
|
|
|
|
|
|
|
|
x |
x |
|
|
|
|
|
|
|
x |
|
x |
|
|
European Standard |
Other available standards |
Information technology - Security techniques - Guidance on assuring suitability and adequacy of incident investigative method (ISO/IEC 27041:2015) |
EN ISO/IEC 27041 |
CEN and CENELEC |
|
2016 |
Published |
ISO/IEC |
|
|
|
|
|
x |
|
|
x |
x |
x |
|
x |
x |
|
|
|
|
x |
|
x |
|
|
European Standard |
Other available standards |
Information technology - Security techniques - Incident investigation principles and processes (ISO/IEC 27043:2015) |
EN ISO/IEC 27043 |
CEN and CENELEC |
|
2016 |
Published |
ISO/IEC |
|
|
|
|
|
x |
|
|
x |
x |
x |
|
x |
x |
|
|
|
|
x |
|
x |
|
|
European Standard |
Other available standards |
Industrial-process measurement, control and automation - Evaluation of system properties for the purpose of system assessment - Part 8: Assessment of other system properties |
EN 61069-8 |
CENELEC |
|
2016 |
Published |
IEC |
|
|
|
|
|
|
|
|
x |
x |
|
|
|
|
|
|
|
|
x |
|
x |
|
|
European Standard |
Other available standards |
Protection measures for ICT in the context of Critical Infrastructure |
Doc. Nb. TR 103 303 Ver. 1.1.1 |
ETSI /TC CYBER |
|
2016 |
Published |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
|
|
Other available standards |
Privacy; Attribute-based encryption for Attribute Based Access Control |
TS 103 532 |
ETSI /TC CYBER |
|
2018 |
Published |
|
|
|
|
|
|
|
x |
|
|
|
x |
|
|
|
|
|
|
|
|
|
|
|
|
|
Other available standards |
Industrial-process measurement, control and automation - Evaluation of system properties for the purpose of system assessment - Part 6: Assessment of system operability |
EN 61069-6 |
CENELEC |
|
2016 |
Published |
IEC |
|
|
|
|
|
|
|
|
x |
x |
|
|
|
|
|
|
|
|
x |
|
x |
|
|
European Standard |
Other available standards |
Critical Security Controls for Effective Cyber Defence; |
Doc. Nb. TR 103 305-1 Ver. 3.1.1 |
ETSI /TC CYBER |
|
2018 |
Published |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
|
|
Other available standards |
Structured threat information sharing |
Doc. Nb. TR 103 331 Ver. 1.1.1 |
ETSI /TC CYBER |
|
2016 |
Published |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
Other available standards |
Security techniques for protecting software in a white box model |
TR 103 642 |
ETSI /TC CYBER |
|
2018 |
Published |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
|
|
|
|
|
Other available standards |
Industrial-process measurement, control and automation - Evaluation of system properties for the purpose of system assessment - Part 7: Assessment of system safety |
EN 61069-7 |
CENELEC |
|
2016 |
Published |
IEC |
|
|
|
|
|
|
|
|
x |
x |
|
|
|
|
|
|
|
|
x |
|
x |
|
|
European Standard |
Other available standards |
Quantum Computing Impact on security of ICT Systems; |
Doc. Nb. EG 203 310 Ver. 1.1.1 |
ETSI /TC CYBER |
|
2016 |
Published |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
|
|
Other available standards |
Implementation of the Network and Information Security (NIS) Directive |
Doc. Nb. TR 103 456 Ver. 1.1.1 |
ETSI /TC CYBER |
|
2017 |
Published |
|
|
|
|
|
|
|
|
|
x |
|
|
|
|
|
|
|
|
|
x |
|
x |
x |
|
|
Other available standards |
Specifying a common interface to transfer sensitive functions to a trusted domain. |
Doc. Nb. TS 103 457 |
ETSI /TC CYBER |
|
2018 |
Published |
