INTEGRITY AND ASSURANCE LEVELS FOR THE OPERATIONAL SAFETY OBJECTIVES (OSOs)
The following Table E.1 provides the basic principles to consider when using SORA Annex E.
|
|
Principle description |
Additional information |
|
#1 |
Annex E provides assessment criteria for the integrity (i.e. safety gain) and assurance (i.e. method of proof) of OSOs proposed by an applicant. |
The identification of OSOs for a given operation is the responsibility of the applicant. |
|
#2 |
Annex E does not cover the LoI of the competent authority. Lol is based on the competent authority’s assessment of the applicant’s ability to perform the given operation. |
|
|
#3 |
To achieve a given level of integrity/assurance, when more than one criterion exists for that level of integrity/assurance, all applicable criteria need to be met. |
|
|
#4 |
‘Optional’ cases defined in SORA main body Table 6 do not need to be defined in terms of integrity and assurance levels in Annex E. |
All robustness levels are acceptable for OSOs for which an ‘optional’ level of robustness is defined in Table 6 ‘Recommended OSOs’ of the SORA main body. |
|
#5 |
When the criteria to assess the level of integrity or assurance of an OSO rely on ‘standards’ that are not yet available, the OSO needs to be developed in a manner acceptable to the competent authority. |
|
|
#6 |
Annex E intentionally uses non-prescriptive terms (e.g. suitable, reasonably practicable) to provide flexibility to both the applicant and the competent authorities. This does not constrain the applicant in proposing mitigations, nor the competent authority in evaluating what is needed on a case-by-case basis. |
|
|
#7 |
This annex in its entirety also applies to single‑person organisations. |
|
Table E.1 – Basic principles to
consider when using SORA Annex E
E.2 OSOs related to technical issues with the UAS
OSO #01 — Ensure that the UAS operator is competent and/or proven
|
TECHNICAL ISSUE WITH THE UAS |
Level of
integrity |
|||
|
Low |
Medium |
High |
||
|
OSO #01 Ensure that the UAS operator is competent and/or proven |
Criteria |
The applicant is knowledgeable of the UAS being used and as a minimum has the following relevant operational procedures: checklists, maintenance, training, responsibilities, and associated duties. |
Same as low. In addition, the applicant has an organisation appropriate1 for the intended operation. Also, the applicant has a method to identify, assess, and mitigate the risks associated with flight operations. These should be consistent with the nature and extent of the operations specified. |
Same as medium. |
|
Comments |
N/A |
1 For the purpose of this
assessment, ‘appropriate’ should be interpreted as commensurate
with/proportionate to the size of the organisation and the complexity of the
operation. |
N/A |
|
|
TECHNICAL ISSUE WITH THE UAS |
Level of
assurance |
|||
|
Low |
Medium |
High |
||
|
OSO #01 Ensure that the UAS operator is competent and/or proven |
Criteria |
The elements delineated in the level of integrity are addressed in the ConOps. |
Prior to the first operation, the competent authority of the MS or an entity that is designated by the competent authority performs an audit of the organisation. |
The applicant holds an organisational operating certificate (e.g LUC) or has a recognised flight test organisation. In addition, the competent authority of the MS or an entity that is designated by the competent authority verifies the UAS operator’s competencies. |
|
Comments |
N/A |
N/A |
N/A |
|
OSO #02 — UAS designed and produced by a competent and/or proven entity
|
TECHNICAL ISSUE WITH THE UAS |
Level of integrity |
|||
|
Low |
Medium |
High |
||
|
OSO
#02 UAS designed
and produced by a competent and/or proven entity |
Criteria
for design |
As a
minimum, design documentation covers: (a) the specification of the materials; and (b) the suitability and durability of the
materials used. |
Same
as low. In
addition, design documentation also covers: (a) the configuration control; and (b) identification and traceability. |
The
design organisation complies with Subpart J of Annex I (Part 21) to
Regulation (EU) No 748/2012. |
|
Criteria
for production |
As a
minimum,production procedures cover the processes necessary to allow for
repeatability in manufacturing, and conformity within acceptable tolerances. |
Same
as low. In addition, production procedures also cover: (a) the configuration control; (b) the verification of incoming products,
parts, materials, and equipment; (c) identification and traceability; (d) in-process and final inspections &
testing; (e) the control and calibration of tools; (f) handling and storage; and (g) the control of non-conforming items. |
The production
organisation complies with the organisational requirements that are defined
in Subpart F or G of Annex I (Part 21) to Regulation (EU)
No 748/2012. |
|
|
Comments |
N/A |
N/A |
N/A |
|
|
TECHNICAL ISSUE WITH THE UAS |
Level of assurance |
|||
|
Low |
Medium |
High |
||
|
OSO #02 UAS designed and produced by a competent and/or proven entity |
Criteria for design |
The specifications, suitability and durability of the materials are declared against a standard recognised by the competent authority and/or in accordance with means of compliance acceptable to the competent authority. |
Same as low. In addition, evidence is available that the UAS has been designed in accordance with design procedures. The competent authority should request the applicant to use a UAS for which EASA has verified the claimed integrity through a DVR. |
Same as medium. In addition, the competent authority should request the applicant to operate a UAS designed by an organisation approved by EASA according to Subpart J of Annex I (Part 21) to Regulation (EU) No 748/2012. |
|
Criteria for production |
The declared production procedures are developed to a standard that
is considered adequate by the competent authority that issues the
operational authorisation and/or in accordance with a means of compliance
acceptable to that authority. |
Same as low. In addition, evidence is available that the UAS has been produced in conformance with its design. |
Same as medium. In addition |
|
|
Comments |
N/A |
N/A |
N/A |
|
OSO #03 — UAS maintained by competent and/or proven entity
|
TECHNICAL ISSUE WITH THE UAS |
Level of
integrity |
|||
|
Low |
Medium |
High |
||
|
OSO #03 UAS maintained by a competent and/or proven entity (e.g. industry standards) |
Criteria |
(a) The UAS maintenance instructions are defined, and, when applicable, cover the UAS designer’s instructions and requirements. (b) The maintenance staff is competent and has received an authorisation to carry out UAS maintenance. (c) The maintenance staff use the UAS maintenance instructions while performing maintenance. |
Same as low. In addition: (a) Scheduled maintenance of each UAS is organised and in accordance with a maintenance programme. (b) Upon completion, the maintenance log system is used to record all the maintenance conducted on the UAS, including releases. A maintenance release can only be accomplished by a staff member who has received a maintenance release authorisation for that particular UAS model/family. |
Same as medium. In addition, the maintenance staff work in accordance with a maintenance procedure manual that provides information and procedures relevant to the maintenance facility, records, maintenance instructions, release, tools, material, components, defect deferral, etc. |
|
Comments |
N/A |
N/A |
N/A |
|
|
TECHNICAL ISSUE WITH THE UAS |
Level of
assurance |
|||
|
Low |
Medium |
High |
||
|
OSO #03 UAS maintained by a competent and/or proven entity (e.g. industry standards) |
Criterion #1 (Procedure) |
