Global small Unmanned Aircraft Systems (UAS) Risk Management and the Law
By: Sarah J. Nilsson, JD, PhD, MAS
Assistant Professor of Aviation Law, College of Aviation
Embry-Riddle Aeronautical University - Prescott
Abstract
Unmanned aircraft are now flying in the airspace over virtually every country on Earth. Their numbers and uses are growing as this paper is being typed. Hence, in the name of safety, the need to look deeper into the world of unmanned aircraft risk management. The paper begins with a brief introduction to unmanned aircraft and their categories in the United States. As the paper unfolds, it introduces the reader to the jargon of risk management, hazards, hazard identification, and accident investigations. Further discussion ensues on risk mitigation and insurance factors. Anti-drone devices are included in a separate chapter, and finally the paper concludes with a look to the future concerns regarding unmanned aircraft and risk management.
Keywords: Unmanned Aerial Systems, Law, Policy, Federal Aviation Administration, Model Aircraft, Regulations, Risk Management, Insurance, Safety, Hazard Analysis, Anti-Drone Devices, Safety Management Systems.
Global small Unmanned Aircraft Systems (UAS) Risk Management and the Law
Introduction
Unmanned aircraft systems (UAS) refer to unmanned aircraft (UA) and the associated equipment required to operate them.They can be as large as a Global Hawk or as small as a minion toy, and yet safely perform a wide range of functions.Drones, remotely operated aircraft (ROA), unmanned aerial vehicles (UAV), remotely piloted aircraft (RPA), or remotely piloted aircraft systems (RPAS) are a few of the terms used to describe the same emerging technology.In the United States, the preferred term for the unmanned aircraft is UA, whereas the term for the entire system, including associated equipment, is unmanned aircraft systems (UAS)(Federal Aviation Administration (FAA), 2016a).
In the United States there are three categories of users: (1) public or governmental operators; (2) commercial or civil or non-governmental operators; and (3) hobby or recreational users, also known as model aircraft operators(FAA, 2016a). These shall be described in more detail below.
Public or governmental UAS operators include among others: (1) Department of Defense (DoD); (2) Department of Homeland Security (DHS); (3) Department of Justice (DoJ); (4) Federal Bureau of Investigation (FBI); (5) National Aeronautics and Space Administration (NASA); (6) National Oceanographic and Atmospheric Administration (NOAA); (7) State and local agencies, fire and law enforcement; and (8) Qualifying universities(FAA, 2016b).
Commercial or civil or non-governmental UAS operators include those businesses that have applied for and received Section 333 Exemptions per the FAA Modernization and Reform Act of 2012 from the Federal Aviation Administration (FAA), as well as those operators that now utilize theRemote PIC with small UAS rating, under 14 Code of Federal Regulations (CFR) Part 107 since August 29, 2016.Commercial operations encompass those entities that use UAS in the furtherance of business, or for compensation or hire, and include among others: mapping; surveying; photography; videography;filming; closed-set filming; demonstrations; training; measuring; monitoring; and inspections.Industries using UAS include among others: construction; architectural; engineering; insurance;security; real estate; resort; golf course; cemetery; entertainment; sports; utility; energy; transportation; mining; telecommunications; agriculture; infrastructure; emergency agencies; humanitarian relief; research; education; and manyothers, too many to list (FAA, 2016c).
Hobby or recreational operations are also known as model aircraft operations. By FAA definition, a model aircraft: (1) is capable of sustained flight in the atmosphere; (2) weighs no more than 55 pounds [unless otherwise certified through an operational safety program administered by a community-based organization (CBO)]; (3) is flown within visual line-of-sight (VLOS) of the person operating the aircraft; (4) is flown strictly for hobby or recreational purposes; (5) is flown in accordance with CBO guidelines; and (6) does not interfere with, and gives way to, any manned aircraft(FAA, 2016d).
