Select All

Aerodrome

Aircraft

ATM/ANS

Other available standards

Requirements

security management systems —

Transversal

Select All

Aeronautical Information System Security (AISS) Framework Guidance

Air Traffic Management - Information security for organisations supporting civil aviation operations

Air Traffic Management - Specification for software assurance levels

Aircraft Data Interface Function (ADIF)

Aircraft Ground System Software Reception

Airworthiness Security Methods And Considerations

Airworthiness Security Methods and Considerations

Airworthiness Security Process Specification

ATM Security Policy - Guidelines for Implementation

ATM Security Risk Management Toolkit - Guidance Material

ATM Security Risk Management Toolkit - Guidance Material - Appendices

Aviation Industry Standards for Digital Information Security

Cabin autonomous system secure interconnection

Commercial Aircraft Information Security Concepts of Operation and Process Framework

Considerations for Digital Twin Technology and Emerging Standards

Counterfeit Electrical, Electronic, and Electromechanical (EEE) Parts; Avoidance, Detection, Mitigation, and Disposition

Critical Infrastructure; ICT Metrics for Identification of CI

Critical Security Controls for Effective Cyber Defence;

Cryptography: Guide to Identity Based Encryption

Cyber Physical Systems Security Engineering Plan

Cyber Physical Systems Security Hardware Assurance

Cyber Physical Systems Software Assurance.

Cyber Security for Consumer Internet of Things

Cybersecurity for Propulsion Systems

Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations

Datalink Security Part 1 - ACARS Message Security

Design requirements ecosystem

Digital signatures: creation and validation (formats, procedures, sign policies)

Digital signatures: Cryptographic suites

Digital signatures: formats conformance checkers (free access)

Digital Signatures: ongoing work (formats, preservation…)

Digital Signatures: registered eDelivery services

Digital Signatures: registered electronic mail services

Digital signatures; Trust Service Providers Supporting Digital Signatures (audit req, conformity assessment, protocols for remote signature creation and validation)

Electronic Distribution of Software by Crate (EDS Crate)

FAQ Companion Report to ED-203A

Fraudulent/Counterfeit Electronic Parts: Avoidance, Detection, Mitigation, and Disposition - Authorized/Franchised Distribution

Fraudulent/Counterfeit Electronic Parts: Avoidance, Detection, Mitigation, and Disposition - Distributors

Gatelink Wireless Security Updates

Global Cyber Security Ecosystem

Guidance for Aviation Information Security Management Systems

Guidance for securing aviation data

Guidance for Security Event Logging in an IP Environment

Guidance for Security of Loadable Software Parts Using Digital Signatures

Guidance for Usage of Digital Certificates

Guidance On Security Event Management

Guidance on security event management

Guidelines for Civil-Military Coordination Information Exchanges

Guidelines for the Oversight of Air Traffic Management Security

ICT Security Guidance

Implementation of the Network and Information Security (NIS) Directive

Industrial communication networks - Network and system security - Part 3-3: System security requirements and security levels

Industrial-process measurement, control and automation - Evaluation of system properties for the purpose of system assessment - Part 1: Terminology and basic concepts

Industrial-process measurement, control and automation - Evaluation of system properties for the purpose of system assessment - Part 2: Assessment methodology

Industrial-process measurement, control and automation - Evaluation of system properties for the purpose of system assessment - Part 3: Assessment of system functionality

Industrial-process measurement, control and automation - Evaluation of system properties for the purpose of system assessment - Part 4: Assessment of system performance

Industrial-process measurement, control and automation - Evaluation of system properties for the purpose of system assessment - Part 5: Assessment of system dependability

Industrial-process measurement, control and automation - Evaluation of system properties for the purpose of system assessment - Part 6: Assessment of system operability

Industrial-process measurement, control and automation - Evaluation of system properties for the purpose of system assessment - Part 7: Assessment of system safety

Industrial-process measurement, control and automation - Evaluation of system properties for the purpose of system assessment - Part 8: Assessment of other system properties

Information Security Guidance For Continuing Airworthiness

Information Security Guidance for Continuing Airworthiness

Information security guidance for VTOL and collaborative systems

Information Security Indicators

Information security, cybersecurity and privacy protection — Information security controls

