The European Union Aviation Safety Agency (EASA) has taken an important step towards increasing cybersecurity protection of large aeroplanes and rotorcraft by amending the rules related to the product certification.

These amendments will step up safety on board by mitigating the potential effects of cybersecurity threats which could arise through intentional unauthorised acts of interaction with the aircraft’s on-board electronic networks and systems.

EASA Certification Specifications (CS), Acceptable Means of Compliance (AMC) and Guidance Material (GM) will be updated to reflect the state of the art of the protection of products and equipment against cybersecurity threats. The amendments will also improve harmonisation with the Federal Aviation Administration (FAA) regulations. Overall, it is foreseen that these amendments will improve safety without introducing any negative societal or environmental impact. The economic impact is ranked as limited-to-neutral.

The amendments were approved in ED Decision 2020/006/R – Aircraft cybersecurity, signed on July 1, 2020.