ASTM International - Standards Worldwide - Committee F38 on Unmanned Aircraft Systems · 2016. 5. 17. · 1100‐1130: ASTM F38 Standards Development Overview/Discussion – W+12

AUVSI 2015 Conference
08000830: Welcome, agenda review/update, and participant introductions W+12 (F38 Chair)
08300900: FAA UAS Status Update Overview – Jim Williams (FAA UAS Integration Office) 09001015: FAA UAS Status Update Details
Cyrus Roohi and Steve George (FAA UAS Integration Office)
Wes Ryan or Designee (FAA Small Airplane Directorate)

11001130: ASTM F38 Standards Development Overview/Discussion – W+12 (F38 Chairman)
11301200: Operations over people standard update (WK37164) Doug Marshall
12001230: Operational risk assessment standard update (WK49619) – Harrison Wolf (USC)

15301550: Command and control update (F3002)– Phil Kenul (F38 Vice Chairman)
15501610: Pilot/visual observer training update (WK29229)– Scott Strimple
16101630: KState ASTM sUAS standards validation program status Mark Blanks (KSU)
16301645: EVLOS/BVLOS standard update – (WK49620)
16451700: Action item review and wrapup

F38 Approved Standards 1. F2500-07 Standard Practice for Unmanned Aircraft System (UAS) Visual Range Flight
Operations 2. F2512-07 Standard Practice for Quality Assurance in the Manufacture of Light
Unmanned Aircraft System 3. F2585-08 Standard Specification for Design and Performance of Pneumatic-Hydraulic
Unmanned Aircraft 4. F2849-10 Standard Practice for Handling of Unmanned Aircraft Systems at Divert
Airfields 5. F2851-10 Standard Practice for UAS Registration and Marking (Excluding Small
Unmanned Aircraft Systems) 6. F2908-14 Standard Specification for Aircraft Flight Manual (AFM) for a Small Unmanned
Aircraft System (sUAS) 7. F2909-14 Standard Practice for Maintenance and Continued Airworthiness of Small
Unmanned Aircraft Systems (sUAS) 8. F2910-14 Standard Specification for Design and Construction of a Small Unmanned
Aircraft System (sUAS) 9. F2911-14e1 Standard Practice for Production Acceptance of Small Unmanned Aircraft
System (sUAS) 10. F3002-14a Standard Specification for Design of the Command and Control System for
Small Unmanned Aircraft Systems (sUAS) 11. F3003-14 Standard Specification for Quality Assurance of a Small Unmanned Aircraft
System (sUAS) 12. F3005-14a Standard Specification for Batteries for Use in Small Unmanned Aircraft
Systems (sUAS)
F38 Draft Standards 1. WK11425 New Practice for Private Unmanned Aircraft System (UAS) Pilot Practical Test
Standards for Unmanned Aircraft Single-Engine Land (SEL) Remote Control and Autonomous / Semiautonomous (Technical Contact: David Gibbs)
2. WK16285 * New Specification for Specification for Design and Performance of an Unmanned Aircraft System-Class 1320 (550# Gross Weight to 1320# Gross Weight) (Technical Contact: Les Hicks)
3. WK27055 * New Practice for the Registration and Marking of Unmanned Aircraft Systems (Technical Contact: Rocky Gmeiner)
4. WK28019 * New Practice for Selecting sUAS Launch and Recovery (Technical Contact: Joseph Santor)
5. WK29229 * New Practice for Certification of Pilots, Visual Observers, and Instructor Pilots and Training courses for Small Unmanned Aircraft Systems (sUAS) (TC: Scott Morgan)
6. WK31391 * New Specification for Testing of a Small Unmanned Aircraft System (sUAS) (TC: Ted Wierzbanowski)
7. WK37164 * New Specification for Operations Over People (TC: Douglas Marshall) 8. WK49619 New Practice for Operational Risk Assessment (ORA) (TC: Harrison Wolf) 9. WK49620 New Practice for Extended/Beyond Visual Line of Sight Operations (TC: Ted
Wierzbanowski)
Presented by: FAA UAS Integration Office FAA Aircraft Certification Service
Date: May 4, 2015
ASTM Community
Federal Aviation Administration
2 www.faa.gov/uas
Purpose
• Establish a path for the successful development and implementation of ASTM F38 standards for small Unmanned Aircraft Systems (sUAS)
• Help ASTM create quality standards
3 www.faa.gov/uas
• Notice of Proposed New Rulemaking (NPRM)
• FAA Center of Excellence (COE)
• Paths to Flight
• F38 Standards Overview
4 www.faa.gov/uas
• Section 332 – “… a final rule on small unmanned aircraft systems
that will allow for civil operation of such systems in the national airspace”
