DO-355 – Security Levels for Airborne Systems and Equipment Essentials

DO-355 – Security Levels for Airborne Systems and Equipment Essentials Training by Tonex

This in-depth training explores the DO-355 standard, offering essential insights into defining and implementing security levels for airborne systems and equipment. Participants will gain a strong understanding of how DO-355 supports cybersecurity risk mitigation in avionics, from system development through operational deployment. The course addresses vulnerabilities, threat models, and certification pathways, making it indispensable for professionals in aviation and defense sectors. It also highlights how DO-355 reinforces aviation cybersecurity by establishing guidelines that reduce exploitable system weaknesses and enforce compliance with evolving cybersecurity frameworks, thereby strengthening airborne systems against cyber threats.

Audience:

• Cybersecurity Professionals
• Avionics Engineers
• Aerospace Program Managers
• Systems Engineers
• Airworthiness and Certification Specialists
• Aircraft Design and Safety Analysts

Learning Objectives:

• Understand the structure and intent of DO-355
• Learn how security levels are applied in avionics systems
• Evaluate threats and determine appropriate mitigation strategies
• Integrate DO-355 principles into system safety and certification plans
• Align security assurance with regulatory compliance requirements
• Strengthen cybersecurity posture across airborne equipment lifecycles

Course Modules:

Module 1: Introduction to DO-355

• Overview of DO-355 standard
• Background and development context
• Applicability to airborne systems
• Key definitions and terminology
• Relationship with ARP4754/DO-178C
• Security vs. safety considerations

Module 2: Security Assurance Levels

• Purpose of Security Assurance Levels (SALs)
• Determining applicable SALs
• Risk-based approach to SAL selection
• Impact of SALs on system design
• Use of threat modeling in SAL assessment
• Examples of SAL implementation

Module 3: Threat Identification and Analysis

• Common threats to airborne systems
• Threat assessment methodologies
• Role of operational scenarios in threat modeling
• Mapping threats to system components
• Tools for structured threat analysis
• Integrating threat analysis into lifecycle

Module 4: Security Risk Mitigation

• Layered defense principles in avionics
• Applying protection mechanisms
• Secure interface design concepts
• Authentication and data integrity practices
• Minimizing attack surface exposure
• Handling residual security risks

Module 5: Compliance and Certification

• DO-355 compliance process overview
• Regulatory frameworks and standards alignment
• Supporting documentation requirements
• Security verification and validation steps
• Evidence collection and assurance cases
• Working with certification authorities

Module 6: Practical Integration Strategies

• Integrating security in system architecture
• Coordination with development teams
• Leveraging safety processes for security
• Balancing cost and security requirements
• Lifecycle support and maintenance planning
• Case examples of successful integration

Enroll in Tonex’s DO-355 Essentials Training today to advance your understanding of avionics security levels and become a key contributor to the cybersecurity resilience of next-generation airborne systems. Empower your organization to meet compliance standards while protecting critical aerospace assets from cyber threats.