Home' RTCA Documents for Review : DO-356A Contents 21
© RTCA, 2018
A person compromising a system by unintentional improper use of the system,
such as reducing or deactivating security controls enables an attack that would
constitute an IUEI on this system.
Use of a communication device to corrupt data communication (by interception,
insertion or destruction, etc.) or test the access possibilities until a way of
corruption is found.
Capturing user information in an undetected manner (passively) and worse to
subsequently use it for malicious purpose
Rate‐based attacks which saturate the systems resources or communication
buses to inhibit function.
Unauthorized use of another user’s identification characteristics to obtain access
rights and privileges.
Execution of forbidden operations that damage system functions, or corrupt the
data handled by the functions, causing misuses and unrecoverable reactions.
Misuse of a provided functionality so as to damage or alter data in a manner to
impact normal operation.
System delivery or installation in a manner that intentionally undermines security.
Use of properly authorized rights to perform actions contrary to the user's
authorized activities such as modification of privileges contrary to the operational
policies of the owner or authorized operator.
Hidden software installed by a malicious person, including trojans, viruses,
worms, bots, etc.
Malware that waits for a specific event (often referred to as a time‐bomb) after
which it executes its payload.
Mimicking the behavior of a real system (referred to as spoofing) to deceive an
Gaining access to a system by encroaching on someone else’s privilege or
identity for bypassing access controls (a form of man‐in‐the‐middle attack).
Gaining access to a system from outside a protected domain by impersonating
or spoofing a trusted machine inside the protected domain. Once accepted as a
trusted machine, the user may be able to corrupt function or data.
Port scans and other interrogation techniques which identify networked systems
for the purpose of identifying available services and possible system
A memory resident virus which is incorporated into operational software code in
order to corrupt a function.
Malware on a maintenance computer developed by a non‐aviation party that ends
up on the computer because the user of the computer has access to the internet
and downloads an inappropriate executable (.exe) file. The “intent” is captured in
the development of the malware.
An Electro Magnetic Pulse event is excluded as outside the scope of IUEI and
ASSET PROTECTION SCOPE
This section discusses the topic of what logical or physical resources should be
protected from a safety hazard classification viewpoint. Assets with a safety hazard
classification of Major and above should be protected and this guidance should be used
to address those assets. Assets, by the definition used in this document (see §1.6) must
“contribute to the airworthiness of the aircraft” so logical and physical resources with a
safety hazard classification of No Safety Effect are normally excluded from further
consideration and placed out of the security scope. Protecting a system or an equipment
with a safety hazard classification of No Safety Effect or even Minor may be
unnecessary in some implementations. These systems generally do not need protection
for the sake of aircraft airworthiness due to their limited impact to the aircraft, although
they may require protection for their own sake in order to function in their anticipated
Links Archive Navigation Previous Page Next Page