Special Conditions: Airbus, Model A350-900 Series Airplane; Isolation or Protection of the Aircraft Electronic System Security From Unauthorized Internal Access, 76252-76254 [2013-29986]

Download as PDF 76252 Federal Register / Vol. 78, No. 242 / Tuesday, December 17, 2013 / Proposed Rules part 36 and the FAA must issue a finding of regulatory adequacy under § 611 of Public Law 92–574, the ‘‘Noise Control Act of 1972.’’ The FAA issues special conditions, as defined in 14 CFR 11.19, under § 11.38, and they become part of the typecertification basis under § 21.17(a)(2). Novel or Unusual Design Features The Airbus Model A350–900 series will incorporate the following novel or unusual design feature: The digital systems architecture for the Airbus Model A350–900 series airplanes is composed of several connected networks. This proposed network architecture is used for a diverse set of functions, providing data connectivity between systems, including: 1. airplane control, communication, display, monitoring and navigation systems, 2. airline business and administrative support systems, 3. passenger entertainment systems, and 4. access by systems external to the airplane. wreier-aviles on DSK5TPTVN1PROD with PROPOSALS Discussion The proposed Airbus Model A350– 900 series architecture and network configuration may allow increased connectivity to and access from external network sources and airline operations and maintenance networks to the aircraft control domain and airline information services domain. The aircraft control domain and airline information services domain perform functions required for the safe operation and maintenance of the airplane. Previously these domains had very limited connectivity with external network sources. The architecture and network configuration may allow the exploitation of network security vulnerabilities resulting in intentional or unintentional destruction, disruption, degradation, or exploitation of data, systems, and networks critical to the safety and maintenance of the airplane. The existing regulations and guidance material did not anticipate these types of airplane system architectures. Furthermore, 14 CFR regulations and current system safety assessment policy and techniques do not address potential security vulnerabilities, which could be exploited by unauthorized access to airplane networks, data buses, and servers. Therefore, these special conditions are proposed to ensure that the security (i.e., confidentiality, integrity, and availability) of airplane systems is not compromised by VerDate Mar<15>2010 14:27 Dec 16, 2013 Jkt 232001 unauthorized wired or wireless electronic connections. DEPARTMENT OF TRANSPORTATION Federal Aviation Administration Applicability As discussed above, these proposed special conditions apply to Airbus Model A350–900 series airplanes. Should Airbus apply later for a change to the type certificate to include another model incorporating the same novel or unusual design feature, the proposed special conditions would apply to that model as well. 14 CFR Part 25 Conclusion AGENCY: This action affects only certain novel or unusual design features on the Airbus Model A350–900 series airplanes. It is not a rule of general applicability. SUMMARY: List of Subjects in 14 CFR Part 25 Aircraft, Aviation safety, Reporting and Recordkeeping requirements. The authority citation for these special conditions is as follows: Authority: 49 U.S.C. 106(g), 40113, 44701, 44702, 44704. The Proposed Special Conditions Accordingly, the Federal Aviation Administration (FAA) proposes the following special conditions as part of the type certification basis for Airbus Model A350–900 series airplanes. Airplane Electronic System Security Protection from Unauthorized External Access. 1. The applicant must ensure airplane electronic system security protection from access to or by unauthorized sources external to the airplane, including those possibly caused by maintenance activity. 2. The applicant must ensure that electronic system security threats are identified and assessed, and that effective electronic system security protection strategies are implemented to protect the airplane from all adverse impacts on safety, functionality, and continued airworthiness. 3. The applicant must establish appropriate procedures to allow the operator to ensure that continued airworthiness of the aircraft is maintained, including all post type certification modifications that may have an impact on the approved electronic system security safeguards. Issued in Renton, Washington, on October 22, 2013. Stephen P. Boyd, Acting Manager, Transport Airplane Directorate, Aircraft Certification Service. [FR Doc. 2013–29985 Filed 12–16–13; 8:45 am] BILLING CODE 4910–13–P PO 00000 Frm 00005 Fmt 4702 Sfmt 4702 [Docket No. FAA–2013–0910; Notice No. 25–13–20–SC] Special Conditions: Airbus, Model A350–900 Series Airplane; Isolation or Protection of the Aircraft Electronic System Security From Unauthorized Internal Access Federal Aviation Administration (FAA), DOT. ACTION: Notice of proposed special conditions. This action proposes special conditions for Airbus Model A350–900 series airplanes. These