In the United States, the FAA regulates the operation of UAS flights in non-restricted airspace. In the FAA Act of 1958, Congress gave the FAA control over the safe and efficient use of national airspace. In the FAA Modernization and Reform Act of 2012, Congress then instructed the FAA to integrate UAS in the national airspace, and 14 CFR Part 107 was created to regulate commercial operations (FAA, 2016a).
Military aircraft operating in restricted airspace are exempt from this regulation under Title 10 of the United States Code (USC), which defines the roles of the Armed Forces (FAA, 2016b).
So, now that you are familiar with UAS and their operators, why is there aneed for UAS risk management?The Teal Group, an aerospace and defense analyst, in a 2014 market study, estimated that the UAS industry would be worth $93 billion by 2024 (Teal Group, 2016).Privacy and safety are the main concerns, and the laws must address these concerns.
Across the pond, the European Aviation Safety Agency (EASA) also believes unmanned aircraft should be integrated into the existing aviation system in a safe and proportionate manner. EASA has published a Concept of Operations for Drones (EASA, 2015), a risk-based approach to regulation of unmanned aircraft. The safety risks considered must take into account: (1) midair collision with manned aircraft; (2) harm to people; and (3) damage to property in particular critical and sensitive infrastructure.
In the United States, the FAAMicro UAS Aviation Rulemaking Committee (ARC) Recommendations were issued in a final report on April 1, 2016 (FAA, 2016e). The stated objective of the ARC was “to consider recommendations for a performance-based standard that would allow for micro UAS to be operated over people who are not directly participating in the operation of the UAS or under a covered structure,” which would ultimately contribute to an enforceable rule imposed by the FAA (FAA, 2016e, p. 1).
Commercial 14 CFR Part 107
Under the new small UAS rule, 14 CFR Part 107, that went into effect August 29, 2016, commercial operators should have a more efficient way to obtain permission to function within the National Airspace System (NAS) in the furtherance of business, as opposed to the prior Section 333 Exemption method of operations. This small rule pertains to UAS weighing less than 55 pounds. It is anticipated that larger UAS shall still operate under Section 333 Exemptions (FAA, 2016f).
Advisory Circular (AC) 107-2
To enable operators to better understand the intricacies of 14 CFR Part 107, the FAA published an Advisory Circular(AC) 107-2 to help clarify the regulations. It should be read in conjunction with the applicable regulations (FAA, 2016g).
Hobby AC 91.57A
Hobby or recreational users of UAS are still required to operate under the guidance of Advisory Circular(AC) 91.57A (FAA, 2016h).
UAS Risk Management
Before delving into the world of risk management, here is a brief look at some of its unique language and definitions (Drone Industry Insights, 2016).
Riskis the assessment, expressed in terms of predicted probability and severity, of the consequence(s) of a hazard taking as reference the worst foreseeable situation.
Hazardis a condition, object or activity with the potential of causing injuries to personnel, damage to equipment or structures, loss of material, or reduction of ability to perform a prescribed function.
Consequenceis the potential outcome(s) of the hazard.
Risk Managementis the identification, analysis, and elimination, and/or mitigation to an acceptable level of risks that threaten the capabilities of an organization. It aims at a balanced allocation of resources to address all risks and viable risk control and mitigation. It uses a data-driven approach to safety resources allocation, thus making it defensible and easier to explain.
Cost-Benefit Analysis includes direct and indirect costs.
Direct Costsare the obvious costs, which are easily determined. The high costs of exposure to hazards can be reduced by insurance coverage. Purchasing insurance only transfers monetary risk, but does not address the safety hazard.
Indirect Costs are the uninsured costs. This may amount to more than the direct costs resulting from exposure to hazards, such as loss of business; damage to reputation; loss of use of equipment; loss of staff productivity;legal actions and claims; fines and citations; and insurance deductibles.
Risk Probabilityis the likelihood that an unsafe event or condition might occur.Questions for assessing the probability of an occurrence include: (1) Is there a history of occurrences like the one being assessed, or is the occurrence an isolated event? (2) What other equipment, or similar type components, might have similar defects? (3) What number of operating or maintenance personnel must follow the procedure(s) in question? (4) How frequently is the equipment or procedure under assessment used?