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
|
|
|
|
|
|
x |
|
|
|
|
Other available standards |
Secure by Default - platform security technology |
Doc. Nb. TR 103 309 Ver. 1.1.1 |
ETSI /TC CYBER |
|
2015 |
Published |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
|
|
|
|
|
Other available standards |
Middlebox Security Protocol |
TS 103 523-1 |
ETSI /TC CYBER |
|
2019 |
Ongoing |
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
|
|
|
|
|
|
|
|
|
|
|
Other available standards |
Digital signatures: Cryptographic suites |
TS 119 312 |
ETSI/TC ESI |
|
2019 |
Published |
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
|
|
|
x |
|
|
|
|
|
|
|
Other available standards |
Privacy; Identity management and naming schema protection mechanisms |
Doc. Nb. TS 103 486 |
ETSI /TC CYBER |
|
2019 |
Ongoing |
|
|
|
|
|
|
|
x |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Other available standards |
Information Security Indicators |
All published work |
ETSI/ISG ISI |
|
2019 |
Published |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
x |
x |
|
|
|
|
Other available standards |
Digital Signatures: ongoing work (formats, preservation…) |
ongoing work |
ETSI/TC ESI |
|
TBC |
Ongoing |
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
|
|
|
|
|
|
|
|
|
|
|
Other available standards |
Open Trusted Technology Provider Standard – Mitigating maliciously tainted and counterfeit products – Part 1: Requirements and recommendations |
ISO/IEC 20243-1 |
ISO/IEC |
|
2018 |
Published |
|
|
|
|
|
|
x |
|
|
|
|
|
|
x |
|
|
|
|
|
|
|
|
|
|
|
Other available standards |
Critical Security Controls for Effective Cyber Defence; |
Doc. Nb. TR 103 305-3 Ver. 2.1.1 |
ETSI /TC CYBER |
|
2018 |
Published |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
|
|
Other available standards |
Techniques for assurance of digital material used in legal proceedings. |
TS 103 643 |
ETSI /TC CYBER |
|
2019 |
Ongoing |
|
|
|
|
|
|
x |
|
|
|
|
|
|
x |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Transversal |
|
|
|
|
|
|
|
ESCP - Regulatory Processes Work Stream |
EASA |
2021/4Q |
Ongoing |
x |
x |
|
x |
x |
x |
x |
x |
x |
x |
|
|
|
|
x |
x |
x |
x |
|
Coordinating the discussion about Rule Making Task.0720 (aka "horizontal rule") - AMC |
Transversal |
Aeronautical Information System Security (AISS) Framework Guidance |
ED-201A |
EUROCAE |
WG-72 |
2021 |
Published |
RTCA DO-391 |
|
|
|
|
x |
x |
|
|
x |
x |
x |
x |
x |
x |
|
|
x |
|
x |
x |
x |
x |
|
|
Other available standards |
Information technology - Security techniques - Information security management systems - Overview and vocabulary (ISO/IEC 27000:2018) |
prEN ISO/IEC 27000 rev |
CEN and CENELEC |
|
2019 |
Published |
ISO/IEC |
|
|
|
|
x |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
European Standard |
Transversal |
Standard Guide for Cybersecurity and Cyberattack Mitigation |
ASTM F3286-17 |
ASTM |
|
2017 |
Published |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
|
Other available standards |
Industrial-process measurement, control and automation - Evaluation of system properties for the purpose of system assessment - Part 4: Assessment of system performance |
EN 61069-4 |
CENELEC |
|
2016 |
Published |
IEC |
|
|
|
|
|
|
|
|
x |
x |
|
|
|
|
|
|
|
|
x |
|
x |
|
|
European Standard |
Other available standards |
Critical Security Controls for Effective Cyber Defence; |