airplanes will have a novel or unusual design feature associated with aircraft electronic system security protection or isolation from unauthorized internal access. The applicable airworthiness regulations do not contain adequate or appropriate safety standards for this design feature. These proposed special conditions contain the additional safety standards that the Administrator considers necessary to establish a level of safety equivalent to that established by the existing airworthiness standards. DATES: Send your comments on or before January 31, 2014. ADDRESSES: Send comments identified by docket number FAA–2013–0910 using any of the following methods: • Federal eRegulations Portal: Go to https://www.regulations.gov/ and follow the online instructions for sending your comments electronically. • Mail: Send comments to Docket Operations, M–30, U.S. Department of Transportation (DOT), 1200 New Jersey Avenue SE., Room W12–140, West Building Ground Floor, Washington, DC 20590–0001. • Hand Delivery or Courier: Take comments to Docket Operations in Room W12–140 of the West Building Ground Floor at 1200 New Jersey Avenue SE., Washington, DC, between 9 a.m. and 5 p.m., Monday through Friday, except federal holidays. • Fax: Fax comments to Docket Operations at 202–493–2251. Privacy: The FAA will post all comments it receives, without change, to https://www.regulations.gov/, including any personal information the commenter provides. Using the search function of the docket Web site, anyone can find and read the electronic form of all comments received into any FAA docket, including the name of the individual sending the comment (or E:\FR\FM\17DEP1.SGM 17DEP1 Federal Register / Vol. 78, No. 242 / Tuesday, December 17, 2013 / Proposed Rules signing the comment for an association, business, labor union, etc.). DOT’s complete Privacy Act Statement can be found in the Federal Register published on April 11, 2000 (65 FR 19477–19478), as well as at https://DocketsInfo.dot.gov/. Docket: Background documents or comments received may be read at https://www.regulations.gov/ at any time. Follow the online instructions for accessing the docket or go to the Docket Operations in Room W12–140 of the West Building Ground Floor at 1200 New Jersey Avenue SE., Washington, DC, between 9 a.m. and 5 p.m., Monday through Friday, except federal holidays. FOR FURTHER INFORMATION CONTACT: Varun Khanna, FAA, Airplane and Flightcrew Interface Branch, ANM–111, Transport Airplane Directorate, Aircraft Certification Service, 1601 Lind Avenue SW., Renton, Washington 98057–3356; telephone (425) 227–1298; facsimile (425) 227–1320. SUPPLEMENTARY INFORMATION: wreier-aviles on DSK5TPTVN1PROD with PROPOSALS Comments Invited We invite interested people to take part in this rulemaking by sending written comments, data, or views. The most helpful comments reference a specific portion of the special conditions, explain the reason for any recommended change, and include supporting data. We will consider all comments we receive on or before the closing date for comments. We may change these proposed special conditions based on the comments we receive. Background On August 25, 2008, Airbus applied for a type certificate for their new Model A350–900 series airplane. Later, Airbus requested and the FAA approved an extension to the application for FAA type certification to June 28, 2009. The Model A350–900 series has a conventional layout with twin wingmounted Rolls-Royce Trent XWB engines. It features a twin aisle 9-abreast economy class layout, and accommodates side-by-side placement of LD–3 containers in the cargo compartment. The basic Model A350– 900 series configuration will accommodate 315 passengers in a standard two-class arrangement. The design cruise speed is Mach 0.85 with a Maximum Take-Off Weight of 602,000 lbs. Airbus proposes the Model A350– 900 series to be certified for extended operations (ETOPS) beyond 180 minutes at entry into service for up to a 420minute maximum diversion time. Contemporary transport category airplanes have both safety-related and VerDate Mar<15>2010 14:27 Dec 16, 2013 Jkt 232001 non-safety-related electronic system networks for many operational functions. However, electronic system network security considerations and functions have played a relatively minor role in the certification of such systems because of the isolation, protection mechanisms, and limited connectivity between the different networks. Type Certification Basis Under Title 14, Code of Federal Regulations (14 CFR) 21.17, Airbus must show that the Model A350–900 series meets the applicable provisions of 14 CFR part 25, as amended by Amendments 25–1 through 25–129. If the Administrator finds that the applicable airworthiness regulations (i.e., 14 CFR part 25) do not contain adequate or appropriate safety standards for the Model A350–900 series because of a novel or unusual design feature, special conditions are prescribed under § 21.16. Special conditions are initially applicable to the model for which they are issued. Should the type certificate for that model be amended later to include any other model that incorporates the same novel or unusual design feature, the proposed special conditions would also apply to the other model under § 21.101. In addition to the applicable airworthiness regulations and proposed special conditions, the Model A350–900 series must comply with the fuel vent and exhaust emission requirements of 14 CFR part 34 and the noise certification requirements of 14 CFR part 36 and the FAA must issue a finding of regulatory adequacy under § 611 of Public Law 92–574, the ‘‘Noise Control Act of 1972.’’ The FAA issues special conditions, as defined in 14 CFR 11.19, under § 11.38, and they become part of the typecertification basis under § 21.17(a)(2). Novel or Unusual Design Feature The Airbus Model A350–900 series will incorporate the following novel or unusual design feature: an electronics network system architecture which is new and novel for commercial transport airplanes which introduces potential security risks and vulnerabilities not addressed in current regulations and aircraft-level or system-level safety assessment methods. Discussion The Airbus Model A350–900 series architecture is new and novel for commercial transport airplanes because it allows connection to previously isolated data networks connected to systems that perform functions required PO 00000 Frm 00006 Fmt 4702 Sfmt 4702 76253 for the safe operation of the airplane. This proposed data network and design integration may result in security vulnerabilities from intentional or unintentional corruption of data and systems critical to the safety and maintenance of the airplane. The existing regulations and guidance material did not anticipate this type of system architecture or electronic access to aircraft systems. Furthermore, 14 CFR regulations and current system safety assessment policy and techniques do not address potential security vulnerabilities, which could be exploited by unauthorized access to airplane networks and servers. Therefore, these special conditions are proposed to ensure that the security of airplane systems and networks is not compromised by unauthorized wired or wireless internal access. Applicability As discussed above, these proposed special conditions apply to Airbus Model A350–900 series airplanes. Should Airbus apply later for a change to the type certificate to include another model incorporating the same novel or unusual design feature, the proposed special conditions would apply to that model as well. Conclusion This action affects only certain novel or unusual design features on the Airbus Model A350–900 series airplanes related to electronic system security protection. It is not a rule of general applicability. List of Subjects in 14 CFR Part 25 Aircraft, Aviation safety, Reporting and recordkeeping requirements. The authority citation for these special conditions is as follows: Authority: 49 U.S.C. 106(g), 40113, 44701, 44702, 44704. The Proposed Special Conditions Accordingly, the Federal Aviation Administration (FAA) proposes the following special conditions as part of the type certification basis for Airbus Model A350–900 series airplanes. Isolation of the Airplane Electronic System Security Protection from Unauthorized Internal Access. ■ 1. The applicant must ensure that the design provides isolation from, or airplane electronic system security protection against, access by unauthorized sources internal to the airplane. The design must prevent inadvertent and malicious changes to, and all adverse impacts upon, airplane equipment, systems, networks, or other E:\FR\FM\17DEP1.SGM 17DEP1 76254 Federal Register / Vol. 78, No. 242 / Tuesday, December 17, 2013 / Proposed Rules assets required for safe flight and operations. ■ 2. The applicant must establish appropriate procedures to allow the operator to ensure that continued airworthiness of the aircraft is maintained, including all post type certification modifications that may have an impact on the approved electronic system security safeguards. Issued in Renton, Washington, on October 22, 2013. Stephen P. Boyd, Acting Manager, Transport Airplane Directorate, Aircraft Certification Service. [FR Doc. 2013–29986 Filed 12–16–13; 8:45 am] BILLING CODE 4910–13–P DEPARTMENT OF TRANSPORTATION Federal Aviation Administration 14 CFR Part 25 [Docket No. FAA–2013–0899; Notice No. 25–13–15–SC] Special Conditions: Airbus, Model A350–900 Series Airplane; Control Surface Awareness and Mode Annunciation Federal Aviation Administration (FAA), DOT. ACTION: Notice of proposed special conditions. AGENCY: This action proposes special conditions for the Airbus Model A350– 900 series airplanes. These airplanes will have a novel or unusual design feature(s) associated with control surface awareness and mode annunciation provided by the electronic flight control system. The applicable airworthiness regulations do not contain adequate or appropriate safety standards for this design feature. These proposed special conditions contain the additional safety standards that the Administrator considers necessary to establish a level of safety equivalent to that established by the existing airworthiness standards. DATES: Send your comments on or before January 31, 2014. ADDRESSES: Send comments identified by