Risk Severityis the possible consequence(s) of an unsafe event or condition, taking as reference the worst foreseeable situation. We define severity in terms of consequences for: (1) property; (2) finance; (3) liability; (4) people; (5) environment; (6) image and (7) public confidence.Questions for assessing the severity of an occurrence include: (1) How many lives (employees, bystanders, public) may be lost? (2) What is the environmental impact? (3) What is the severity of the property or financial damage? (4) Are there organizational, management, or regulatory implications that might generate larger threats to public safety? (5) What are the likely political implications and/or media interest?
UAS Hazards and Accident Investigation
When it comes to understanding hazards there is a natural tendency to describe hazards as their consequences. However, stating a hazard as a consequence disguises the nature of the hazard and interferes with identifying other important consequences. Well-named hazards allow one to infer the sources or mechanisms of the hazard and evaluate the loss outcome(s). There are three major types of hazards to UAS: natural, technical and economic. These shall be described in more detail below.
Natural hazards include adverse weather conditions (icing, snow, heavy rain, wind, visibility restrictions); severe weather or climatic events (hurricanes, tornadoes, thunderstorms, lightning, wind shear); geophysical events (earthquakes, volcanoes, tsunamis, floods, landslides);geographical conditions (adverse terrain, large bodies of water); and environmental events (wildfires, wildlife activity, insect or pest infestation).
Technical hazards includedeficiencies of aircraft, components, systems, subsystems, and related equipment (high loss of altitude, loss of control, loss of transmission, collision with manned or other unmanned aircraft, buildings, or power lines, partial failure or loss of communication link, existence of corrosion, rotor failures); deficiencies of an organization's facilities, tools, and related equipment (pilot unfamiliar with equipment, pilot unfamiliar with area, launch and recovery incidents); and deficiencies of facilities, systems, subsystems, and related equipment external to organization.Technical hazardsare the leading cause of UAS mishaps.
Economic hazards include major trends related to growth, recession, cost of material or equipment, and lack of regulation or over-regulation.
In order to identify hazards, one should consider: (1) design factors, including equipment and task design; (2) procedures and operating practices, including documentation and checklists; (3) communications, including means, terminology, and language; (4) organizational factors, such as company policies for recruitment, training, remuneration and allocation of resources; (5) work environment factors, such as ambient noise and vibration, temperature, lighting, protective equipment, and clothing; (6) regulatory factors, including the applicability and enforceability of regulations, certification of equipment, personnel, and procedures, and the adequacy of oversight; (7) defenses including detection and warning systems, and the extent to which the equipment is resilient against errors and failures; and (8) human performance, including medical conditions, and physical limitations.
When it comes to hazard identification, sources of hazard identification may be internal or external. Internal sources include flight data analysis, company voluntary reporting system, audits, and surveys. External sources include accident reports andthe state mandatory occurrence system.
Efficient and safe operations or the provision of service require a constant balance between production goals and safety goals. UAS operations may contain hazards, which may not be cost-effective to address even when operations must continue.
Appropriate documentation management is important for two reasons. First,it is a formal procedure to translate operational safety data into hazard-related information, and second and it becomes the 'safety library' for the organization.Standardizing definitions, understanding, validation, reporting, measurement, and management facilitates the tracking and analysis of hazards.
In order to discuss the accident/incident investigative process, some definitions are needed first. An incidentis the first of a series of events that could lead to a situation in which harm or damage occurs. We should investigate an incident becauseit is a process that allows management to identify and evaluate the causes of an accident;it identifies underlying problems to minimize future accidents; andit eliminates repeat violations or processes. There are four types of incident reporting are: (1) mandatory; (2) voluntary; (3) confidential; and (4) in-house.