• Section 333 – Provides authority to establish an interim policy that
bridges the gap between the current state and NAS operations under the sUAS rule
5 www.faa.gov/uas
6 www.faa.gov/uas
“Blanket” Certificate of Waiver or Authorization (COA) • Section 333 exemption holders automatically
receive 200 ft. COA with some restrictions – Operate within visual line of sight (VLOS)
– VFR – VMC Conditions
7 www.faa.gov/uas
8 www.faa.gov/uas
Designated Airworthiness Representatives (DAR)
• DARs can be authorized to issue Special Airworthiness Certificates in the Experimental Category at UAS Test Sites for: – Research and development
– Crew training
– Market survey
9 www.faa.gov/uas
• Operational Limitations
10 www.faa.gov/uas
Proposed Small UAS Rule: Major Provisions
• Major provisions of proposed Small UAS Rule (Part 107): – Operational Limitations
– Operator Certification and Responsibilities
11 www.faa.gov/uas
Proposed Small UAS Rule: Major Provisions (continued)
• Must see and avoid manned aircraft – UAS must be first to maneuver
away if collision risk arises
• Must discontinue flight in event of presenting a hazard to other aircraft, people or property
12 www.faa.gov/uas
– Airspace restrictions
13 www.faa.gov/uas
Proposed Small UAS Rule: Major Provisions (continued)
• May not fly over people, except those directly involved with the operation
• Flights limited to: – 500 feet altitude
– 100 mph
14 www.faa.gov/uas
• Must avoid airport flight paths and restricted airspace areas
• Must obey any FAA Temporary Flight Restrictions (TFRs)
15 www.faa.gov/uas
NPRM and Consensus Standards
• FAA decided that under the NPRM a sUAS would not have to comply with a set of unvalidated consensus standards
• Due to their light weight, small unmanned aircraft generally pose a significantly lower risk to people and property on the ground than manned aircraft
16 www.faa.gov/uas
FAA Center of Excellence (COE)
• To better understand how the aircraft can be integrated into the National Airspace System, the FAA is setting up a COE
17 www.faa.gov/uas
• Experimental Airworthiness
• Type Certification
18 www.faa.gov/uas
Public COA
• Certificate of Authorization or Waiver (COA) are issued for public operation
• Allows a particular UA to operate for a specified purpose, in a specified area
• See www.faa.gov/uas/public_operations/ for more information
19 www.faa.gov/uas
Experimental Certificates
• Process defined in FAA Order 8130.34C – Certificates have been issues to both UAS and OPA*
• Two options for applicants: – Apply to FAA Headquarters, managed by AIR-113
– Apply to UAS Test Sites, managed by geographic MIDO with assistance provided by UAS DARs
*Optionally Piloted Aircraft (OPA) – a manned aircraft that can be flown by a remote pilot from a location not onboard aircraft
20 www.faa.gov/uas
2005 2006 2007 2008 2009 2010 2011 2012 2013 2014
UAS/OPA Experimental Certificates 209 Total: 85 Original & 124 Re-Issue [Through end of 2014]
Original Total
21 www.faa.gov/uas
Type Certification
– Insitu ScanEagle
22 www.faa.gov/uas
• Type certification under § 21.17(b) special class – AC establishes a risk-based decision making process
and explains how existing aircraft design requirements from § § 23, 25, 27, 29, and industry standards (including ASTM) can form a type certification basis for UAS
23 www.faa.gov/uas
• Memorandum of Agreement (MOA)
24 www.faa.gov/uas
• New two year agreement
25 www.faa.gov/uas
- Experimental - TC may be required
Regulated Category (C)
JARUS RPAS 1309
26 www.faa.gov/uas
• Best Practice for preparing an Operational Risk Assessment (ORA)
• Defining requirements and design features necessary for operating UAS at low altitude BVLOS and/or EVLOS
• Defining design features and operational limitations/mitigations for operating sUAS directly over people
27 www.faa.gov/uas
ORA Best Practice
• The Operational Risk Assessment (ORA) is a key component of the certification process outlined in the § 21.17(b) Advisory Circular
• May also be used in experimental airworthiness determination and 333 exemption evaluation
Energy & Size +
28 www.faa.gov/uas
29 www.faa.gov/uas
Standard Comparison
F2355-14 Design and Performance Requirements for Lighter- Than-Air Light Sport Aircraft
Vs.
