WHAT?

The aircraft risk profile for cyber-attacks has changed significantly with ever-increasing digitisation and connectivity, such as e-enabled aircraft, new generation avionics, and use of Internet Protocol (IP) for internal and external communication. To ensure safety, security, and the protection of aircraft from cyber-attacks, EASA has published ED 2020/006/R to include cybersecurity in all certification specifications (CS-23, CS-25, CS-27, CS-29, CS-APU, CS-E, CS-P, CS-ETSO). In addition, EASA has published Part-IS (Information Security) which will contribute to further improving the cyber-resilience of approved organisations by requiring the implementation of an ISMS (Information Security Management System).

To address the demand of the industry for a consistent practice of security by design for aircraft and to have a harmonised approach in demonstrating compliance with the new aviation cybersecurity rules, EUROCAE WG-72 has developed three standards: ED-202A, ED-203A, and ED-204A. The documents ED-202A and ED-203A provide a standard and guidance for developing aircraft, aircraft systems, and parts from initial design to type certification. ED-204A provides the standard and guidance for maintaining airworthiness of aircraft under consideration of a cybersecurity perspective.

WHY?

• Understand how to use available tools and apply available standards to manage cyber-risk in aviation in a standards-led way.
• Learn key activities and best practices used in auditing and certification.
• Instructors are leading experts on aviation cybersecurity and regulations.
• Share experiences with colleagues from other aviation stakeholders/countries.
• Extensive course handouts including ED-202A, ED-203A, and ED-204A and a handbook that shall serve participants also after the training as a reference.
• Optional distance learning programme to allow flexible training from the comfort of your home or office.
• Certificate of completion of the course.

WHO?

• The course content is structured for all backgrounds in these roles—whether IT with a security background, aviation backgrounds in system, software or hardware development, or aircraft certification.
• Anyone working in a development or certification role exposed to cybersecurity within the design organisations and their suppliers—including design approval holders for Type Certificates in Airplanes, Rotorcraft, Engines, Propellers; design approval holders for Supplemental Type Certificates (STC); Design Approval Holders for (European) Technical Standard Orders (ETSO/TSO); and the suppliers of systems, software, and hardware to any of the Design Approval Holders.
• Anyone working in design organisations in departments issuing Security Operator Guidance or Instructions for Continued Airworthiness, and anyone in airlines, operators, and maintenance, repair, overhaul (MRO) organisations in a cyber capacity—whether IT, operational, or maintenance.
• Anyone working in aviation (airport, ANSP, airline, manufacturing industry (developing, producing, or maintaining aircraft) plus regulatory and industrial audiences, who needs to deal with cybersecurity as part of their day-to-day activities.