(a) The maintenance instructions are documented. (b) The maintenance conducted on the UAS is recorded in a maintenance log system1/2. (c) A list of the maintenance staff authorised to carry out maintenance is established and kept up to date. |
Same as low. In addition: (a) The maintenance programme is developed in accordance with standards considered adequate by the competent authority of the MS and/or in accordance with a means of compliance acceptable to that authority. In addition, if the UAS has a DVR or a (R)TC, the maintenance programme includes the scheduled maintenance requirements developed as part of the design. (b) A list of the maintenance staff with maintenance release authorisation is established and kept up to date. |
Same as medium. In addition, the maintenance programme and the maintenance procedures manual are validated by the competent authority of the MS or by an entity that is designated by the competent authority. |
|
Comments |
1 The objective is to record
all the maintenance performed on the aircraft, and why it is performed
(rectification of defects or malfunctions, modifications, scheduled
maintenance, etc.). 2 The maintenance log may be
requested for inspection/audit by the approving authority or an authorised
representative. |
N/A |
N/A |
|
|
Criterion #2 (Training) |
A record of all the relevant qualifications, experience and/or training completed by the maintenance staff is established and kept up to date. |
Same as low. In addition: (a) The initial training syllabus and training standard, including theoretical/practical elements, duration, etc., is defined and is commensurate with the authorisation held by the maintenance staff. (b) For staff that hold a maintenance release authorisation, the initial training is specific to that particular UAS model/family. (c) All maintenance staff have undergone initial training. |
Same as medium. In addition: (a) A programme for the recurrent training of staff holding a maintenance release authorisation is established; and (b) This programme is validated by the competent authority of the MS or by an entity that is designated by the competent authority. |
|
|
Comments |
N/A |
N/A |
N/A |
|
OSO #04 — UAS developed to authority recognised design standards
|
TECHNICAL ISSUE WITH THE UAS |
Level of
integrity |
|||
|
Low |
Medium |
High |
||
|
OSO #04 UAS developed to authority recognised design standards |
Criteria |
The UAS is designed to standards considered adequate by the competent authority and/or in accordance with a means of compliance acceptable to that authority. The standards and/or the means of compliance should be applicable to a low level of integrity and the intended operation. |
The UAS is designed to standards considered adequate by the competent authority and/or in accordance with a means of compliance acceptable to that authority. The standards and/or the means of compliance should be applicable to a medium level of integrity and the intended operation. |
The UAS is designed to standards considered adequate by the competent authority and/or in accordance with a means of compliance acceptable to that authority. The standards and/or the means of compliance should be applicable to a high level of integrity and the intended operation. |
|
Comments |
In case
of experimental flights that investigate new technical solutions, the
competent authority may accept that recognised standards are not met. |
|||
|
TECHNICAL ISSUE WITH THE UAS |
Level of
assurance |
|||
|
Low |
Medium |
High |
||
|
OSO #04 UAS developed to authority recognised design standards |
Criteria |
The competent authority should request the applicant to use a UAS for which EASA has verified the claimed integrity through a DVR. |
The competent authority should request the applicant to use a UAS for which EASA has issued a type certificate or restricted type certificate in accordance with Annex I (Part 21) to Regulation (EU) No 748/2012 |
The competent authority should request the applicant to use a UAS for which EASA has issued a type certificate or restricted type certificate in accordance with Annex I (Part 21) to Regulation (EU) No 748/2012 |
|
Comments |
N/A |
N/A |
N/A |
|
OSO #05 — UAS is designed considering system safety and reliability
This OSO complements:
(a) the safety requirements for containment defined in the main body; and
(b) OSO #10 and OSO #12, which only address the risk of a fatality while operating over populated areas or assemblies of people.
|
TECHNICAL ISSUE WITH THE UAS |
Level of
integrity |
|||
|
Low |
Medium |
High |
||
|
OSO #05 UAS is designed considering system safety and reliability |
Criteria |
The equipment, systems, and installations are designed to minimise hazards1 in the event of a probable2 malfunction or failure of the UAS. |
Same as low. In addition, the strategy for detection, alerting and management of any malfunction, failure or combination thereof, which would lead to a hazard, is available. |
Same as medium. In addition: (a) Major failure conditions are not more frequent than remote3; (b) Hazardous failure conditions are not more frequent than extremely remote3; (c) Catastrophic failure conditions are not more frequent than extremely improbable3; and (d) SW and AEH whose development error(s) may cause or contribute to hazardous or catastrophic failure conditions are developed to an industry standard or a methodology considered adequate by EASA and/or in accordance with means of compliance acceptable to EASA4. |
|
Comments |
1 For the purpose of this
assessment, the term ‘hazard’ should be interpreted as a failure condition
that relates to major, hazardous, or catastrophic consequences. 2 For the purpose of this
assessment, the term ‘probable’ should be interpreted in a qualitative way
as ‘anticipated to occur one or more times during the entire
system/operational life of a UAS’. |
N/A |
3 Safety objectives may be
derived from JARUS AMC RPAS.1309 Issue 2 Table 3 depending on the kinetic
energy assessment made in accordance with Section 6 of EASA policy
E.Y013-01. 4 Development assurance levels
(DALs) for SW/AEH may be derived from JARUS AMC RPAS.1309 Issue 2 Table 3
depending on the kinetic energy assessment made in accordance with Section 6
of EASA policy E.Y013-01. |
|
TECHNICAL ISSUE WITH THE UAS |
Level of
assurance |
|||
|
Low |
Medium |
High |
||
|
OSO #05 UAS is designed considering system safety and reliability |
Criteria |
A functional hazard assessment1 and a design and installation appraisal that show that hazards are minimised, are available. |
Same as low. In addition: (a) Safety analyses are conducted in line with standards considered adequate by the competent authority and/or in accordance with a means of compliance acceptable to that authority. (b) A strategy for the detection of single failures of concern includes pre-flight checks. The competent authority should request the applicant to use a UAS for which EASA has validated the claimed integrity through a DVR. |
The competent authority should request the applicant to use a UAS for which EASA has issued a type certificate or restricted type certificate in accordance with Annex I (Part 21) to Regulation (EU) No 748/2012. |
|
Comments |
1 The severity of failure
conditions (no safety effect, minor, major, hazardous and catastrophic)
should be determined according to the definitions provided in JARUS AMC
RPAS.1309 Issue 2. |
N/A |
N/A |
|
OSO #06 — C3 link characteristics (e.g. performance, spectrum use) are appropriate for the operation
(a) For the purpose of the SORA and this specific OSO, the term ‘C3 link’ encompasses:
(1) the C2 link; and
(2) any communication link required for the safety of the flight.