Information security, cybersecurity and privacy protection — Information security management systems — Requirements

Information security, cybersecurityand privacy protection — Informationsecurity management systems —Requirements

Information technology - Security techniques - Code of practice for information security controls (ISO/IEC 27002:2013 including Cor 1:2014 and Cor 2:2015)

Information technology - Security techniques - Guidance on assuring suitability and adequacy of incident investigative method (ISO/IEC 27041:2015)

Information technology - Security techniques - Guidelines for identification, collection, acquisition and preservation of digital evidence (ISO/IEC 27037:2012)

Information technology - Security techniques - Guidelines for the analysis and interpretation of digital evidence (ISO/IEC 27042:2015)

Information technology - Security techniques - Incident investigation principles and processes (ISO/IEC 27043:2015)

Information technology - Security techniques - Information security management systems - Overview and vocabulary (ISO/IEC 27000:2016)

Information technology - Security techniques - Information security management systems - Overview and vocabulary (ISO/IEC 27000:2018)

Information technology - Security techniques - Specification for digital redaction (ISO/IEC 27038:2014)

Information technology – Security techniques – Information security management systems – Overview and vocabulary

Information technology — Security techniques —Vulnerability disclosure

Information technology — Securitytechniques — Information security for supplier relationships — Part 3:Guidelines for information andcommunication technology supplychain security

Internet Protocol Suite (IPS) for Aeronautical Safety Services

Interoperability of Flight Data Processing (Air Traffic Control - Air Traffic Control) for application under the Single European Sky - Interoperability Regulation EC 552/2004

Intersystem Network Integration

Manual for National ATM Security Oversight

MASPS for AMS(R)S Data and Voice Communications Supporting Required Communications Performance (RCP) and Required Surveillance Performance (RSP)

Methods and protocols; Part 2: Protocol Framework Definition; Security Counter Measures

Methods and protocols; Threat, Vulnerability, Risk Analysis

Middlebox Security Protocol

Minimum Operational Performance Standard (MOPS) for Electronic Flight Bag (EFB) Application

mobile networks security; 3G, 4G, 5G

MOPS for a Wireless Avionics Intra-Communication System

Network Gateway Cyber Defence

New Guide for Best Practices, Minimum Requirements, and General Recommendations for Reliable, Cyber Secure, and Upgradable Security Control Systems

New Practice for Aircraft Systems Information Security Protection

Non-deliverable software requirements

Onboard Secure WiFi Network Profile Standard

Open Trusted Technology Provider Standard – Mitigating maliciously tainted and counterfeit products – Part 1: Requirements and recommendations

Open Trusted Technology Provider Standard – Mitigating maliciously tainted and counterfeit products – Part 2: Assessment procedures for the O-TTPS and ISO/IEC 20243-1:2018

PKI SecurityPolicy

Privacy; Attribute-based encryption for Attribute Based Access Control

Privacy; Attribute-based encryption for data protection on smart devices, cloud and mobile services

Privacy; Identity management and naming schema protection mechanisms

Privacy; introductory guide

Privacy; Mechanisms for privacy assurance and verification

Process management for avionics – Counterfeit prevention – Part 1: Avoiding the use of counterfeit, fraudulent and recycled electronic components

Process management for avionics – Counterfeit prevention – Part 2: Managing electronic components from non-franchised sources

Process management for avionics – Management plan – Part 1: Preparation and maintenance of an electronic components management plan

Process management for avionics – Management plan – Part 2: Preparation and maintenance of an electronic COTS assemblymanagement plan

Process Specification for Wireless On-Board Avionics Networks

Protection measures for ICT in the context of Critical Infrastructure

Protection profile for trustworthy systems supporting time stamping

Protection profiles for secure signature creation device - Part 1: Overview

Protection profiles for secure signature creation device - Part 2: Device with key generation

Protection profiles for secure signature creation device - Part 3: Device with key import

Protection profiles for secure signature creation device - Part 4: Extension for device with key generation and trusted channel to certificate generation application

Protection profiles for secure signature creation device - Part 5: Extension for device with key generation and trusted channel to signature creation application