F2910-14 Design and Construction of a Small Unmanned Aircraft System (sUAS)
30 www.faa.gov/uas
Standards Comparison
31 www.faa.gov/uas
32 www.faa.gov/uas
33 www.faa.gov/uas
33
34 www.faa.gov/uas
FAA Recommends
35 www.faa.gov/uas
36 www.faa.gov/uas
Eliminate Ambiguity
37 www.faa.gov/uas
Define the Standard Pilot-static system is calibrated CFR part 91.411 every 24 months and must comply with appendices E (altimeter) and F (transponder) of part 43. Appendix F of part 43 is applicable only if sUAS is capable of operating a transponder
38 www.faa.gov/uas
Battery F3005-14 Roohi
Identification and Marking Fugate
Small UAS Pilot Qualification Roohi
39 www.faa.gov/uas
FAA AUVSI Schedule
• Legal Updates on the use of sUAS – Tuesday May 4th, 2015 3:30PM B302
• Enabling UAS Capabilities – Wednesday May 5th, 2015 1:00 PM B316
• Press Events – #1 May 5th, 2015 11:00AM Press Room 2
– #2 May 5th, 2015 12:15AM Press Room 2
40 www.faa.gov/uas
41 www.faa.gov/uas
• Standards need to of high quality, definitive and measurable
42 www.faa.gov/uas
Questions/Concerns/New Actions
Dependability of Software of Unknown Pedigree
The MITRE Corporation
Stephen Cook Andy Lacher John Angermayer Drew Buttner Kerry Crouse Ted Lester
Presentation to ASTM F38 May 4th, 2015
Approved for Public Release, Distribution Unlimited.
Case Number: 15-1416. The views, opinions, and/or findings
contained in this paper are those of author(s) and The MITRE
Corporation and should not be construed as an official
Government position, policy, or decision, unless designated by
other documentation. Neither the FAA nor the DOT makes any
warranty or guarantee, or promise, expressed or implied,
concerning the content or accuracy of the views expressed herein.
© 2015 The MITRE Corporation. All rights Reserved.
Agenda
Research Motivation
What is SOUP?
Software of Unknown Pedigree is: – A software item already
developed and/or generally available and has not been developed for the purpose of being incorporated into a safety critical application (sometimes called “off the shelf software”)
OR – A software item previously
developed for which adequate records of the development processes are not available
3
developed in accordance with RTCA DO-178C or MIL-STD-882
Note: We consider “dependability” to encompass
both the safety and security aspects of SOUP
4
Research Question: How can the dependability of Software of Unknown Pedigree (SOUP) be assessed so it can be used in (unmanned) aviation safety- critical applications?
Clash of Cultures: Small UAS Opportunity
5
Entrepreneurial Conservative
Non-traditional aviation software
Research Idea: Analyze and assess processes and techniques from other safety-critical applications where SOUP has been considered or employed
Aviation Medical Nuclear
Desired Results and Impacts
Analytical decomposition of processes and techniques for SOUP in safety-critical applications
Proposed dependability framework for use in aviation
Real-world case studies to evaluate framework
Assessment of potential for use in select aviation domains
Extension to portable avionics and advanced systems with complex, dynamic software
7
certification cost reduction
Shorter development cycle
Ultimate goal: Inform civil and public airworthiness guidance and standards
– FAA
slides instead of actual systems if we
don't use innovation to change cost.