(b) To correctly assess the integrity of this OSO, the applicant should identify the following:
(1) The performance requirements for the C3 links necessary for the intended operation.
(2) All the C3 links, together with their actual performance and RF spectrum usage.
Note: The specification of the performance and RF spectrum for a C2 Link is typically documented by the UAS designer in the UAS manual.
Note: The main parameters associated with the performance of a C2 link (RLP) and the performance parameters for other communication links (e.g. RCP for communication with ATC) include, but are not limited to, the following:
(i) the transaction expiration time;
(ii) the availability;
(iii) the continuity; and
(iv) the integrity.
Refer to the ICAO references for definitions.
(3) The RF spectrum usage requirements for the intended operation (including the need for authorisation if required).
Note: Usually, countries publish the allocation of RF spectrum bands applicable in their territories. This allocation stems mostly from the International Communication Union (ITU) Radio Regulations. However, the applicant should check the local requirements and request authorisation when needed since there may be national differences and specific allocations (e.g. national sub-divisions of ITU allocations). Some aeronautical bands (e.g. AM(R)S, AMS(R)S 5030-5091MHz) were allocated for potential use in UAS operations under the ICAO scope for UAS operations classified as cat. C (‘certified’), but their use may be authorised for operations under the ‘specific’ category. It is expected that the use of other licensed bands (e.g. those allocated to mobile networks) may also be authorised under the ‘specific’ category. Some un-licensed bands (e.g. industrial, scientific and medical (ISM) or short-range devices (SRDs)) may also be acceptable under the ‘specific’ category; for instance, for operations with lower integrity requirements.
(4) Environmental conditions that might affect the performance of C3 links.
|
TECHNICAL ISSUE WITH THE UAS |
Level of
integrity |
|||
|
Low |
Medium |
High |
||
|
OSO #06 C3 link characteristics (e.g. performance, spectrum use) are appropriate for the operation |
Criteria |
(a) The applicant determines that the performance, RF spectrum usage1 and environmental conditions for C3 links are adequate to safely conduct the intended operation. (b) The remote pilot has the means to continuously monitor the C3 performance and ensures that the performance continues to meet the operational requirements2. |
Same as low3. |
Same as low. In addition, the use of licensed4 frequency bands for C2 Links is required. |
|
Comments |
1 For a low level of
integrity, unlicensed frequency bands might be acceptable under certain
conditions, e.g.: (a) the
applicant demonstrates compliance with other RF spectrum usage requirements
(e.g. Directive 2014/53/EU), by showing that the UAS equipment is compliant
with these requirements; and (b) the
use of mechanisms to protect against interference (e.g. FHSS, frequency
de-confliction by procedure). 2 The remote pilot has
continual and timely access to the relevant C3 information that could affect
the safety of flight. For operations requesting only a low level of
integrity for this OSO, this could be achieved by monitoring the C2 link
signal strength and receiving an alert from the UAS HMI if the signal
strength becomes too low. |
3 Depending on the operation,
the use of licensed frequency bands might be necessary. In some cases, the
use of non‑aeronautical bands (e.g. licensed bands for cellular network) may
be acceptable. |
4 This ensures a minimum level
of performance and is not limited to aeronautical licensed frequency bands
(e.g. licensed bands for cellular network). Nevertheless, some operations
may require the use of bands allocated to the aeronautical mobile service for
the use of C2 Link (e.g. 5030 – 5091 MHz). In any case, the use of licensed
frequency bands needs authorisation. |
|
|
TECHNICAL ISSUE WITH THE UAS |
Level of
assurance |
|||
|
Low |
Medium |
High |
||
|
OSO #06 C3 link characteristics (e.g. performance, spectrum use) are appropriate for the operation |
Criteria |
The applicant declares that the required level of integrity has been achieved. |
The competent authority should request the applicant to use a UAS for which EASA has verified the claimed integrity through a DVR. |
The competent authority should request the applicant to use a UAS for which EASA has issued a type certificate or restricted type certificate in accordance with Annex I (Part 21) to Regulation (EU) No 748/2012. |
|
Comments |
N/A |
N/A |
N/A |
|
OSO #07 — Inspection of the UAS (product inspection) to ensure consistency with the ConOps
The intent of this OSO is to ensure that the UAS used for the operation conforms to the UAS data used to support the approval/authorisation of the operation.
