Home' RTCA Documents for Review : DO-356A Contents 20
© RTCA, 2018
conducts unauthorized activity that was not planned by the original system
The word “electronic” differentiates the interaction from physical attacks and is
more easily thought of in the context of being digital in nature. Malware which
results in a failed function is an electronic interaction whereas a hammer is not.
It also differentiates the interaction from electrical attacks, such as overvoltage,
Electro Magnetic Pulse, or jamming through overpowering the transmitter.
The word “interaction” specifies that the event occurs when the attacker and
system act on each other. Note that this refers both to the state of the system and
the state of its security attributes. So while eavesdropping may physically be only
a one-way transmission, it also violates the confidentiality attribute of the
transmitted information and is thus an interaction between the attacker and the
security attributes of the system.
Intentional Unauthorized Electronic Interaction – Some principles
It is difficult to distinguish what is and what is not considered as an unauthorized
interaction, it is easier to conceptualize with the understanding that the ultimate purpose
is to cover malicious attacks that occur through digital means. Below are some
principles to consider in determining whether an event falls within the scope of IUEI.
These principles are based on the ARAC ASISP report .
The event is not the result of a purely physical attack, human error, or equipment
Analog attacks on digital hardware are not electronic interaction, but digital
attacks through analog connections are ("electronic means digital, not electrical").
The event can include digital read (unauthorized access to private data) or write
operations (unauthorized modification of system configuration or function).
It should be understood that cyberattacks can originate from anywhere in the
The event originates with a human actor’s intentional act, such as a programmer
writing malware, or a malicious hacker trying to gain access to connected aircraft
The attack isn’t necessarily restricted to physically or wirelessly connected
systems. (USB flash drives are a common means for attacking isolated
Any and all events attributed to malware, because malicious software has been
developed with the intent to cause harm. Malware is by definition created with
malicious intent and never part of the authorized system behavior. Even if the
actual interaction is difficult to analyze, any event involving the intentional change
of system configuration to an unauthorized configuration has to be regarded as
intentionally unauthorized. Malware is a subset of possible unauthorized
The event is not the result of an accidental introduction of a vulnerability though
configuration or a software defect does not constitute IUEI.
An attempt to utilize a system vulnerability to modify the availability, integrity, or
confidentiality of a system is IUEI.
Intentional Unauthorized Electronic Interaction – Some examples
Some specific examples based on the ARAC ASISP report  are provided below to
assist in developing a comprehensive understanding of IUEI.
Misuse of designed system functionality to avert change or modify system
operation to cause harm or danger.
Personnel with privileged access accidentally introducing malware into a system.
Note that although the access by privileged personnel is authorized and the
accidental introduction of malware is unintentional, the whole interaction needs
to be regarded as intentional and unauthorized due to the malware that takes the
system out of its authorized configuration.
Links Archive Navigation Previous Page Next Page