An accidentis an unplanned, unwanted, but controllable event that disrupts the work process and causes injury to people. We should investigate an accident becauseit is a process to determine the underlying causes;the causal information is used to identify and take preventative action; and it is a component of loss prevention.
There are seven steps in the accident/incident investigative processas follows below. First, develop a plan to investigate immediately. Second, collect information, on site, secure the scene, investigate the scene, record key information, have accessible equipment that may be needed, off site, interview key people (explain purpose, use a fact-finding process, ask open-ended questions, investigate but do not blame), assess past accident history, and review pertinent records (standard work practices, job safety analysis, material safety data sheets, employee personnel records, maintenance logs, inspection records).All the above should be investigated because of the prevention of future or similar losses; contribution to the bottom line; thereduction of human suffering; and for a continuous improvement process.
Third, analyze all causes. The root cause is the most fundamental and direct cause of an accident/incident. There may be one or more contributory causes as well. Accident investigation is ineffective unless all causes are determined and corrected.
Fourth, assess for potential future accidents (assess severity). Class A is major, a condition or practice that is likely to cause permanent disability, loss of life, body part, and extensive property damage. Class B is serious, a condition or practice likely to cause serious injury or illness resulting in temporary disability, or property damage that is disruptive, but less severe than Class A. Class C is minor, a condition or practice likely to cause minor, non-disabling, injury or illness or non-disruptive property damage.
Fifth, develop a corrective action plan. Control must directly address each cause identified. Consider short term controls if permanent controls are not readily available. More than one control may be needed. Use a Control Hit List as follows: eliminate the hazard; substitute a less hazardous material; use engineering controls; use personal protective equipment (PPE); and train the employees.
Sixth, report data and recommendations. Document the facts only!Determine if corrective action applies to more than one employee, job function, shift, etc.Prioritize corrective actions based on future accident potential. Submit both short-term and long-term solutions,if necessary.
Seventh, take corrective action and monitor. Ensure that long-term solutions do not get lost in the shuffle. Evaluate the effectiveness of implemented controls, like interviewing employees, performing job safety analysis, and amassing accident/incident experience.
UAS Risk Mitigation and Insurance
The discussion on risk control/mitigation starts with definitions. Mitigationmeans measures to address the potential hazard or to reduce the risk probability or severity. To mitigate is to make milder, less sever, or less harsh. Risk mitigation is akin to risk control.
Strategies for risk control/mitigation include the following: (1) avoidance where the operation or activity is cancelled because risks exceed the benefits of continuing the operation or activity; (2) reduction where the frequency of the operation or activity is reduced, or action is taken to reduce the magnitude of the consequences of the accepted risks; and (3) segregation of exposure where action is taken to isolate the effects of the consequences of the hazard or built-in redundancy to protect against it.
Risk mitigation defenses includetechnology, training, and regulations. As part of risk mitigation, determine the following: (1) Do defenses exist that protect against such risk(s)? (2) Do defenses function as intended? (3) Are the defenses practical for use under actual working conditions? (4) Is the involved staff aware of the risks and the defenses in place? (5) Are additional risk mitigation measures required?
Geo-fencing is the ability to build technology into the software to prevent a UAS from flying in restricted airspace. This should prevent flights near airports, government facilities, critical infrastructure, and congested areas.
Safety Management System (SMS) is a systematic approach to managing safety, including the necessary organizational structures, accountabilities, policies and procedures (ICAO). SMS is the formal, top-down business approach to managing safety risk, which includes a systemic approach to managing safety, including the necessary organizational structures, accountabilities, policies and procedures (FAA, 2016i).
A UAS operator may use all five types of the following risk management solutions. First is training, or theunderstanding of the hazards involved, with pilot training to include initial and recurrent training;aeronautical knowledge necessary to operate in the national airspace,meteorological knowledge necessary to understand UAS performance, aerodynamics knowledge necessary to understand UAS performance, radio communication with Air Traffic Control, operating manual from manufacturer to include normal and emergency operations, and checklists, and after-sales support from the manufacturer.