Guidelines and Considerations Around ED-203A / DO-356A Security Refutation Objectives

This report offers further guidelines and considerations to the security refutation objectives described within the following two technically identical documents:

  • ED-203A “Airworthiness Security Methods and Considerations”, European Organisation for Civil Aviation Equipment (EUROCAE)

  • DO-356A “Airworthiness Security Methods and Considerations”, Radio Technical Commission for Aeronautics (RTCA)

Refutation is described within ED-203A / DO-356A as follows:

Refutation acts as an independent set of assurance activities beyond analysis and requirements. As an alternative to exhaustive testing, refutation can be used to provide evidence that an unwanted behavior has been precluded to an acceptable level of confidence. NOTE: Refutation is also known as Security Evaluation in some contexts.” [ taken from ED-203A / DO-356A].

The main part of the report summarizes how refutation activities fit into the associated Airworthiness Security Process. In addition, a series of guidelines and considerations for including a Refutation Test Plan within a Plan for Security Aspects of Certification (PSecAC) is presented. Annexes are then provided to cover additional guidelines for specific refutation activities. This version of the report includes Annex A, which covers “Fuzz Testing”.