Analysis of Best Practices from Other Industries
Team compared specific SOUP techniques and best practices from other industries
We derived 45 tasks and placed them into a framework with traceability to source documents
Organized by: – Category
Category ID Level Assessment Task Description Security Space Aviation Medical Nuclear Rail
US Use of SOUP
MINIMAL QL Conduct Hazard Analysis
Conduct an analysis to determine the hazards and impacts associated with the potential malfunction, failure, or exploitation of the SOUP. Define the SOUP's intended function. Determine the consequences and possible mitigations for each potential malfunction, failure, threat, or exploitation. Document how the SOUP fails (gracefully or suddenly). The analysis should be conducted in a manner similar to SAE ARP 4761, MILSTD882, or equivalent and should address risk associated with potential security and safety vulnerabilities (e.g., RTCA DO326, Airworthiness Security Process Specification).
BSIMM AM1.3
NASA STC
RTCA DO 278A
IEC 62304; see
Figure 3 page 21.
Category, Level, Assessment
CM Code Metrics 4
CR Code Review 11
EA External Accreditation 5
CM - Code Metrics, 4
CR - Code Review, 11
Organizational Planning Tasks
OP Organization al Planning
OP.4 MAJOR QL Annual SOUP Hazard training
Use of SOUP Tasks
US Use of SOUP
US.2 MINIMAL QL Publish SOUP Integration Plan
US.3 MINIMAL QL Publish SOUP Maintenance Plan
US.4 MINOR QL Perform Market Survey
US.5 MINOR QL Review SOUP functional, interface, and performance requirements
US.6 MINOR QL Document Software Architecture
US.7 MINOR QL Enforce Integration Plan and Track Exceptions
US.8 MINOR QL Enforce SOUP Maintenance Plan
US.9 MINOR QL Neutralize unwanted functionality
US.10 MAJOR QL Utilize User Problem Reporting
US.11 MAJOR QN Document and Review Service History
US.12 MAJOR QN Document and Review Expected and Measured Reliability Metrics
US.13 MAJOR QN Utilize SOUP Wrapper Software
Note:
Code Metrics Tasks
CM Code Metrics
CM.1 MINIMAL QL Assess SOUP size
CM.2 MINOR QN Record and Review Number of Lines of Code
CM.3 MAJOR QN Determine and Review Code Complexity
CM.4 MAJOR QN Record and Review SOUP Anomaly Reports
Code Review Tasks
CR Code Review
CR.3 MINOR QL Conduct Automated Code Analysis
CR.4 MINOR QL Conduct Manual Code Review of key areas
CR.5 MINOR QL Audit SOUP Vendor's Software Life Cycle
CR.6 MINOR QL Audit SOUP Vendor's Coding Standards
CR.7 MAJOR QN Review & traced vendor requirements
CR.8 MAJOR QN Review and trace integrator requirements satisfied by SOUP
CR.9 MAJOR QL Conduct Manual Code Review of entire code
CR.10 MAJOR QN Ensure Adequate Structural Code Coverage
CR.11 MAJOR QL Document System Visualizations
External Accreditation Tasks
EA External Accreditation
EA.2 MINOR QN Perform compliance assessment of SOUP
EA.3 MINOR QL Determine if SOUP complies with any TSOs or has an RSC
EA.4 MINOR QL Evaluate vendor QA process
EA.5 MAJOR QL QA process is Externally Accredited
Testing Tasks
TE Testing
TE.2 MINIMAL QN Test SOUP integrator's requirements
TE.3 MINIMAL QN Use External Penetration Testers
TE.4 MINIMAL QL Conduct Regression Testing
TE.5 MINOR QN Test SOUP vendor's requirements
TE.6 MINOR QN Use Internal Penetration Testing Tools
TE.7 MAJOR QN Perform Periodic Red Teaming
TE.8 MAJOR QN Simulate Software Crisis
Category ID Level Assessment Task Description Security Space Aviation Medical Nuclear Rail
US Use of SOUP
MINIMAL QL Conduct Hazard Analysis
Conduct an analysis to determine the hazards and impacts associated with the potential malfunction, failure, or exploitation of the SOUP. Define the SOUP's intended function. Determine the consequences and possible mitigations for each potential malfunction, failure, threat, or exploitation. Document how the SOUP fails (gracefully or suddenly). The analysis should be conducted in a manner similar to SAE ARP 4761, MILSTD882, or equivalent and should address risk associated with potential security and safety vulnerabilities (e.g., RTCA DO326, Airworthiness Security Process Specification).
BSIMM AM1.3
NASA STC
RTCA DO 278A
IEC 62304; see
Figure 3 page 21.