|
TECHNICAL ISSUE WITH THE UAS |
Level of
integrity |
|||
|
Low |
Medium |
High |
||
|
OSO #07 Inspection of the UAS (product inspection) to ensure consistency with the ConOps |
Criteria |
The remote crew ensures that the UAS is in a condition for safe operation and conforms to the approved ConOps.1 |
||
|
Comments |
1 The distinction between a
low, a medium and a high level of robustness for this criterion is achieved
through the level of assurance (see the table below). |
|||
|
TECHNICAL ISSUE WITH THE UAS |
Level of
assurance |
|||
|
Low |
Medium |
High |
||
|
OSO #07 Inspection of the UAS (product inspection) to ensure consistency with the ConOps |
Criterion #1 (Procedures) |
Product inspection is documented and accounts for the manufacturer’s recommendations, if available. |
Same as low. In addition, the product inspection is documented using checklists. |
Same as medium. In addition, the product inspection procedures are validated by the competent authority of the MS or by an entity that is designated by the competent authority. |
|
Comments |
N/A |
N/A |
N/A |
|
|
Criterion #2 (Training) |
The remote crew is trained to perform the product inspection, and that training is self-declared (with evidence available). |
(a) A training syllabus including a product inspection procedure is available. (b) The UAS operator provides competency-based, theoretical and practical training. |
The competent authority of the MS or an entity that is designated by the competent authority: (a) validates the training syllabus; and (b) verifies the remote crew competencies. |
|
|
Comments |
N/A |
N/A |
N/A |
|
E.3 OSOs related to operational procedures
|
OPERATIONAL PROCEDURES |
Level of
integrity |
|||
|
Low |
Medium |
High |
||
|
OSO #08, OSO #11, OSO #14 and OSO #21 |
Criterion #1 (Procedure definition) |
(a) Operational procedures1 appropriate for the proposed operation are defined and, as a minimum, cover the following elements: (1) Flight planning; (2) Pre- and post-flight inspections; (3) Procedures to evaluate the environmental conditions before and during the mission (i.e. real-time evaluation); (4) Procedures to cope with unexpected adverse operating conditions (e.g. when ice is encountered during an operation not approved for icing conditions); (5) Normal procedures; (6) Contingency procedures (to cope with abnormal situations); (7) Emergency procedures (to cope with emergency situations); (8) Occurrence-reporting procedures; and (b) The limitations of the external systems supporting the UAS operation2 are defined in an OM. |
||
|
Comments |
1
Operational procedures cover the deterioration of the UAS itself and any
external system supporting the UAS operation. To properly address the deterioration of external systems
required for the operation, it is recommended to: (a) identify these
‘external systems’; (b) identify the
modes of deterioration of the ‘external systems’ (e.g. complete loss of
GNSS, GDOP/PDOP, latency issues, etc.) which would lead to a loss of control
of the operation; (c) describe the
means to detect these modes of deterioration of the external systems ; and (d) describe the
procedure(s) used when deterioration is detected (e.g. activation of the
emergency recovery capability, switch to manual control, etc.). 2
In the scope of this assessment, external systems supporting the UAS
operation are defined as systems that are not already part of the UAS but
are used to: (a) launch/take off
the UA; (b) make pre-flight
checks; or (c) keep the UA
within its operational volume (e.g. GNSS, satellite systems, air traffic
management, U-space). External systems activated/used after a loss of control of the
operation are excluded from this definition. |
|||
|
Criterion #2 (Procedure complexity) |
Operational procedures are complex and may potentially jeopardise the crew’s ability to respond by increasing the remote crew’s workload and/or their interaction with other entities (e.g. ATM, etc.). |
Contingency/emergency procedures require manual control by the remote pilot2 when the UAS is usually automatically controlled. |
Operational procedures are simple. |
|
|
Comments |
N/A |
2 It
should be considered that not all UAS have a mode where the pilot could
directly control the surfaces; moreover, it may require significant skill
not to make things worse. |
N/A |
|
|
Criterion #3 (Consideration of Potential Human Error) |
At a minimum, operational procedures provide: (a) a clear distribution and assignment of tasks, and (b) an internal checklist to ensure staff are adequately performing their assigned tasks. |
Operational procedures take human error into consideration. |
Same as medium. In addition, the remote crew3 receives crew resource management (CRM)4 training. |
|
|
Comments |
N/A |
N/A |
3 In the context of SORA, the
term ‘remote crew’ refers to any person involved in the mission. 4 CRM training focuses on the
effective use of all the remote crew to ensure safe and efficient operation,
reducing error, avoiding stress and increasing efficiency. |
|
OPERATIONAL PROCEDURES |
Level of
assurance |
|||
|
Low |
Medium |
High |
||
|
OSO #08, OSO #11, OSO #14 and OSO #21 |
Criteria |
(a) Operational procedures do not require validation against either a standard or a means of compliance that is considered adequate by the competent authority of the MS. (b) The adequacy of the operational procedures is declared, except for emergency procedures, which are tested. |
(a) Normal, contingency, and emergency procedures are documented and part of the operations manual (OM). (b) Operational procedures are validated against standards considered adequate by the competent authority of the MS and/or in accordance with the means of compliance acceptable to that authority1. (c) The adequacy of the contingency and emergency procedures is proven through: (1) dedicated flight tests; or (2) simulation, provided that the representativeness of the simulation means is proven valid for the intended purpose with positive results; or (3) any ot+her means acceptable to the competent authority. |
Same as medium. In addition: (a) Flight tests performed to validate the procedures and checklists cover the complete flight envelope or are proven to be conservative. (b) The procedures, checklists, flight tests and simulations are validated by the competent authority of the MS or by an entity that is designated by the competent authority. |
|
Comments |
N/A |
1 AMC2 UAS.SPEC.030(3)(e)
(Operational procedures for medium and high levels of robustness) is
considered an acceptable means of compliance. |
||
E.4 OSOs related to remote crew training
(a) The applicant needs to propose competency-based, theoretical and practical training that:
(1) is appropriate for the operation to be approved; and
(2) includes proficiency requirements and recurrent training.
(b) The entire remote crew (i.e. any person involved in the operation) should undergo competency-based, theoretical and practical training specific to their duties (e.g. pre-flight inspection, ground equipment handling, evaluation of the meteorological conditions, etc.).
|
REMOTE CREW COMPETENCIES |
Level of
integrity |
|||
|
Low |
Medium |
High |
||
|
OSO #09, OSO #15 and OSO #22 |
Criteria |
The competency-based, theoretical and practical training is adequate for the operation1 and ensures knowledge of: (a) the UAS Regulation; (b) airspace operating principles; (c) airmanship and aviation safety; (d) human performance limitations; (e) meteorology; (f) navigation/charts; (g) the UAS; and (h) operating procedures. |
||
|
Comments |
1 The distinction between a
low, a medium and a high level of robustness for this criterion is achieved
through the level of assurance (see table below). |
|||
REMOTE CREW COMPETENCIES |
Level of
assurance |
|||
|
Low |
Medium |
High |
||
|
OSO #09, OSO #15 and OSO #22 |
Criteria |
Training is self-declared (with evidence available). |
(a) Training syllabus is available and kept up to date. (b) The UAS operator provides competency-based, theoretical and practical training. |
The competent authority of the MS or an entity that is designated by the competent authority: (a) validates the training syllabus; and (b) verifies the remote crew competencies. |
|
Comments |
N/A |
N/A |
N/A |
|
E.5 OSOs
related to safe design
(a) The objectives of OSO#10 and OSO#12 are to complement the technical containment safety requirements by addressing the risk of a fatality while operating over populated areas or assemblies of people.