docket number FAA–2013–0899 using any of the following methods: • Federal eRegulations Portal: Go to https://www.regulations.gov/ and follow the online instructions for sending your comments electronically. • Mail: Send comments to Docket Operations, M–30, U.S. Department of Transportation (DOT), 1200 New Jersey Avenue SE., Room W12–140, West Building Ground Floor, Washington, DC 20590–0001. wreier-aviles on DSK5TPTVN1PROD with PROPOSALS SUMMARY: VerDate Mar<15>2010 14:27 Dec 16, 2013 Jkt 232001 • Hand Delivery or Courier: Take comments to Docket Operations in Room W12–140 of the West Building Ground Floor at 1200 New Jersey Avenue SE., Washington, DC, between 9 a.m. and 5 p.m., Monday through Friday, except federal holidays. • Fax: Fax comments to Docket Operations at 202–493–2251. Privacy: The FAA will post all comments it receives, without change, to https://www.regulations.gov/, including any personal information the commenter provides. Using the search function of the docket Web site, anyone can find and read the electronic form of all comments received into any FAA docket, including the name of the individual sending the comment (or signing the comment for an association, business, labor union, etc.). DOT’s complete Privacy Act Statement can be found in the Federal Register published on April 11, 2000 (65 FR 19477–19478), as well as at https://DocketsInfo.dot.gov/. Docket: Background documents or comments received may be read at https://www.regulations.gov/ at any time. Follow the online instructions for accessing the docket or go to the Docket Operations in Room W12–140 of the West Building Ground Floor at 1200 New Jersey Avenue SE., Washington, DC, between 9 a.m. and 5 p.m., Monday through Friday, except federal holidays. FOR FURTHER INFORMATION CONTACT: Joe Jacobsen, FAA, Airplane and Flightcrew Interface Branch, ANM–111, Transport Airplane Directorate, Aircraft Certification Service, 1601 Lind Avenue SW., Renton, Washington 98057–3356; telephone (425) 227–2011; facsimile (425) 227–1320. SUPPLEMENTARY INFORMATION: Comments Invited We invite interested people to take part in this rulemaking by sending written comments, data, or views. The most helpful comments reference a specific portion of the proposed special conditions, explain the reason for any recommended change, and include supporting data. We will consider all comments we receive on or before the closing date for comments. We may change these special conditions based on the comments we receive. Background On August 25, 2008, Airbus applied for a type certificate for their new Model A350–900 series airplane. Later, Airbus requested and the FAA approved an extension to the application for FAA type certification to June 28, 2009. The PO 00000 Frm 00007 Fmt 4702 Sfmt 4702 Model A350–900 series has a conventional layout with twin wingmounted Rolls-Royce Trent XWB engines. It features a twin aisle 9-abreast economy class layout, and accommodates side-by-side placement of LD–3 containers in the cargo compartment. The basic Airbus Model A350–900 series configuration will accommodate 315 passengers in a standard two-class arrangement. The design cruise speed is Mach 0.85 with a Maximum Take-Off Weight of 602,000 lbs. Airbus proposes the Model A350– 900 series to be certified for extended operations (ETOPS) beyond 180 minutes at entry into service for up to a 420minute maximum diversion time. These proposed special conditions for control surface awareness, applicable to Airbus Model A350–900 series airplanes, propose suitable flight control position annunciation and control system mode of operation to be provided to the flight crew when a flight condition exists in which nearly full surface authority (not crewcommanded) is being utilized. Suitability of such a display must take into account that some pilot-demanded maneuvers (e.g., rapid roll) are necessarily associated with intended full performance, which may saturate the surface. Therefore, simple alerting systems, which would function in both intended or unexpected control-limiting situations, must be properly balanced between needed crew awareness and nuisance features. A monitoring system that might compare airplane motion and surface deflection, and pilot side stick controller (SSC) demand could be useful for elimination of nuisance alerting. Type Certification Basis Under Title 14, Code of Federal Regulations (14 CFR) 21.17, Airbus must show that the Model A350–900 series meets the applicable provisions of 14 CFR part 25, as amended by Amendments 25–1 through 25–129. If the Administrator finds that the applicable airworthiness regulations (i.e., 14 CFR part 25) do not contain adequate or appropriate safety standards for the Model A350–900 series because of a novel or unusual design feature, special conditions are prescribed under § 21.16. Special conditions are initially applicable to the model for which they are issued. Should the type certificate for that model be amended later to include any other model that incorporates the same or similar novel or unusual design feature, the proposed special conditions would also apply to the other model under § 21.101. E:\FR\FM\17DEP1.SGM 17DEP1