16
Software Experts
case studies
Partnerships with small UAS vendors
Pursuing analysis with 3 small UAS manufacturers
Select specific safety- critical function implemented with SOUP
Assess SOUP using framework
17
Tech Transfer Opportunities
Recommendation to ASTM F38
Consider SOUP Framework as input for ASTM standard for assessing dependability of software for beyond visual line of sight sUAS safety-critical functions
Benefits to industry 19
Conclusions and Next Steps
Best practices for use of SOUP safety-critical software from other industries reviewed . . .
. . . and distilled into a SOUP dependability framework of 45 tasks
Small UAS present an opportunity to explore solutions to the IT and aviation “clash of cultures” . . .
. . . case studies are underway with small UAS proponents
SOUP Framework will be updated using results of case studies . . .
. . . and MITRE is engaging with ASTM F38 and other key stakeholders in the aviation community
20
THANK YOU
AUVSI Conference
4 May 2015 Ted Wierzbanowski* Chair, ASTM International Committee F38
* This material represents the views and positions of the presenter and not those of ASTM International and/or the entire ASTM F38 Committee
© ASTM International 2
F38 Focus on small UAS (sUAS/sRPAS) History
Other sUAS Standards to be Developed
Harmonizing Standards
Presentation Overview
Combined with our innovative business services they enhance performance and create confidence
Across borders, disciplines, and industries
Harnessing the expertise of over 30,000 members
Across manufacturing and materials, products and processes, systems and services
Touching every part of everyday life: helping our world work better
© ASTM International 05 May 2015 4
Effective and Relevant Around The World
The Role of Standards We rely on our members’ expertise and
commitment – their good science, good engineering and good judgment
Recognizing expertise not geography – 148 countries are represented by our members
Our voluntary consensus process gives everyone an opportunity to participate – ensuring standards are effective and relevant across diverse markets
Our standards help everyone: consumers, businesses, manufacturers, innovators and governments
Embracing all the principles of the World Trade Organization’s Agreement on Technical Barriers to Trade
Incorporated into contracts, regulations, codes, and laws, they support established and emerging economies and free and fair global trade
© ASTM International 05 May 2015 5
Improving Standards and Performance
Continuous Improvement and Added Value Services We recognize the need to meet changing
market needs, regularly reviewing our standards and creating new ones
We also deliver value-added services that enable customers to get the most out of our standards:
ASTM Compass® gives 24/7 access to our content, plus tools to manage, collaborate and learn
Our training, testing and certification programs ensure quality and improve performance
Ultimately, like our founders, we’re ready to innovate, we value good sense, we’re willing to share and be accountable.
Above all – we’re committed to helping our world work better
© ASTM International Choose Insert > Header and Footer to change DateChoose Insert > Header and Footer to change Presentation Title 6
Aviation Standards
Categories
Involvement e.g., FAR Part 103
Regulation by Self- Declaration to FAA-
Recognized Consensus Standards
Light Sport Aircraft
Standards, and Formal TC/PC processes
Consensus Standards are Primary Means of
Establishing Compliance ASTM Committee F37
Exempt from FARs by
A Spectrum of Standards & Regulations:
Vision Routine, safe UAS operations in civil airspace through standardization.
Mission Produce practical, consensus standards that facilitate UAS operations
at an acceptable level of safety. These standards include the design, manufacture, maintenance and operation of unmanned aircraft systems as well as the training and qualification of personnel. Committee F38 supports industry, academia, government organizations and regulatory authorities.