(b) In the scope of this assessment, external systems supporting UAS operations are defined as systems that are not already part of the UAS but are used to:
(1) launch/take off the UA;
(2) make pre-flight checks; or
(3) keep the UA within its operational volume (e.g. GNSS, satellite systems, air traffic management, U-space).
External systems activated/used after a loss of control of the operation are excluded from this definition.
|
|
LEVEL of
INTEGRITY |
|||
|
Low |
Medium |
High |
||
|
OSO #10 & OSO #12 |
Criteria |
When operating over populated areas or assemblies of people, it can be reasonably expected that a fatality will not occur from any probable1 failure2 of the UAS or any external system supporting the operation. |
When operating over populated areas or assemblies of people, it can be reasonably expected that a fatality will not occur from any single failure3 of the UAS or any external system supporting the operation. SW and AEH whose development error(s) could directly lead to a failure affecting the operation in such a way that it can be reasonably expected that a fatality will occur, are developed to a standard considered adequate by the competent authority and/or in accordance with means of compliance acceptable to that authority. |
Same as medium |
|
Comments |
1 For the purpose of this
assessment, the term ‘probable’ should be interpreted in a qualitative way
as, ‘anticipated to occur one or more times during the entire
system/operational life of a UAS’. 2 Some structural or
mechanical failures may be excluded from the criterion if it can be shown
that these mechanical parts were designed according to aviation industry
best practices. |
3 Some structural or
mechanical failures may be excluded from the no-single failure criterion if
it can be shown that these mechanical parts were designed to a standard
considered adequate by the competent authority and/or in accordance with a
means of compliance acceptable to that authority |
|
|
|
LEVEL of
ASSURANCE |
||||
|
Low |
Medium |
High |
||
|
OSO #10 & OSO #12 |
Criteria |
A design and installation appraisal is available. In particular, this appraisal shows that: (a) the design and installation features (independence, separation and redundancy) satisfy the low integrity criterion; and (b) particular risks relevant to the ConOps (e.g. hail, ice, snow, electromagnetic interference, etc.) do not violate the independence claims, if any. |
Same as low. In addition, the level of integrity claimed is substantiated by analysis and/or test data with supporting evidence. If the operation is classified as SAIL IV, the competent authority should request the applicant to use a UAS for which EASA has verified the claimed integrity through a DVR. |
The competent authority should request the applicant to use a UAS for which EASA has issued a type certificate or restricted type certificate in accordance with Annex I (Part 21) to Regulation (EU) No 748/2012. |
|
Comments |
N/A |
N/A |
N/A |
|
E.6 OSOs
related to the deterioration of external systems supporting UAS operations
For the purpose of SORA and this specific OSO, the term ‘external services supporting UAS operations’ encompasses any service providers necessary for the safety of the flight, such as communication service providers (CSPs) and U-space service providers[48].
|
DETERIORATION OF EXTERNAL SYSTEMS SUPPORTING UAS OPERATIONS BEYOND THE CONTROL OF THE UAS |
Level of
integrity |
|||
|
Low |
Medium |
High |
||
|
OSO #13 External services supporting UAS operations are adequate for the operation |
Criteria |
The applicant ensures that the level of performance for any externally provided service necessary for the safety of the flight is adequate for the intended operation. If the externally provided service requires communication between the UAS operator and the service provider, the applicant ensures there is effective communication to support the service provision. Roles and responsibilities between the applicant and the external service provider are defined. |
||
|
Comments |
N/A |
N/A |
Requirements for contracting services
with the service provider may be derived from ICAO Standards and Recommended
Practices (SARPs) that are currently under development. |
|
|
DETERIORATION OF EXTERNAL SYSTEMS SUPPORTING UAS OPERATIONS BEYOND THE CONTROL OF THE UAS |
Level of
assurance |
|||
|
Low |
Medium |
High |
||
|
OSO #13 External services supporting UAS operations are adequate for the operation |
Criteria |
The applicant declares that the requested level of performance for any externally provided service necessary for the safety of the flight is achieved (without evidence being necessarily available). |
The applicant has supporting evidence that the required level of performance for any externally provided service required for the safety of the flight can be achieved for the full duration of the mission. This may take the form of a service-level agreement (SLA) or any official commitment that prevails between a service provider and the applicant on the relevant aspects of the service (including quality, availability, and responsibilities). The applicant has a means to monitor externally provided services which affect flight-critical systems and take appropriate actions if real-time performance could lead to the loss of control of the operation. |
Same as medium. In addition: (a) the evidence of the performance of an externally provided service is achieved through demonstrations; and (b) the competent authority of the MS or an entity that is designated by the competent authority validates the claimed level of integrity. |
|
Comments |
N/A |
N/A |
N/A |
|
E.7 OSOs
related to human error
OSO #16 — Multi-crew coordination
This OSO applies only to those personnel directly involved in the flight operation.
