For many years, the word “airworthiness” brought to mind images of torque wrenches, ultrasonic NDT scans, and fatigue cracks in aluminum. However, as we move into 2026, the meaning has changed quite a bit. Thanks to the EASA Part-IS (Information Security) mandate, a corrupted data packet is now treated with the same seriousness as a cracked wing spar.
In an era characterized by fully integrated digital ecosystems, our responsibilities extend beyond merely maintaining aircraft; we are now entrusted with safeguarding the integrity of the digital thread.
The Reality of “Corrupted Airworthiness”
The shift from paper-based to digital technical logs and “Digital Twins” has significantly increased efficiency, but it has also broadened the attack surface. Under Part-IS, CAMO organizations and Lessors need to acknowledge that “Information Security” is now a fundamental component of “Flight Safety.”
Have you ever wondered what makes an aircraft “cyber-unairworthy’? Let’s explore some very realistic scenarios that could happen!
1. Compromised Life-Limited Part (LLP): Consider a sophisticated ransomware attack or a malicious data breach that modifies the back-to-birth (BtB) traces of a critical engine component. If the “cycles remaining” on a turbine disk are digitally altered to indicate 500 remaining cycles instead of 5, the engine could suddenly operate within a zone of catastrophic risk. According to EASA Part-IS, if the integrity of this data cannot be verified, the engine is deemed legally unairworthy.
2. Airworthiness Directive Tampering. Consider a scenario where an unauthorized party gains access to a CAMO’s maintenance tracking system and subtly modifies the compliance status of a mandatory Airworthiness Directive (AD). If the system indicates an AD as “Complied With” when the physical task has not been performed, the aircraft may be operating in a non-compliant state that remains undetectable to the crew yet poses a grave safety risk.
3. Hacked software upload: Modern aircraft rely on Loadable Software Aircraft Parts (LSAP). An unauthorized or compromised upload during a routine avionics update—whether through a compromised ground laptop or a breached server—could introduce latent errors into flight control laws or navigation databases.
The Regulatory Implication: A Grounding Event
Under Part-IS, the burden of proof has shifted, so it’s no longer just about having the data; you also need to demonstrate that the data hasn’t been tampered with.
If a CAMO provider can’t demonstrate a solid “Continuous Chain of Trust” for its digital records, EASA authorities now have a clear framework to revoke the Airworthiness Review Certificate (ARC). To the regulator, data that isn’t protected isn’t reliable. If you can’t trust the record, then it’s just not safe to fly the aircraft.
The CAMO’s New Mission: Data Resilience
At Meton CAMO, we see Part-IS as more than just a bureaucratic requirement; it’s a vital step in ensuring safety. We’re proud to include in our technical management protocols:
• Encrypted Data Handovers: Ensure asset transfers occur through secure, verified channels.
• Immutable Logs: Using technology that promptly detects any unauthorized changes to historical maintenance data, ensuring integrity and trust in the records.
• Cyber-Risk Assessments: seamlessly incorporating IT security audits into our regular CAMO oversight to ensure comprehensive safety.
By 2026, the “Technical File” will become a trustworthy digital fortress. During asset transitions and ownership changes, our main goal is to safeguard the asset’s digital integrity and ensure it is as good as its physical condition.