ASTM International Committee F38
- Safe design, construction, test, modification, & inspection of the individual component, aircraft, or system
F38.02 Flight Operations (Mark Blanks) Procedure/performance oriented
Safe employment of the system within the aviation environment among other aircraft & systems
F38.03 Personnel (Scott Morgan) Crew oriented
Safe practices by the individuals responsible for employing the system
History April 2008 – U.S. FAA charters an Aviation Rulemaking Committee
(ARC) to examine a regulatory basis for permitting small Unmanned Aircraft Systems (sUAS) to fly for compensation or hire
ASTM is invited to participate in the ARC
April 2009 – ARC recommendations include reference to the use of industry consensus standards
September 2009 – FAA queries Standards Development Organizations (SDO) for their ability and resources to produce sUAS standards
April 2010 – FAA and ASTM sign a Memorandum of Understanding for the development of standards to support a new rule for sUAS
F38 Focus on small UAS (sUAS/sRPAS)
History (cont) April 2010 to February 2015 – ASTM develops and publishes the
following sUAS standards in support of anticipated sUAS rule Design, construction, and test (F2910)
- Design of the C2 subsystem (F3002) - Use of batteries (F3005)
Production acceptance (F2911)
Quality assurance (F3003)
Aircraft flight manual (F2908)
February 2015 - FAA issues notice of proposed rulemaking (NPRM) that does not reference consensus standards NOTE: the FAA could not tell ASTM that this change happened because of “ex
parte” rules
History (cont) What will be in the final rule is unknown and, depending on comments
received, consensus standards for detailed requirements may still be referenced and/or required
In the meantime, work will continue to improve currently published standards and develop new ones requested by the FAA (following chart)
However, even without changes and/or updates, compliance with the current published standards should facilitate safe operations of sUAS in many of the commercial applications currently being considered by various entities around the world.
Other sUAS Standards to be Developed
Five other standards are also in development that ASTM anticipates will support additional and/or expanded sUAS operations. These include:
Operations over People
Operational Risk Assessments
Certification of Pilots, Visual Observers, and Instructor Pilots and Training Courses
Continued participation in ASTM UAS standards development by sUAS stakeholders is highly encouraged
ASTM leadership and members are also participating in other efforts
US: RTCA
EU: WG-73/93
Harmonizing sUAS Standards
Contact Information
© ASTM International
F38.02.01 Operations Over People 4 May 2015 Doug Marshall Task Group Chair
www.astm.org
www.astm.org
F38.02.01 Operations Over People TG 04 May 2015 Doug Marshall Cat Wrangler
Team Members
Choose Insert > Header and Footer to change DateChoose Insert > Header and Footer to change Presentation Title 3
1 7 Brian Argrow Ben Miller
2 8 Mark Bateson Scott Strimple
3 9 Al Frazier Doug Marshall (Chair)
4 10 Rich Hanson TBD (Georgia Tech?)
5 11 Andy Johnson-Laird TBD (CNN?)
6 12 Paul McDuffee TBD (NIST?)
Changes Since December Meeting New TOR Redefined Scope New Team Member NPRM Language Banning OOP
Introduction
7.0 Content
7.4 Knowledge (Judgment)
7.5 Skills (control)
Key Words
Draft Standard
Use Cases:
For example, using unmanned systems for various aerial shots at the AT&T Stadium in San Francisco is a big project involving multiple aircraft, complex airspace, a large event staff, security, thousands of people in the audience that requires a very detailed plan and precise execution
In contrast to a project of this size, shooting a film project of a couple walking along a beach in Hawaii is a much smaller project, but the steps to mitigate risk remain the same. The only difference is the level of detail and the amount of work required in planning each step.
Terms of Reference (Final)?
Define the system, CONOPS, method of control
Perform an ORA
Identify proposed mitigation strategies
What are we writing to, if Part 107 bars OOP?
§ 333, § 21.17(b), or something else?
New initiative to accommodate BVLOS?
Expected Deliverables
develop the process
Thank you
ASTM F38: Best Practice for Preparing Operational Risk Assessment (ORA) in Support
of Design, Airworthiness & Operations
Group Members
Participants: Heather Harris – MTSI Nick Flom – University of North Dakota, UAS Test Site Thomas Murray – Acute Management Strategies, LLC. Brett Portwood – Federal Aviation Administration Andy Thurling – AeroVironment
Task Lead: Harrison Wolf – University of Southern California
Collaborative Member: Doug Marshall –F38 Best Practices
for Operations over People
Scope
Develop a draft “best practice” standard that defines the process to be followed to prepare the ORA in support of airworthiness, design, or operational approval processes. At a minimum this “best practice” should include the tasks that the applicant must complete to prepare an acceptable ORA along with simple description on how to complete each task. The ORA should consider the type of vehicle, its method of control, its intended mission, its intended area of operation, and the details of potential system failure effects.