Protection profiles for secure signature creation device - Part 6: Extension for device with key import and trusted channel to signature creation application

Quality Management Systems - Requirements for Aviation, Space, and Defense Organizations - Deliverable Software (Supplement to 9100:2016)

Quality Management Systems - Requirements for Aviation, Space, andDefense Organizations - Deliverable Software (Supplement to 9100:2016)

Quantum Computing Impact on security of ICT Systems;

Quantum-Safe Cryptography

Reg ATM/ANS conformity for approval of organisations

Reg ATM/ANS conformity for product

Reg Cyber Resilience Act

Reg NIS 2 Directive

Reg PART-IS (AR OR)

Reg PART-IS (DOA POA Airports)

Reg Resilience of critical entities

Requirements for a COTS Assembly Management Plan

Requirements for an Electronic Components Management Plan

Secure by Default - platform security technology

Secure Dialog Service Tech Manual / ConOps / Guidance

Securing Non-Safety SATCOM Communications

Security and Privacy Controls for Federal Information Systems and Organizations

Security Certification and Declaration of ATM ANS Ground Systems

Security for industrial automation and control systems - Part 2-4: Security program requirements for IACS service providers

Security for industrial automation and control systems - Part 3-2: Security risk assessment and system design

Security for industrial automation and control systems - Part 4-1: Secure product development lifecycle requirements

Security for industrial automation and control systems - Part 4-2: Technical security requirements for IACS components

Security Management Handbook - A Framework

Security requirements for device for authentication - Part 1: Protection profile for core functionality

Security requirements for device for authentication - Part 2: Protection profile for extension for trusted channel to certificate generation application

Security requirements for device for authentication - Part 3: Additional functionality for security targets

Security Risk Assessment for Aeronautical Comm

Security Risk Assessment Methodology for SESAR 2020 (SecRAM 2.0 + corresponding catalogue)

Security Services for Aeronautical Communications

Security techniques for protecting software in a white box model

Specifying a common interface to transfer sensitive functions to a trusted domain.

Standard Guide for Credentialing for Access to an Incident or Event Site

Standard Guide for Cybersecurity and Cyberattack Mitigation

Standards for Processing Aeronautical Data

Structured threat information sharing

Supplement 1 to ARINC Report 645: Common Terminology and Functions for Software Distribution and Loading

Supplement 2 to ARINC Report 645: Common Terminology and Functions forSoftware Distribution and Loading

Supplement 2 to ARINC Report 827: Electronic Distribution of Software by Crate (EDS Crate)

Supplement 2 to ARINC Report 835: Guidance for Security of Loadable Software Parts Using Digital Signatures

Supplement 3 to ARINC REPORT 667: GUIDANCE FOR THE MANAGEMENT OF FIELD LOADABLE SOFTWARE

Supply Chain Management Handbook

Technical Standard of Aviation Profiles for ATN/IPS

Technical Standard of Aviation Profiles for Internet Protocol Suite

Techniques for assurance of digital material used in legal proceedings.

