Released on: November 28, 2025


In this release, a new Cybersecurity Template: DO-326A Preliminary Security Risk Assessment has been introduced, which is based on the DO-326A standard. The DO-326A standard, titled Airworthiness Security Process Specification, provides guidance for the implementation of an airworthiness cybersecurity process.


DO-326A Preliminary Security Risk Assessment

Cybersecurity engineering is a critical discipline that ensures the safe and secure operation of connected and complex airborne systems. The increasing integration of digital and networked technologies in aviation demands a robust, lifecycle-oriented approach to manage cybersecurity risks. This update implements the DO-326A methodology within the Systems Cybersecurity Designer to enable compliance assessments during the development of avionics systems.

DO-326A, published by RTCA and EUROCAE, defines the process framework for airworthiness security — that is, ensuring that cybersecurity threats do not compromise the safety and continued airworthiness of an aircraft. Its main principles include:

  • A risk-based approach to managing cybersecurity threats to aircraft systems.
  • Lifecycle integration, requiring threat and mitigation analysis from system concept through decommissioning.

The Systems Cybersecurity Designer now enables users to:

  • Model avionics systems for cybersecurity risk assessment, incorporating assets, vulnerabilities, threat scenarios, attack paths, and mitigations in line with DO-326A guidance.
  • Perform a Security Risk Assessment (SRA) and Aircraft System Security Assessment (ASSA) using structured, iterative methodologies.
  • Link safety and cybersecurity analyses, helping teams ensure consistency between security measures and system safety objectives.
  • Produce certification-ready artifacts that demonstrate compliance with DO-326A, and support alignment with DO-355 (Information Security Guidance for Continuing Airworthiness) and DO-356A (Security Methods and Considerations).

By embedding DO-326A methodology into the design workflow, this update empowers aerospace engineers to reduce certification risk, identify security issues early in development, and streamline the path toward regulatory approval.

DO-326A Index.

Documentation