Group Goals
• Non-Prescriptive, open to technology change while referencing specific nature of UAS
• Continuous communication and involvement across the group – Weekly Teleconferences
• Accessibility and usability by a spectrum of individuals
Manufacturers • Airworthiness • Risk Analysis • Reliability Data • Type Certifications • 21.17(B) certifications
Manufacturers • Airworthiness • Risk Analysis • Reliability Data • Type Certifications • 21.17(B) certifications
Operators • Certificates of
& Data Collection
& Data Collection
Responsibility
Responsibility
& Evaluation • Test Sites & Delegated
& Evaluation • Test Sites & Delegated
Approval Entities
Reference Documents
EUROCAE ED 78A EUROCONTROL ESARR 4 FAA AC 120-92 FAA AC 23-1309-1E FAA Order 8130.34C, sUAS NPRM FAA Order 8900.1 Volume 16 FAA UAS ARC Recommendation Report ICAO 9859 AN/474 OPNAVINST 3500.39C SAE ARP4754A SAE ARP4761 14 CFR Part 1 14 CFR 401.5
Work Item – April 14, 2015
WK49619
1. Scope
This practice defines the process to be followed to prepare the ORA in support of airworthiness, design, or operational approval processes. At a minimum this practice should include the tasks that the applicant must complete to prepare an acceptable ORA along with simple description on how to complete each task. The ORA should consider the type of vehicle, its method of control, its intended mission, its intended area of operation, and the details of potential system failure effects.
http://www.astm.org/DATABASE.CART/WORKITEMS/WK49619.htm
Functions of the ORM Process Enhance mission or task accomplishment by increasing the probability of success.
Minimize risk to acceptable levels while providing a method to effectively manage resources.
Enhance decision-making skills based on systematic, reasoned and repeatable processes.
Provide systematic structure to perform risk assessments.
Provide an adaptive process for continuous feedback through planning, preparation, and execution.
Identify feasible and effective control measures, particularly where specific standards do not exist.
Sections and Format
1. Definitions Specific to this Standard 2. Introduction to Operational Risk Assessments 3. Components of Risk Assessment 4. Hazard Identification 5. Hazard Assessment – Severity v. Likelihood 6. Analyzing Risk, Interpreting Outputs 7. Defining and Implementing Mitigations 8. Mission & System Configuration Data Collection 9. Safety Assurance Methods?
- Continuous Feedback
Common UAS Hazards (Supports Hazard
Identification Process) • A Short List of common hazards as examples • Not comprehensive, a place to start for understanding unique UAS hazard
identification
– Functional Hazard Assessments – Root Cause Analysis – FMEA – Etc.
Developing Appropriate Mitigations
Identify Hazards Identify Hazards
Assess Risks Assess Risks
Collect Data and
• ASTM Official Document Formatting • BVLOS/EVLOS Definitions
– Timeline Issues • Short Examples for Each Section
Concerns • Do we properly address the full spectrum of those using the Best Practice
in support of their applications?
- sUAS operators wanting to perform basic commercial operations - Very low Kinetic Energy - Store bought UAS
- Manufacturer looking to prove reliability - Operator looking for more
advanced operation access - Higher Kinetic Energy
- Operator looking to perform work in high responsibility environments - Manufacturer looking to
prove reliability of complex system - Very High Kinetic Energy
Concerns
• Do we want to outline practices for Mission configuration and System configuration management, or reference documents that exist delineating mission/system configurations? – Are we being ,too prescriptive?
• Currently have an extensive outline of UAS configuration checks.