Doc. Nb. TR 103 305-2 Ver. 4.1.2 |
ETSI /TC CYBER |
|
2022 |
Published |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
|
|
Other available standards |
Critical Security Controls for Effective Cyber Defence; |
TR 103 305-5 |
ETSI /TC CYBER |
|
2018 |
Published |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
|
|
Other available standards |
Design requirements ecosystem |
Doc. Nb. TR 103 369 Ver. 1.1.1 |
ETSI /TC CYBER |
|
2016 |
Published |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
|
|
|
|
|
Other available standards |
Digital Signatures: registered eDelivery services |
All published work |
ETSI/TC ESI |
|
2019 |
Published |
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
|
|
|
|
|
|
|
|
|
|
|
Other available standards |
Methods and protocols; Threat, Vulnerability, Risk Analysis |
Doc. Nb. TS 102 165-1 Ver. 5.2.3 |
ETSI /TC CYBER |
|
2017 |
Published |
|
|
|
|
|
|
|
|
|
x |
|
|
|
|
|
|
|
x |
|
|
|
|
|
|
|
Other available standards |
Digital signatures: formats conformance checkers (free access) |
Sign format conformance checkers |
ETSI/TC ESI |
|
NA |
Published |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Other available standards |
Information technology — Securitytechniques — Information security for supplier relationships — Part 3:Guidelines for information andcommunication technology supplychain security |
ISO/IEC 27036-3 |
ISO/IEC |
|
2013 |
Published |
IEC |
|
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
|
|
|
|
|
|
|
|
|
Aircraft |
Commercial Aircraft Information Security Concepts of Operation and Process Framework |
ARINC 811A |
ARINC |
|
October 2024 |
Draft |
|
|
|
|
|
|
|
|
|
x |
|
|
|
|
|
|
|
|
|
x |
x |
|
|
|
MTG18 |
Other available standards |
Supplement 2 to ARINC Report 827: Electronic Distribution of Software by Crate (EDS Crate) |
ARINC 827-2 |
ARINC |
|
October 2025 |
Draft |
|
|
|
|
|
|
|
|
|
|
|
x |
|
x |
x |
|
|
x |
|
|
|
|
|
|
MTG18: APIM 23-009 has initiated update to A827
|
Aircraft |
Supplement 2 to ARINC Report 835: Guidance for Security of Loadable Software Parts Using Digital Signatures |
ARINC 835-2 |
ARINC |
|
October 2025 |
Draft |
|
|
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
|
x |
|
|
|
|
|
|
|
Aircraft |
Securing Non-Safety SATCOM Communications |
ARINC XXX |
ARINC |
|
October 2026 |
Draft |
|
|
|
|
|
|
x |
x |
|
x |
x |
|
|
|
|
|
|
x |
x |
x |
x |
|
|
|
MTG18: APIM 23-004 has established this activity
|
Aircraft |
Cabin autonomous system secure interconnection |
ARINC 8XX |
ARINC |
|
May 2025 |
Draft |
|
|
|
|
|
|
x |
x |
|
|
|
|
|
|
|
|
|
x |
x |
|
|
|
|
|
MTG18 |
Aircraft |
Aircraft Ground System Software Reception |
ARINC 851 |
ARINC |
|
2024 |
Draft |
|
|
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
|
|
|
|
|
|
|
|
MTG18: APIM 22-004 has established this activity
|
Transversal |
Gatelink Wireless Security Updates |
ARINC 822B |
ARINC |
|
May 2024 |
Draft |
|
|
|
|
|
|
|
|
|
|
x |
|
|
|
|
|
|
|
|
|
|
|
|
|
MTG: APIM 22-003 has established this activity
|
Aircraft |
Minimum Operational Performance Standard (MOPS) for Electronic Flight Bag (EFB) Application |
ED-273 |
EUROCAE |
WG-106 |
August 2021 |
Published |
|
|
|
|
|
|
|
|
|
x |
x |
|
|
|
|
|
|
|
|
x |
|
|
|
|
MTG18 |
Aircraft |
Quality Management Systems - Requirements for Aviation, Space, and Defense Organizations - Deliverable Software (Supplement to 9100:2016) |
