RTCA DO-326A, titled “Airworthiness Security Process Specification,” provides guidance for handling the threat of intentional, malicious interference with aircraft systems. It outlines compliance objectives and data requirements for aircraft and airborne equipment manufacturers, and examines the interactions between security and safety.
DO-326A covers such things as navigation and terrain awareness warning databases, though it doesn’t provide specific direction on how to implement required safeguards. Instead, it mandates a process under which all threat scenarios and use cases are identified and adequate measures are put in place to mitigate them. Under DO-326A, a system integrator deploying any new avionics, such as a navigation system, onto an aircraft must demonstrate that they have protection measures in place and that they’ve identified the necessary aircraft and security perimeters to mitigate against a malicious actor.