Aerospace systems are getting more connected, more software-defined, and more complex, while certification expectations for safety and security/cybersecurity keep rising. That’s a tough combination for any supply chain: OEMs and suppliers must exchange growing volumes of safety/security artifacts, keep them consistent as designs evolve, and still produce auditable evidence.
ASCEND was launched to tackle exactly that challenge through digital engineering, MBSE/MBSA, and a pragmatic focus on how safety and security evidence can be connected and exchanged.
After twelve months of intensive groundwork, we completed the first year of ASCEND, a key milestone that sets the technical foundations for what comes next.
What is the ASCEND Project?
ASCEND (Aerospace Safety-Certifiable Engineering and Networked Development) is a multi-partner initiative led by Boeing Aerospace Spain, bringing together OEM/integrator and supplier perspectives with specialists in safety engineering and cybersecurity.
The project targets a practical industry need: improving how safety and security information is created, maintained, and exchanged across the aircraft development lifecycle, using model-based engineering as the backbone for traceability and collaboration.
Consortium roles at a glance:
- OEM / integrator (Boeing): defines system architecture and requirements and ultimately owns certification evidence integration.
- Supplier (Clue): brings the realities of equipment-level development and RAMS evidence generation.
- Safety/MBSE-MBSA specialist (ANZEN): contributes methods, metamodeling/taxonomy know-how, and safety/RAMS expertise to shape workflows and tooling.
- Cybersecurity specialist (DLT Code): develops the security side, including safety-security alignment and threat-propagation concepts.
- Research support (IMDEA Software, UPM/CEI): contributes research inputs, including MBSE/MBSA reviews and verification-focused expertise.
Key Project Objectives
- Create a common model-based framework for Safety & Security: So safety/security can be treated consistently across engineering domains and organizations.
- Enable a “digital thread” for certification-relevant artifacts: Connecting requirements, architecture, interfaces, and safety/security outputs to reduce disconnects and rework as designs change.
- Support and streamline safety/security analysis with a toolset: Identifying toolchain needs and integration points for more repeatable, less manual workflows.
- Explore advanced analysis methods across safety and cybersecurity
Including approaches that help anticipate emergent behaviors and security-driven safety impacts. - Validate the approach on a representative OEM-supplier use case
So that the methods remain grounded in real development constraints and evidence expectations.
ANZEN’s Role in ASCEND
At ANZEN, we support ASCEND with a mix of safety engineering, MBSE/MBSA, and digitalization know-how, with a strong focus on making methods usable and traceable in real programs.
During Year 1, ANZEN focused on the foundations: aligning standards, framing the model-based approach, and shaping how safety/reliability/cybersecurity concepts can live inside system models (rather than staying trapped in disconnected documents). We researched and developed the following areas during the annuity:
- SysML v2 extension & taxonomy approach to encode safety, reliability, and cybersecurity analysis needs within the system model.
- Contribution to state-of-the-art and standards mapping, feeding the next work packages and interoperability decisions.
- Tooling strategy support (in-house and/or via tool-vendor collaboration frameworks) to keep digital workflows industrializable.
- Safety/RAMS expertise to help shape workflows around FHA/FMEA/FTA and reliability expectations as the use case matures.
Technical Progress in Year 1
1) Building the foundations: standards, methods, and the “common language”
Year 1 concentrated on understanding what already exists (standards, methods, and tooling) so the project can build additions that fit real certification ecosystems.
What we achieved during the year
- Completed E1.1, consolidating the state of the art across systems engineering, safety, and security standards relevant to aerospace (with core focus on ARP4754B, ARP4761A, DO-326/DO-356, and additional references reviewed).
- Performed a metamodel trade study and selected UML as the modeling language satisfying the defined requirements for the Safety Assessment Metamodel ontology, plus created guidelines to support interoperability with other languages.
- Started a toolchain exploration to understand market alternatives and infrastructure needs for safety/cyber workflows.
Why it matters
- A shared baseline across standards and terminology is the difference between “yet another framework” and a method that can actually be adopted across OEMs, suppliers, and regulators.
- Early metamodel decisions reduce downstream integration risk when multiple organizations exchange model-based artifacts.
2) From scope to execution: defining the use case and the digital thread blueprint
ASCEND is intentionally use-case driven. In Year 1, the consortium defined the reference scenario and the boundaries that will anchor future prototypes and demonstrations.
What we achieved in Year 1
- Delivered E1.2, capturing the use case description and planning, including methods, processes, and tools to be applied.