|
HUMAN ERROR |
Level of
integrity |
|||
|
Low |
Medium |
High |
||
|
OSO #16 Multi crew coordination |
Criterion #1 (Procedures) |
Procedure(s) to ensure coordination between the crew members and robust and effective communication channels is (are) available and at a minimum cover: (a) assignment of tasks to the crew, and (b) establishment of step-by-step communications.1 |
||
|
Comments |
1 The distinction between a
low, a medium and a high level of robustness for this criterion is achieved
through the level of assurance (see the table below). |
|||
|
Criterion #2 (Training) |
Remote crew training covers multi-crew coordination |
Same as low. In addition, the remote crew2 receives CRM3 training. |
Same as medium. |
|
|
Comments |
N/A |
2 In the context of the SORA,
the term ‘remote crew’ refers to any person involved in the mission. 3 CRM training focuses on the
effective use of all the remote crew to assure a safe and efficient
operation, reducing error, avoiding stress and increasing efficiency. |
N/A |
|
|
Criterion #3 (Communication devices) |
N/A |
Communication devices comply with standards considered adequate by the competent authority and/or in accordance with a means of compliance acceptable to that authority. |
Communication devices are redundant4 and comply with standards considered adequate by the competent authority and/or in accordance with a means of compliance acceptable to that authority. |
|
|
Comments |
N/A |
N/A |
4 This implies the provision
of an extra device to cope with the failure of the first device. |
|
|
HUMAN ERROR |
LEVEL of
ASSURANCE |
|||
|
Low |
Medium |
High |
||
|
OSO #16 Multi crew coordination |
Criterion #1 (Procedures) |
(a) Procedures are not validated against either a standard or a means of compliance considered adequate by the competent authority of the MS. (b) The adequacy of the procedures and checklists is declared. |
(a) Procedures are validated against standards considered adequate by the competent authority of the MS and/or in accordance with the means of compliance acceptable to that authority1. (b) The adequacy of the procedures is proven through: (1) dedicated flight tests; or (2) simulation, provided that the representativeness of the simulation means is proven valid for the intended purpose with positive results; or (3) any other means acceptable to the competent authority. |
Same as medium. In addition: (a) flight tests performed to validate the procedures cover the complete flight envelope or are proven to be conservative; and (b) the procedures, flight tests and simulations are validated by the competent authority of the MS or an entity designated by the competent authority. |
|
Comments |
N/A |
1 AMC2 UAS.SPEC.030(3)(e)
(Operational procedures for medium and high levels of robustness) is
considered an acceptable means of compliance. |
N/A |
|
|
Criterion #2 (Training) |
Training is self-declared (with evidence available). |
(a) Training syllabus is available. (b) The UAS operator provides competency-based, theoretical and practical training. |
The competent authority of the MS or an entity that is designated by the competent authority: (a) validates the training syllabus; and (b) verifies the remote crew competencies. |
|
|
Comments |
N/A |
N/A |
N/A |
|
|
Criterion #3 (Communication devices) |
N/A |
The applicant has supporting evidence that the required level of integrity is achieved. This is typically done by testing, analysis, simulation1, inspection, design review or through operational experience. |
The competent authority should request the applicant to operate a UAS designed by an organisation approved by EASA according to Subpart J of Annex I (Part 21) to Regulation (EU) No 748/2012. |
|
|
Comments |
N/A |
1 When simulation is
performed, the validity of the targeted environment that is used in the
simulation needs to be justified. |
N/A |
|
OSO #17 — Remote crew is fit to operate
(a) For the purpose of this assessment, the expression ‘fit to operate’ should be interpreted as physically and mentally fit to perform their duties and safely discharge their responsibilities.
(b) Fatigue and stress are contributory factors to human error. Therefore, to ensure that vigilance is maintained at a satisfactory level of safety, consideration may be given to the following:
(1) remote crew duty times;
(2) regular breaks;
(3) rest periods; and
(4) handover/takeover procedures.
|
HUMAN ERROR |
Level of
integrity |
|||
|
Low |
Medium |
High |
||
|
OSO #17 Remote crew is fit to operate |
Criteria |
The applicant has a policy defining how the remote crew can declare themselves fit to operate before conducting any operation. |
Same as low. In addition: — Duty, flight duty and resting times for the remote crew are defined by the applicant and adequate for the operation. — The UAS operator defines requirements appropriate for the remote crew to operate the UAS. |
Same as Medium. In addition: — The remote crew is medically fit, — A fatigue risk management system (FRMS) is in place to manage any escalation in duty/flight duty times. |
|
Comments |
N/A |
N/A |
N/A |
|
|
HUMAN ERROR |
LEVEL of
ASSURANCE |
|||
|
Low |
Medium |
High |
||
|
OSO #17 Remote crew is fit to operate |
Criteria |
The policy to define how the remote crew declares themselves fit to operate (before an operation) is documented. The remote crew fit-to-operate declaration (before an operation) is based on a policy defined by the applicant. |
Same as low. In addition: — Remote crew duty, flight duty and the resting time policy are documented. — Remote crew duty cycles are logged and cover at a minimum: — when the remote crew member’s duty day commences, — when the remote crew members are free from duties, and — resting times within the duty cycle. — There is evidence that the remote crew is fit to operate the UAS. |
Same as medium. In addition: — Medical standards considered adequate by the competent authority and/or the means of compliance acceptable to that authority are established and the competent authority of the MS or an entity that is designated by the competent authority verifies that the remote crew is medically fit. — The competent authority of the MS or an entity that is designated by the competent authority validates the duty/flight duty times. — If an FRMS is used, it is validated and monitored by the competent authority of the MS or an entity that is designated by the competent authority. |
|
Comments |
N/A |
N/A |
N/A |
|
OSO #18 — Automatic protection of the flight envelope from human errors
(a) Each UA is designed with a flight envelope that describes its safe performance limits with regard to minimum and maximum operating speeds, and its operating structural strength.
(b) Automatic protection of the flight envelope is intended to prevent the remote pilot from operating the UA outside its flight envelope. If the applicant demonstrates that the remote-pilot is not in the loop, this OSO is not applicable.
(c) A UAS implementing such an automatic protection function will ensure that the UA is operated within an acceptable flight envelope margin even in the case of incorrect remote-pilot control inputs (human errors).
(d) UAS without automatic protection functions are susceptible to incorrect remote-pilot control inputs (human errors), which can result in the loss of the UA if the designed performance limits of the aircraft are exceeded.
(e) Failures or development errors of the flight envelope protection are addressed in OSOs #5, #10 and #12.
|
HUMAN ERROR |
LEVEL of
INTEGRITY |
|||
|
Low |
Medium |
High |
||
|
OSO #18 Automatic protection of the flight envelope from human errors |
Criteria |
The UAS flight control system incorporates automatic protection of the flight envelope to prevent the remote pilot from making any single input under normal operating conditions that would cause the UA to exceed its flight envelope or prevent it from recovering in a timely fashion. |
The UAS flight control system incorporates automatic protection of the flight envelope to ensure the UA remains within the flight envelope or ensures a timely recovery to the designed operational flight envelope following remote pilot error(s).1 |
|
|
Comments |
N/A |
1 The distinction between a
medium and a high level of robustness for this criterion is achieved through
the level of assurance (see table below). |
||
HUMAN ERROR |
LEVEL of
ASSURANCE |
|||
|
Low |
Medium |
High |
||
|
OSO #18 Automatic protection of the flight envelope from human errors |
Criteria |
The automatic protection of the flight envelope has been developed in-house or out of the box (e.g. using commercial off‑the‑shelf elements), without following specific standards. |
The competent authority should request the applicant to use a UAS for which EASA has verified the claimed integrity through a DVR. |
The competent authority should request the applicant to use a UAS for which EASA has issued a type certificate or restricted type certificate in accordance with Annex I (Part 21) to Regulation (EU) No 748/2012. |
|
Comments |
N/A |
N/A |
N/A |
|
OSO #19 — Safe recovery from human errors
(a) This OSO addresses the risk of human errors which may affect the safety of the operation if not prevented or detected and recovered in a timely fashion.
i) Errors can be made by anyone involved in the operation.
ii) An example could be a human error leading to the incorrect loading of the payload, with the risk of it falling off the UA during the operation.
iii) Another example could be a human error not to extend the antenna mast, thus reducing the C2 link coverage.
