wolfSSL to Host Webinar on DO-178C Cryptography
Security firm wolfSSL announced an upcoming webinar on February 25 focused on DO-178C DAL-A certified cryptography for avionics. The session will feature an embedded TLS expert and address the need for high-assurance security in safety-critical aviation systems. The event highlights the increasing intersection of cybersecurity and functional safety in aerospace.
- DO-178C, also known as "Software Considerations in Airborne Systems and Equipment Certification," is the primary standard used by certification authorities like the FAA and EASA to approve software-based aerospace systems. It was jointly developed by the Radio Technical Commission for Aeronautics (RTCA) and the European Organisation for Civil Aviation Equipment (EUROCAE) and released in 2011, replacing the previous DO-178B standard. - The standard defines five Design Assurance Levels (DALs), from A to E, which classify software based on the potential impact of its failure on the aircraft's safety. DAL A is the most stringent level, designated for software whose failure could be catastrophic, leading to loss of the aircraft and fatalities. - For DAL A, the most rigorous testing and verification are required, including achieving Modified Condition/Decision Coverage (MC/DC) during testing. This ensures that every condition in a decision has been tested independently. - wolfSSL's DO-178C certification kit provides traceable artifacts for cryptographic algorithms such as SHA-256, AES, RSA, and ChaCha20-Poly1305, which are crucial for functions like secure boot and secure firmware updates in avionics. - The wolfCrypt cryptography library has also been validated under FIPS 140-2 (and the newer FIPS 140-3), a U.S. government standard for cryptographic modules. This allows for combined FIPS 140-2/DO-178 consumption, meeting both security and safety requirements. - DO-178C is an objective-based standard, meaning it specifies what must be achieved but not how to achieve it. This provides flexibility for developers to use different software development lifecycles and methodologies. - The certification process for systems requiring DO-178C compliance often involves Stages of Involvement (SOI) audits with certification authorities to review the project's adherence to the standard throughout its lifecycle. - While DO-178C is the standard for airborne software, related standards govern other aspects of the system. These include DO-254 for airborne electronic hardware and ARP4754A for the development of civil aircraft and systems.