Zero Trust Architecture

Select All

All published work

all security work 3G and beyond

ARINC 645 Supplement 1

ARINC 645 Supplement 2

ARINC 667 Supplement 3

ARINC 687

ARINC 688

ARINC 811

ARINC 811A

ARINC 822B

ARINC 823P1

ARINC 827

ARINC 827-2

ARINC 834-8

ARINC 835-1

ARINC 835-2

ARINC 842-1

ARINC 851

ARINC 852

ARINC 858

ARINC 8XX

ARINC XXX

AS 9115B

AS 9125

ASTM E2842-14

ASTM F3286-17

ASTM F3532 - 22

ASTM WK44589

ATA 42 rev 2020.1

CEN/TS 16071

CEN/TS 16501

Doc. 10090

Doc. 10094

Doc. 10095

Doc. Nb. EG 203 310 Ver. 1.1.1

Doc. Nb. TR 103 303 Ver. 1.1.1

Doc. Nb. TR 103 305-1 Ver. 3.1.1

Doc. Nb. TR 103 305-2 Ver. 4.1.2

Doc. Nb. TR 103 305-3 Ver. 2.1.1

Doc. Nb. TR 103 305-4 Ver. 2.1.1

Doc. Nb. TR 103 306 Ver. 1.3.1

Doc. Nb. TR 103 309 Ver. 1.1.1

Doc. Nb. TR 103 331 Ver. 1.1.1

Doc. Nb. TR 103 369 Ver. 1.1.1

Doc. Nb. TR 103 421 Ver. 1.1.1

Doc. Nb. TR 103 456 Ver. 1.1.1

Doc. Nb. TS 102 165-1 Ver. 5.2.3

Doc. Nb. TS 102 165-2

Doc. Nb. TS 103 457

Doc. Nb. TS 103 485

Doc. Nb. TS 103 486

Doc. Nb. TS 103 523-2

Doc.10145

DTR/CYBER-0045

ED-201A

ED-202A

ED-202B

ED-203A

ED-203A Change 1

ED-204A

ED-204B

ED-205A

ED-206

ED-206A

ED-242C

ED-242D

ED-246

ED-262

ED-262A

ED-273

ED-305

ED-319

ED-76B

ED-DSEC-XXX

ED-ISMS

Edition 1.0, May 2008

Edition 1.0, September 2010

Edition 3.0, December 2016

EN 16495

EN 419211-1

EN 419211-2

EN 419211-3

EN 419211-4

EN 419211-5

EN 419211-6

EN 419251-1

EN 419251-2

EN 419251-3

EN 61069-1

EN 61069-2

EN 61069-3

EN 61069-4

EN 61069-5

EN 61069-6

EN 61069-7

EN 61069-8

EN IEC 62443-4-1:2018

EN ISO/IEC 27000

EN ISO/IEC 27001

EN ISO/IEC 27002

EN ISO/IEC 27037

EN ISO/IEC 27038

EN ISO/IEC 27041

EN ISO/IEC 27042

EN ISO/IEC 27043

ER-XXX

EUROCONTROL-GUID-183

FprEN 419231

FprEN IEC 62443-4-2

IEC 62239-1

IEC 62668-1

IEC 62668-2

IEC TS 62239-2

ISO 27000

ISO 27001

ISO 27002

ISO/IEC 20243-1

ISO/IEC 20243-2

ISO/IEC 27036-3

ISO/IEC 29147

ISO/IEC 62443-3-3

JA6678

JA6801

JA7496

NIST IR 8356

NIST SP 800-1207

NIST SP 800-161r1

ongoing work

Oversight of ATM

prEN 62443-2-4

prEN 62443-3-2

prEN IEC 62443-3-3

prEN ISO/IEC 27000 rev

Ref. DTR/CYBER-0024

SAE AIR7368

SAE AS 5553D

SAE AS 6081

SAE AS 6496

SAE AS 9115A

SAE EIA 993C

SAE EIA STD 4899C

SCMH 7.19 Cybersecurity

Sign format conformance checkers

TR 103 305-5

TR 103 370

TR 103 642

TS 103 458

TS 103 523-1

TS 103 523-3

TS 103 532

TS 103 643

TS 103 645

TS 119 312

US NIST 800-53 rev.4

US NIST 800-53 rev.5

Select All

.3GPP SA3

ARINC

ASTM

ASTM F44.50

ATA (now A4E)

CEN

CEN and CENELEC

CENELEC

ETSI /TC CYBER

ETSI/ISG ISI

ETSI/TC ESI

EUROCAE

EUROCONTROL

EUROCONTROL/NATO

IAQG

ICAO

IEC

ISO

ISO/IEC

NIST

SAE

SAE G-32 Cyber Physical Systems Security

SESAR 2020

Select All

WG-106

WG-108

WG-112 SG-3

WG-44

WG-72

WG-72 SG-2

WG-72 SG-3

WG-72 SG-5

WG-72 SG-6

WG-82

WG-96

Select All

2005

2007

2008

2010

2012

2013

2014

2015

2016

2017

2018

2019

2020

2021

2022

2024

2026

?