Thank You
Contact Information:
Harrison Wolf University of Southern California (O): 310 342 1352 (M): 805 302 8480 Email: [email protected] or [email protected]
www.astm.org
Revision of ASTM F3002-14a (sUAS C2 Design Spec) Summary of Changes, Updates, and Comments
4 May 2015 Ajay Sehgal ASTM International Committee F38
Contents (if Required)
Choose Insert > Header and Footer to change DateChoose Insert > Header and Footer to change Presentation Title 2
1 Major Changes/Updates (1 of 2)
2 Major Changes/Updates (2 of 2)
3 Summary of Voter Comments
• Limited the scope to sUA “within visual line of sight
• Clarified that C2 links can be either analog or digital
• Defined “C2 system”
• Defined “link status”
• Clarified labeling requirements
• Clarified connector requirements
• Clarified cosite RFI requirements
• Clarified link integrity requirements
• Clarified “maximum link range”
• Clarified CS display requirements
• Clarified reduced-range test requirements
Summary of Voter Comments on Original sUAS C2 Design Spec (F3002-14)
• 13 voters • 92 total comments • 6 administrative/editorial comments
• 1 was about a provision regarding metric units that an ASTM editor removed before Jan. 2014 publication of original F3002- 14
• 84 substantive comments • 4 were about the encryption requirement that was removed to
create F3002-14a (published in July 2014)
• 2 negative comments • Both were about the since-removed encryption requirement • Thus, no negative comments remained to be resolved after
F3002-14a was published
Brief History Cadre formed August
Initial Draft
Commercial Operator Applicant
Basic sUA Operator
MTOGW (below 55lbs)
experience validated thru demonstrate ability to operate
outside of the Basic sUA parameters ie. Over People, BLVOS, Class B etc
F38.02.01 for instance
sUA Pilot & Visual
Aircraft ategory
Command Control
1) NO Stick n Rudder 2) Mission Planning
Flight Con Auto Pilo
Pilot’s / Operator’s need different levels of training depending upon:
The type of commercial flight operation
he sUA required pilot/operator skills to assu safety
Relatively low risk to increasingly higher risk
From stick and rudder to semi automatic to fully autonomous
Aeronautical Operational
Regulatory
o meaningful decision making within an SMS envir Development of professional airman mindset
Questions?
F38-02 Subcommittee Chair
SVP: Validation via Certification • K-State proposed:
– Take a representative small UAS through the 14 CFR 21.17(b) airworthiness certification process using the F38 standards as the certification basis
• Certification process will: – Identify gaps in current F38 standards – Help determine appropriate level of rigor to
demonstrate compliance – Highlight major technical and/or process issues – Identify potential for F38 standards to be used as a
certification basis for operations beyond sUAS NPRM
Airframe Selection • UAV Factory Penguin B
– 47 lb MTOW
– External pilot backup
3
CONOPS
• Based on 2009 sUAS ARC Recommendations – Day VFR, visual line-of-sight (VLOS) only
– Below 1,200 feet in Class G
– Below 700 feet within 10 NM of airports
• Some additional considerations for the aircraft type – Limited operations in Class D
– Investigation of BVLOS requirements
Conflict with Non Participating Traffic
D Remote I Catastrophic High (8) Operational Limitations
Command Link Failure B Probable III Moderate Moderate (11) Certification/Testing
Weather Hazards C Occasional III Moderate Moderate (13) Operational Limitations
Engine Failure D Remote II Critical Moderate (14) Certification/Testing
UAS Autopilot Failure D Remote II Critical Moderate (14) Certification/Testing
Human Error D Remote II Critical Moderate (14) Operational Limitations
UAS Flight Control Failure D Remote III Moderate Low (20) None
ATC Communication Failure
Loss of Ability to Track UAS on Radar
D Remote III Moderate Low (20) None
GPS Error/Position Error D Remote III Moderate Low (20) None
UAS Battery/Generator Failure
Risk Mitigations
– Command link
– Propulsion system
– Weather hazards
– Human error
• Secondary Goal: Build gap analysis to identify unknown risks
• Byproduct: Development of modified test methods
Testing
• Near-term focus on environmental tests for the C2 standard to address largest unknowns for the system – Environmental effects on C2 link not well
understood
– Little historical data on environmental effects to UAS
• Command and control reliability and integrity are the foundation for safe operation of sUAS
Testing: Radiated Susceptibility • Background: Radiated susceptibility testing evaluates the
equipment response to externally generated high frequencies (above 100 MHz) such as radiated RF from broadcasting antennas, radio stations, etc.
• Purpose: Determine whether the command and control (C2) equipment will operate acceptably when the equipment and its interconnecting wires are exposed to a radiated RF field.
Testing: Radiated Susceptibility
Testing: Radiated Susceptibility Findings
1. Reproducible susceptibilities within a small frequency range around 190 MHz.
2. Slight difference in susceptible frequency range between engine on/off configurations.
3. Loss of control through GCS, without notification or indication of lost link (multiplexer victim).
4. No susceptibilities between 230 MHz and 18 GHz at medium power levels (75 V/m max)
Testing: Radiated Susceptibility Recommendations
• Design improvements – For example, improve RF shielding of C2 components
(like multiplexer in our case)
• Investigate software vulnerabilities
Testing: Next Steps
F38-02 Subcommittee Chair