Note: the flight envelope protection is excluded from this OSO since it is specifically covered by OSO #18.
(b) This OSO covers:
i) procedures and lists,
ii) training, and
iii) UAS design, i.e. systems detecting and/or recovering from human errors (e.g. safety pins, use of acknowledgment features, fuel or energy consumption monitoring functions …)
|
HUMAN ERROR |
LEVEL of
INTEGRITY |
|||
|
Low |
Medium |
High |
||
|
OSO #19 Safe recovery from Human Error |
Criterion #1 (Procedures and checklists) |
Procedures and checklists that mitigate the risk of potential human errors from any person involved with the mission are defined and used. Procedures provide at a minimum: — a clear distribution and assignment of tasks, and — an internal checklist to ensure staff are adequately performing their assigned tasks. |
||
|
Comments |
N/A |
N/A |
N/A |
|
|
Criterion #2 (Training) |
— The remote crew1 is trained to use procedures and checklists. — The remote crew1 receives CRM2 training.3 |
|||
|
Comments |
1 In the context of SORA, the
term ‘remote crew’ refers to any person involved in the mission. 2 CRM training focuses on the
effective use of all the remote crew to ensure a safe and efficient
operation, reducing error, avoiding stress and increasing efficiency. 3 The distinction between a
low, a medium and a high level of robustness for this criterion is achieved
through the level of assurance (see table below). |
|||
|
Criterion #3 (UAS design) |
Systems detecting and/or recovering from human errors are developed according to industry best practices. |
Systems detecting and/or recovering from human errors are developed to standards considered adequate by the competent authority and/or in accordance with a means of compliance acceptable to that authority. |
Same as medium. |
|
|
Comments |
N/A |
N/A |
N/A |
|
|
HUMAN ERROR |
LEVEL of
ASSURANCE |
|||
|
Low |
Medium |
High |
||
|
OSO #19 Safe recovery from human error |
Criterion #1 (Procedures and checklists) |
(a) Procedures and checklists are not validated against either a standard or a means of compliance considered adequate by the competent authority of the MS. (b) The adequacy of the procedures and checklists is declared. |
(a) Procedures and checklists are validated against standards considered adequate by the competent authority of the MS and/or in accordance with the means of compliance acceptable to that authority1. (b) The adequacy of the procedures and checklists is proven through: (1) dedicated flight tests, or (2) simulation, provided that the representativeness of the simulation means is proven valid for the intended purpose with positive results; or (3) any other means acceptable to the competent authority of the MS. |
Same as medium. In addition: (a) Flight tests performed to validate the procedures and checklists cover the complete flight envelope or are proven to be conservative. (b) The procedures, checklists, flight tests and simulations are validated by the competent authority of the MS or an entity that is designated by the competent authority. |
|
Comments |
N/A |
1 AMC2 UAS.SPEC.030(3)(e)
(Operational procedures for medium and high levels of robustness) is
considered an acceptable means of compliance. |
N/A |
|
|
Criterion #2 (Training) |
Consider the criteria defined for the level of assurance of the generic remote crew training OSO (i.e. OSO #09, OSO #15 and OSO #22) corresponding to the SAIL of the operation. |
|||
|
Comments |
N/A |
N/A |
N/A |
|
|
Criterion #3 (UAS design) |
The applicant declares that the required level of integrity has been achieved1. |
The applicant has supporting evidence that the required level of integrity is achieved. That evidence is provided through testing, analysis, simulation2, inspection, design review or operational experience. If the operation is classified as SAIL IV, the competent authority should request the applicant to use a UAS for which EASA has verified the claimed integrity through a DVR. If the operation is classified as SAIL V the competent authority should request the applicant to use a UAS for which EASA has issued a type certificate or restricted type certificate in accordance with Annex I (Part 21) to Regulation (EU) No 748/2012. |
The competent authority should request the applicant to use a UAS for which EASA has issued a type certificate or restricted type certificate in accordance with Annex I (Part 21) to Regulation (EU) No 748/2012. |
|
|
Comments |
1 Supporting evidence may or
may not be available. |
2 When simulation is
performed, the validity of the targeted environment that is used in the
simulation needs to be justified. |
N/A |
|
|
HUMAN ERROR |
LEVEL of
INTEGRITY |
|||
|
Low |
Medium |
High |
||
|
OSO #20 A Human Factors evaluation has been performed and the HMI found appropriate for the mission |
Criteria |
The UAS information and control interfaces are clearly and succinctly presented and do not confuse, cause unreasonable fatigue, or contribute to remote crew errors that could adversely affect the safety of the operation. |
||
|
Comments |
If an electronic means is used to support
potential VOs in their role to maintain awareness of the position of the
unmanned aircraft, its HMI: — is
sufficient to allow the VOs to determine the position of the UA during
operation; and — does
not degrade the VO’s ability to: — scan
the airspace visually where the unmanned aircraft is operating for any
potential collision hazard; and — maintain
effective communication with the remote pilot at all times. |
|||
|
HUMAN ERROR |
LEVEL of
ASSURANCE |
|||
|
Low |
Medium |
High |
||
|
OSO #20 A Human Factors evaluation has been performed and the HMI has been found appropriate for the mission |
Criteria |
The applicant conducts a human factors evaluation of the UAS to determine whether the HMI is appropriate for the mission. The HMI evaluation is based on inspection or analyses. |
Same as Low but the HMI evaluation is based on demonstrations or simulations.1 The competent authority should request EASA to witness the HMI evaluation of the UAS. |
Same as Medium. In addition, EASA witnesses the HMI evaluation of the UAS and the competent authority of the MS or an entity that is designated by the competent authority witnesses the HMI evaluation of the possible electronic means used by the AO. |
|
Comments |
N/A |
1 When simulation is performed,
the validity of the targeted environment that is used in the simulation
needs to be justified. |
N/A |
|
E.8 OSOs
related to adverse operating conditions
OSO #23 — Environmental conditions for safe operations are defined, measurable and adhered to
|
ADVERSE
OPERATING CONDITIONS |
LEVEL of
INTEGRITY |
|||
|
Low |
Medium |
High |
||
|
OSO #23 Environmental conditions for safe operations are defined, measurable and adhered to |
Criterion #1 (Definition) |
The environmental conditions for safe operations are defined and reflected in the flight manual or equivalent document.1 |
||
|
Comments |
1 The distinction between a
low, a medium and a high level of robustness for this criterion is achieved
through the level of assurance (see table below). |
|||
|
Criterion #2 (Procedures) |
Procedures to evaluate environmental conditions before and during the mission (i.e. real-time evaluation) are available and include assessment of meteorological conditions (METAR, TAFOR, etc.) with a simple recording system.2 |