April 2014

August 2021

December 2024

February 2022

July 2017

July 2024

June 2023

June 2024

June 2025

March 2025

March 2027

May 2024

May 2025

NA

October 2019

October 2022

October 2024

October 2025

October 2026

September 2019

September 2023

September 2025

TBC

TBD

Select All

Draft

Ongoing

Published

Select All

IEC

ISO/IEC

NATO

RTCA / DO-393

RTCA DO-200C

RTCA DO-326A

RTCA DO-343D

RTCA DO-343E

RTCA DO-355A

RTCA DO-356A

RTCA DO-391

RTCA DO-392

RTCA DO-ISMS

RTCA SC-216

RTCA SC-216 DO-326B

RTCA SC-216 DO-392A

RTCA SC-216 DO-xxx

RTCA SC-223

RTCA SC-223 DO-379

RTCS SC-236

SC-216

SC-216 DO-355B

Select All

ATM/ANS conformity for approval of organisations

ATM/ANS conformity for product

Cyber Resilience Act

ESCP - Regulatory Processes Work Stream

NIS 2 Directive

PART-IS (AR OR)

PART-IS (DOA POA Airports)

Resilience of critical entities

Rule Making Task.0648

Special Conditions and AMC/GM for VTOL

Select All

EASA

European Union

Select All

2020

2021

2021/4Q

2022

2023

2024

Select All

Ongoing

Published

Select All

x

Select All

x

Select All

x

Select All

x

Select All

x

Select All

x

Select All

x

Select All

x

Select All

x

Select All

x

Select All

x

Select All

x

Select All

x

Select All

x

Select All

x

Select All

x

Select All

x

Select All

x

Select All

X

Yes

Select All

A cross sector Standard for assessing and addressing vulnerabilities of a cyber physical system to ensure security and reslience throghout the lifecyle of the system.

A667-3 will include requirements for securely managing operation of dataloaders and handling software

Applies to manufacturers and operators. A645-1 includes definition and technical requirements for secure dataloaders.

ATM Security Coordination Group, (NEASCOG)

Coordinating the discussion about Rule Making Task.0720 (aka "horizontal rule") - AMC

Coordinating the discussion about Rule Making Task.0720 (aka "horizontal rule") - Implementing Rule NPA June 2019, Opinion 2Q2020

Details are captured in EASCG RDP (www.eascg.eu).

ED-206 ISEM is intended to include vulnerability disclosure programme guidance. ED-206 ISEM is intended to provide aviation-specific VDP guidance and this ISO standards provides good interum guidance.

ED-206 on ISEM provides more detailed guidance than F3286-17 and tailloring toward proposed regulation. F3286-17 "Standard Guide for Cybersecurity and Cyberattack Mitigation" by ASTM was published 09-Jul-05.

European Standard

European Standard - 2017 title: Information technology - Security techniques - Code of practice for information security controls (ISO/IEC 27002:2013 including Cor 1:2014 and Cor 2:2015

European Standard - 2017 title: Information technology - Security techniques - Information security management systems - Requirements (ISO/IEC 27001:2013 including Cor 1:2014 and Cor 2:2015)

Focus on detention facility cyber security requirements - may have relevance to aerodrome security

Information to be completed.

Internal S2020 standard

MTG16

MTG18

MTG18 Date

MTG18: APIM 22-004 has established this activity

MTG18: APIM 23-003 states target date of April/October 2026. Item title needs to be amended to Supplement 2 as the updated version of A645-1

MTG18: APIM 23-004 has established this activity

MTG18: APIM 23-009 has initiated update to A827

MTG18: Publication

MTG19

MTG19 Referencing to the EASA Basic regulation and amending previous regulation (EU) 2018/1139.

MTG: APIM 22-003 has established this activity

Not directly cyber standard but support ED-203A on establishing an ECMP to avoid counterfeit and other suspect components.

Old and more of a process framework, so added for the sake of completeness than for relevance.

Special Conditions for VTOL includes requirements for cybersecurity for Enhanced Category VTOL

Technical Specification

Update of Certification Specifications and AMC to include Cybersecurity objectives and considerations for products. Certification specification CS-25, CS-23, CS-29, CS-27, CS-P, CS-E, CS-ETSO and AMC 2042 NPA 1Q2019 ED 2020/006/R released updating CS-23, CS-25, CS-27, CS-29, CS-E, CS-P, CS-APU, CS-ETSO and Part 21. Issue of AMC 20-42