- Selected the Wheel Brake System (WBS) as the representative OEM-supplier use case (as referenced in E1.2).
- Defined the intended interaction between MBSE (SysML v2) and simulation models to support early validation and safety artifact linkage.
- Aligned on the need for consistency by documenting acronyms and key terms for cross-partner usage.
Why it matters
- A well-scoped use case prevents “framework drift” and keeps research outputs measurable against a real engineering workflow.
- Defining how models and artifacts connect is the prerequisite for credible, auditable traceability later on.
3) Safety meets security: aligning two worlds early (without forcing false simplicity)
Modern aircraft development can’t afford a split-brain approach: safety and cybersecurity influence each other, particularly as software and connectivity expand. ASCEND sets out to connect them through model-based methods and shared representations.
What we achieved in Year 1
- Established a project scope that explicitly includes Safety & Security integration and the need for modeling standards at their interfaces with system development.
- Framed cybersecurity technical directions (e.g., threat-propagation concepts) as part of the use-case planning.
- Positioned Year-1 standards work to feed future gap analysis and ensure that model customizations cover required safety/security processes.
Why it matters
- Treating security as an afterthought creates late certification surprises; treating it as a first-class modeling concern makes safety/security co-analysis feasible.
4) Tooling and automation: choosing paths that can scale across the supply chain
A model-based approach only becomes industrial when the toolchain supports collaboration, exchange, and repeatability.
What we achieved in Year 1
- Conducted a first toolchain trade study and identified it as the backbone for future versions as ASCEND progresses.
- Put in place a collaboration framework concept with tool vendors so project feedback can flow into real tools (without locking the project to a single stack).
- In the use-case planning, defined multiple technical paths (e.g., SysML-based modeling plus simulation/calculation approaches) to keep the solution grounded in industry workflows.
Why it matters
- Interoperability and workflow automation are essential if OEM-supplier exchanges are to be faster and more reliable than today’s document-driven processes.
Year 1 Results at a Glance
- WP1 – E1.1 delivered: state-of-the-art on standards/methods/emergent technologies.
- WP1 – E1.2 delivered: use case description & planning (methods, processes, tools applied).
- Metamodel trade study completed: UML selected for the Safety Assessment Metamodel ontology; interoperability guidelines prepared.
- Toolchain trade study completed (baseline): initial market/infrastructure understanding + path for iterative updates.
- Use case scoped: Wheel Brake System (WBS) selected as the OEM-supplier reference scenario.
- Common vocabulary reinforced: acronyms and key terms consolidated for consistent cross-partner communication.
- Roadmap continuity ensured: Year-1 outputs positioned as inputs for WP2 metamodel development and downstream customizations/gap analysis.
Lessons Learned and What’s Next
- A “digital thread” is as much about governance and definitions as it is about tools. Without a shared vocabulary, traceability breaks quickly.
- Metamodel choices need to be justified by requirements and interoperability constraints (hence the value of explicit trade studies).
- Use-case clarity is a forcing function: it keeps standards work and tooling decisions tied to real artifacts and exchanges.
- Safety-security integration must start early at the modeling interface, not at the final documentation stage.
Next steps (Year 2)
- Build on Year-1 foundations to develop the metamodel work (WP2) and use it to drive consistent model customizations.
- Advance standards for information exchange between integrator and supplier (WP3), aligning with the digital thread vision.
- Progress the connection between platform-level and equipment/system artifacts (WP4) so traceability can span abstraction layers.
- Continue maturing safety-and-cyber methodologies (WP5) and prepare the path to proof-of-concept demonstrations (WP6 later in the project).
Closing
The first year in ASCEND’s development was about building credible foundations: understanding the standards landscape, making deliberate metamodel/tooling choices, and defining a use case that keeps the work anchored in real OEM-supplier exchanges.
At ANZEN, we’re proud to have been able to contribute our safety/MBSE-MBSA and digitalization expertise to help turn these foundations into repeatable, auditable workflows.
Project co-funded by the Community of Madrid and the European Regional Development Fund (ERDF) under the ERDF Programme of the Community of Madrid 2021–2027.
About the author
Jon González is an aerospace engineer and innovation management specialist with experience in technology strategy, R&D program leadership, and strategic development across the aerospace and defense sectors.
At Anzen Engineering, Jon serves as Head of Technical Office and Strategic Development, where he leads the alignment between technical capabilities, innovation roadmaps, and business growth. His work focuses on structuring and advancing strategic initiatives, supporting national and international R&D collaborations, and strengthening ANZEN’s positioning in model-based engineering, safety, reliability, security, and certification programs.
