Securing Avionics Software for Safety & Certification
Achieving DO-178A Software Assurance
Modern aircraft rely on highly integrated, software-driven avionics systems that must operate safely and reliably over decades. Although vulnerabilities can emerge, avionics software cannot be easily patched or updated with aircraft in service. Manufacturers must ensure software is resilient to conditions—including cybersecurity vulnerabilities—that impact the safe operation of aircraft. This makes software visibility, integrity, and lifecycle control critical to certification and ongoing safety.
Demonstrating compliance with DO-178C requires extensive, repeatable analysis and documentation across the software lifecycle. Automated tools—when qualified under DO-330—generate consistent software visibility, verification evidence, and traceability artifacts, helping accelerate certification while maintaining confidence in safety assurance.
DO-178C& 356A: What Manufacturers Must Demonstrate
Avionics manufacturers and suppliers must align with DO-178C to ensure airborne software is developed, verified, and maintained to the highest levels of safety assurance. This means OEMS are expected to demonstrate:
- A clear software baseline, including requirements, design, and all included components
- Verified software behavior through testing, validation, and verification
- Full traceability between requirements, code, and verification
- Controlled configuration and change management across the software lifecycle
For DO-356a, which is applicable when the manufacturer is lo=oking to get a type certification:
- Each vulnerability, even in COTS, must be evaluated for its “exploitability” metrics (attack complexity, attack vector, scope – and our mitigations drastically reduces the risk
- It also has an objective to correct any vulnerabilities or justify them – and we can be a justification why memory vulnerabilities are not a risk to the system
“From our perspective, adding RunSafe means we have more opportunity to shrink the attack surface and reduce overall risks for our customers since security is now already built into our product.”
How RunSafe Supports Aviation Regulations
RunSafe, as a DO-330 qualified tool, strengthens how manufacturers meet DO-178C by improving software visibility, integrity, and certification evidence—without requiring source code changes.
Define Trusted Software
Establish what the software is, what it does, and what is included
- SBOMs with full visibility into software components and dependencies
- Identifying vulnerabilities and software risk
- Understanding of software composition and attack surface
Assure Software Integrity
Build and rigorously verify that software behaves as expected
- Protects software by randomizing memory and reducing exploitability at runtime
- Verifies with analysis of a build-time SBOM and mapping to vulnerabilities and risk
- Validation and reporting for certification evidence
We also shine in DO-356A objective for Continued Security Effectiveness. This requirement asks for a vuln management system and a security incident response, which we can make easier.
Maintain & Prove Trust
Ensure software remains controlled, traceable, and certifiable
- Tracking of software changes and dependencies across builds
- Tracing and reproducing software builds and their SBOMs
- On-demand reporting to support certification and compliance
A Stroger Cybersecurity Position
RunSafe provides technical evidence and reporting that supports these elements, including artifacts supporting the Certification Evidence Package required for safety systems.
| Component | Supported by RunSafe |
|---|---|
| Software Planning | ** |
| Requirements Development | ✓ |
| Software Design | ✓ |
| Implementation | ✓ |
| Verification and Testing | ✓ |
| Structural Coverage Analysis | ** |
| Configuration Management | ✓ |
| Certification Evidence Package | ✓ |
** Subject to RunSafe customers’ practice
Why RunSafe?
Avionics software must remain safe and certifiable for decades—yet vulnerabilities can emerge at any time and cannot always be patched in-service. RunSafe helps manufacturers by making vulnerabilities non-exploitable through memory randomization and runtime protections, preventing them from impacting system behavior.
By combining this with full software visibility through SBOMs and trusted certification evidence, RunSafe strengthens both software safety assurance and in-service resilience under DO-178C, with the added benefit of tool-qualified outputs that support certification activities.
Latest Resources
Compliance Is a Culture, Not a Snapshot: What It Takes to Make Vehicle Software Road-Ready
Key takeaways Automotive compliance is usually captured as a snapshot at release or audit time, but resilience is a culture sustained across the full lifecycle and into incident response. Traceability tends to break first because it feels like paperwork, and the cost...
Why Continuous SBOM Governance Is the EU CRA’s Real Ask: Q&A with Shane Fry
The EU Cyber Resilience Act is currently top of mind for manufacturers, importers, and distributors across Europe and beyond. For many organizations, the regulation clarifies the distance between having a Software Bill of Materials (SBOM) tool and having an SBOM...
You Can’t Patch Your Way Out of AI-Accelerated Cyber Risk
“Trying to chase one bug at a time” isn’t a cybersecurity strategy, as anyone who has tried to keep up with patch cycles can tell you. Recently, Joe Saunders and Doug Britton joined Paul Ducklin on Exploited: The Cyber Truth for a conversation on what Claude Mythos...