Cybersecurity engineering is a crucial discipline to ensure safe and secure interactions with onboard systems in the increasingly connected and automated Aerospace & Defense Industry. The main challenge lies in maintaining trust in connected systems in a rapidly evolving threat landscape that is growing in complexity.

System Cybersecurity Designer enables engineers to define the Security Scope, potential threats, and attacks, while defining mitigation strategies to ensure system resilience throughout an aircraft lifecycle. The tool is designed to support the RTCA DO-326A/ED-202A standard, offering a structured approach for continuous security risk assessment from system design.

The DO-326A standard, titled Airworthiness Security Process Specification, provides guidance for the implementation of an airworthiness cybersecurity process. It applies to aircraft systems that include embedded software and hardware, ensuring that cybersecurity risks are identified, analyzed, and mitigated throughout the system lifecycle. DO-326A is complemented by related documents like DO-355A (Information Security Guidance for Continuing Airworthiness) and DO-356A (Airworthiness Security Methods and Considerations), forming a framework for managing cyber risks in avionics.

Rather than prescribing specific technologies, DO-326A describes a process-oriented approach to cybersecurity that integrates with safety processes (e.g., ARP4761) and supports certification efforts. It includes methods such as vulnerability identification (Threat Scenarios, Attack Paths), security risk assessment, and threat modeling, ensuring compliance with airworthiness standards. Detecting vulnerabilities at the earliest development stage minimizes the impact on cost and development time.

The Cybersecurity Designer DO-326A enables cybersecurity engineers to:

  • Ensure lifecycle-wide security, integrating cybersecurity from the early stages through maintenance by securing avionics architectures and their interfaces between sub-systems. To achieve this, Cybersecurity engineers define assets, threat scenarios, vulnerabilities, and mitigation strategies.

The Cybersecurity Designer role supports the following core aspects of the DO-326A standard:

  • Security Scope Definition: To begin, Cybersecurity Engineers identify the perimeter of evaluation, its boundaries, and potential vulnerabilities that could compromise the safety of operations due to an attack.
  • Security Risk Assessment: This activity evaluates the likelihood and impact of threat scenarios, enabling the identification of Security Requirements. It is coupled with system safety assessments to ensure coherence between safety and security domains.
  • Security Development Effectiveness (SDE): Based on the severity of the above Security Risk Assessment and its potential threats to airworthiness, the SDE will guide the rigor of the security design and verification activities.


Prerequisites

To install and use the Systems Cybersecurity Designer, ensure that one of the following modeling tools is installed:

  • Magic Cyber Systems Engineer

  • Magic Cyber Systems of Systems Architect

  • Cameo Systems Modeler - Architect Edition

  • Cameo Systems Modeler - Enterprise Edition

  • Cameo Enterprise Architecture

  • Magic Draw (any version) with SysML plugin installed

To learn more about how to download the installation files, refer to Downloading installation files.

To install and use the Systems Cybersecurity Designer, ensure that the following plugins are installed in your modeling tool:

  • Cameo Safety and Reliability Analyzer
  • ISO 26262 plugin