|||
|
Comments |
2 The distinction between a
low, a medium and a high level of robustness for this criterion is achieved
through the level of assurance (see table below). |
|||
|
Criterion #3 (Training) |
Training covers assessment of meteorological conditions.3 |
|||
|
Comments |
3 The distinction between a
low, a medium and a high level of robustness for this criterion is achieved
through the level of assurance (see table below). |
|||
|
ADVERSE
OPERATING CONDITIONS |
LEVEL of
ASSURANCE |
|||
|
Low |
Medium |
High |
||
|
OSO #23 Environmental conditions for safe operations defined, measurable and adhered to |
Criterion #1 (Definition) |
The applicant declares that the required level of integrity has been achieved. |
The applicant has supporting evidence that the required level of integrity is achieved. This is typically done by testing, analysis, simulation, inspection, design review or through operational experience. If the operation is classified as SAIL IV, the competent authority should request the applicant to use a UAS for which EASA has issued a DVR. |
The competent authority should request the applicant to use a UAS for which EASA has issued a type certificate or restricted type certificate in accordance with Annex I (Part 21) to Regulation (EU) No 748/2012 |
|
Comments |
N/A |
|||
|
Criterion #2 (Procedures) |
(a) Procedures do not require validation against either a standard or a means of compliance considered adequate by the competent authority of the MS. (b) The adequacy of the procedures and checklists is declared. |
(a) Procedures are validated against standards considered adequate by the competent authority of the MS and/or in accordance with the means of compliance acceptable to that authority1. (b) The adequacy of the procedures is proven through: (1) dedicated flight tests, or (2) simulation, provided that the representativeness of the simulation means is proven valid for the intended purpose with positive results; or (3) any other means acceptable to the competent authority of the MS. |
Same as medium. In addition: (a) Flight tests performed to validate the procedures cover the complete flight envelope or are proven to be conservative. (b) The procedures, flight tests and simulations are validated by the competent authority of the MS or an entity that is designated by the competent authority. |
|
|
Comments |
N/A |
1 AMC2 UAS.SPEC.030(3)(e)
(Operational procedures for medium and high levels of robustness) is
considered an acceptable means of compliance. |
N/A |
|
|
Criterion #3 (Training) |
Training is self-declared (with evidence available). |
— Training syllabus is available. — The UAS operator provides competency-based, theoretical and practical training. |
The competent authority of the MS or an entity that is designated by the competent authority: — validates the training syllabus; and — verifies the remote crew competencies. |
|
|
Comments |
N/A |
N/A |
N/A |
|
(a) To assess the integrity of this OSO, the applicant determines:
(1) whether credit can be taken for the equipment environmental qualification tests / declarations, e.g. by answering the following questions:
(i) Is there a Declaration of Design and Performance (DDP) available to the applicant stating the environmental qualification levels to which the equipment was tested?
(ii) Did the environmental qualification tests follow a standard considered adequate by the competent authority (e.g. DO-160)?
(iii) Are the environmental qualification tests appropriate and sufficient to cover all the environmental conditions related to the ConOps?
(iv) If the tests were not performed following a recognised standard, were the tests performed by an organisation/entity that is qualified or that has experience in performing DO-160 like tests?
(2) Can the suitability of the equipment for the intended/expected UAS environmental conditions be determined from either in-service experience or relevant test results?
(3) Any limitations which would affect the suitability of the equipment for the intended/expected UAS environmental conditions.
(b) The lowest integrity level should be considered for those cases where a UAS equipment has only a partial environmental qualification and/or a partial demonstration by similarity and/or parts with no qualification at all.
|
ADVERSE
OPERATING CONDITIONS |
LEVEL of
INTEGRITY |
|||
|
N/A |
Medium |
High |
||
|
OSO #24 UAS is designed and qualified for adverse environmental conditions |
Criteria |
N/A |
The UAS is designed to limit the effect of environmental conditions. |
The UAS is designed using environmental standards considered adequate by the competent authority and/or in accordance with a means of compliance acceptable to that authority. |
|
Comments |
N/A |
N/A |
N/A |
|
|
ADVERSE
OPERATING CONDITIONS |
LEVEL of
ASSURANCE |
|||
|
N/A |
Medium |
High |
||
|
OSO #24 UAS is designed and qualified for adverse environmental conditions |
Criteria |
N/A |
The applicant has supporting evidence that the required level of integrity has been achieved. This is typically done by testing, analysis, simulation2, inspection, design review or through operational experience. |
If the operation is classified as SAIL IV, the competent authority should request the applicant to use a UAS for which EASA has issued a DVR. If the operation is classified SAIL V or VI, the competent authority should request the applicant to use a UAS for which EASA has issued a type certificate or restricted type certificate in accordance with Annex I (Part 21) to Regulation (EU) No 748/2012. |
|
Comments |
N/A |
2 When simulation is
performed, the validity of the targeted environment that is used in the
simulation needs to be justified |
N/A |
|
[48] External service should be understood as any service that is provided to the UAS operator, which is necessary to ensure the safety of a UAS operation and is provided by a service provider other than the UAS operator. Examples of external services are:
- provision of geographical zones data and geographical limitations (including orography);
- collection and transfer of occurrence data;
- training and assessment of remote pilots;
- communication services that support the C2 link and any other safety-related communication;
- services that support navigation, e.g. GNSS services (compliance with requirement UAS.STS-01.030(6) could be ensured by referring to the conditions of use of such services in the corresponding Service Definition Document (SDD) or an equivalent one if available.);
- provision of services related to flight planning and management, including related safety assessments; and
- U-space services, which are defined in the corresponding regulation(s) and may include one or more of the above-mentioned services.
EASA regulations define integrity and assurance levels for drone operational safety objectives (OSOs) using SORA Annex E. It covers UAS technical issues, operational procedures, crew training, safe design, external system reliance, human error mitigation, and adverse conditions. Applicants must meet criteria for proposed OSOs, ensuring safe drone operations.
* Summary by Aviation.Bot - Always consult the original document for the most accurate information.
Loading collections...