AS 9115B |
SAE |
|
|
Draft |
|
|
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
x |
|
|
|
|
|
|
|
MTG18 |
Transversal |
Guidance for securing aviation data |
ED-DSEC-XXX |
EUROCAE |
WG-72 SG-5 |
June 2025 |
Draft |
RTCA SC-216 DO-xxx |
|
|
|
|
|
x |
|
|
x |
x |
x |
x |
x |
|
|
|
|
|
|
|
|
|
|
MTG18 |
Transversal |
Guidance on security event management |
ED-206A |
EUROCAE |
WG-72 SG-3 |
March 2025 |
Draft |
RTCA SC-216 DO-392A |
|
|
|
|
|
|
|
|
x |
|
x |
|
|
|
|
|
|
|
x |
x |
x |
x |
|
MTG18 |
Aircraft |
Standards for Processing Aeronautical Data |
ED-76B |
EUROCAE |
WG-44 |
July 2024 |
Published |
RTCA DO-200C |
|
|
|
|
|
x |
|
|
|
|
|
|
x |
|
|
|
|
|
|
|
|
x |
|
MTG18 |
Aircraft |
Process Specification for Wireless On-Board Avionics Networks |
ED-246 |
EUROCAE |
WG-96 |
July 2017 |
Published |
|
|
|
|
|
|
x |
|
|
x |
x |
|
|
|
|
|
|
x |
|
|
|
|
|
|
MTG18 |
Transversal |
Technical Standard of Aviation Profiles for Internet Protocol Suite |
ED-262A |
EUROCAE |
WG-108 |
December 2024 |
Draft |
RTCA SC-223 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
MTG18 |
Transversal |
Technical Standard of Aviation Profiles for ATN/IPS |
ED-262 |
EUROCAE |
WG-108 |
September 2019 |
Published |
RTCA SC-223 DO-379 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
MTG18 |
Transversal |
MOPS for a Wireless Avionics Intra-Communication System |
ED-319 |
EUROCAE |
|
September 2023 |
Draft |
RTCS SC-236 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
MTG18 |
Aircraft |
FAQ Companion Report to ED-203A |
ER-XXX |
EUROCAE |
WG-72 SG-6 |
June 2025 |
Draft |
SC-216 |
|
|
|
|
x |
x |
|
|
x |
x |
|
|
|
x |
|
|
x |
|
x |
|
|
x |
|
MTG18 |
Aircraft |
Airworthiness Security Methods and Considerations |
ED-203A Change 1 |
EUROCAE |
WG-72 SG-6 |
September 2025 |
Draft |
RTCA SC-216 |
|
|
|
|
x |
x |
|
|
x |
x |
|
|
|
x |
|
|
x |
|
x |
|
|
x |
|
MTG18 |
Aircraft |
Information Security Guidance for Continuing Airworthiness |
ED-204B |
EUROCAE |
WG-72 SG-3 |
March 2027 |
Draft |
SC-216 DO-355B |
|
|
|
|
x |
|
|
x |
|
|
|
|
x |
x |
|
|
|
|
x |
x |
x |
x |
|
MTG18 |
|
Airworthiness Security Process Specification |
ED-202B |
EUROCAE |
WG-72 SG-6 |
September 2024 |
Draft |
RTCA SC-216 DO-326B |
|
|
|
|
x |
|
|
|
x |
x |
|
|
|
|
|
|
x |
|
|
|
|
|
|
MTG18 |
Other available standards |
Information security, cybersecurity and privacy protection — Information security management systems — Requirements |
ISO 27001 |
ISO |
|
October 2022 |
Published |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
|
|
Other available standards |
Information security, cybersecurity and privacy protection — Information security controls |
ISO 27002 |
ISO |
|
February 2022 |
Published |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
|
|
Other available standards |
Information technology – Security techniques – Information security management systems – Overview and vocabulary |
ISO 27000 |
ISO |
|
October 2019 |
Published |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
|
MTG16 |
Other available standards |
Industrial communication networks - Network and system security - Part 3-3: System security requirements and security levels |
ISO/IEC 62443-3-3 |
ISO |
|
April 2014 |
Published |
IEC |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
x |
|
|
|
MTG16 |