Agencies

[Federal Register Volume 78, Number 242 (Tuesday, December 17, 2013)]
[Proposed Rules]
[Pages 76252-76254]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: 2013-29986]


-----------------------------------------------------------------------

DEPARTMENT OF TRANSPORTATION

Federal Aviation Administration

14 CFR Part 25

[Docket No. FAA-2013-0910; Notice No. 25-13-20-SC]


Special Conditions: Airbus, Model A350-900 Series Airplane; 
Isolation or Protection of the Aircraft Electronic System Security From 
Unauthorized Internal Access

AGENCY: Federal Aviation Administration (FAA), DOT.

ACTION: Notice of proposed special conditions.

-----------------------------------------------------------------------

SUMMARY: This action proposes special conditions for Airbus Model A350-
900 series airplanes. These airplanes will have a novel or unusual 
design feature associated with aircraft electronic system security 
protection or isolation from unauthorized internal access. The 
applicable airworthiness regulations do not contain adequate or 
appropriate safety standards for this design feature. These proposed 
special conditions contain the additional safety standards that the 
Administrator considers necessary to establish a level of safety 
equivalent to that established by the existing airworthiness standards.

DATES: Send your comments on or before January 31, 2014.

ADDRESSES: Send comments identified by docket number FAA-2013-0910 
using any of the following methods:
     Federal eRegulations Portal: Go to https://www.regulations.gov/ and follow the online instructions for sending 
your comments electronically.
     Mail: Send comments to Docket Operations, M-30, U.S. 
Department of Transportation (DOT), 1200 New Jersey Avenue SE., Room 
W12-140, West Building Ground Floor, Washington, DC 20590-0001.
     Hand Delivery or Courier: Take comments to Docket 
Operations in Room W12-140 of the West Building Ground Floor at 1200 
New Jersey Avenue SE., Washington, DC, between 9 a.m. and 5 p.m., 
Monday through Friday, except federal holidays.
     Fax: Fax comments to Docket Operations at 202-493-2251.
    Privacy: The FAA will post all comments it receives, without 
change, to https://www.regulations.gov/, including any personal 
information the commenter provides. Using the search function of the 
docket Web site, anyone can find and read the electronic form of all 
comments received into any FAA docket, including the name of the 
individual sending the comment (or

[[Page 76253]]

signing the comment for an association, business, labor union, etc.). 
DOT's complete Privacy Act Statement can be found in the Federal 
Register published on April 11, 2000 (65 FR 19477-19478), as well as at 
https://DocketsInfo.dot.gov/.
    Docket: Background documents or comments received may be read at 
https://www.regulations.gov/ at any time. Follow the online instructions 
for accessing the docket or go to the Docket Operations in Room W12-140 
of the West Building Ground Floor at 1200 New Jersey Avenue SE., 
Washington, DC, between 9 a.m. and 5 p.m., Monday through Friday, 
except federal holidays.

FOR FURTHER INFORMATION CONTACT: Varun Khanna, FAA, Airplane and 
Flightcrew Interface Branch, ANM-111, Transport Airplane Directorate, 
Aircraft Certification Service, 1601 Lind Avenue SW., Renton, 
Washington 98057-3356; telephone (425) 227-1298; facsimile (425) 227-
1320.

SUPPLEMENTARY INFORMATION:

Comments Invited

    We invite interested people to take part in this rulemaking by 
sending written comments, data, or views. The most helpful comments 
reference a specific portion of the special conditions, explain the 
reason for any recommended change, and include supporting data.
    We will consider all comments we receive on or before the closing 
date for comments. We may change these proposed special conditions 
based on the comments we receive.

Background

    On August 25, 2008, Airbus applied for a type certificate for their 
new Model A350-900 series airplane. Later, Airbus requested and the FAA 
approved an extension to the application for FAA type certification to 
June 28, 2009. The Model A350-900 series has a conventional layout with 
twin wing-mounted Rolls-Royce Trent XWB engines. It features a twin 
aisle 9-abreast economy class layout, and accommodates side-by-side 
placement of LD-3 containers in the cargo compartment. The basic Model 
A350-900 series configuration will accommodate 315 passengers in a 
standard two-class arrangement. The design cruise speed is Mach 0.85 
with a Maximum Take-Off Weight of 602,000 lbs. Airbus proposes the 
Model A350-900 series to be certified for extended operations (ETOPS) 
beyond 180 minutes at entry into service for up to a 420-minute maximum 
diversion time.
    Contemporary transport category airplanes have both safety-related 
and non-safety-related electronic system networks for many operational 
functions. However, electronic system network security considerations 
and functions have played a relatively minor role in the certification 
of such systems because of the isolation, protection mechanisms, and 
limited connectivity between the different networks.

Type Certification Basis

    Under Title 14, Code of Federal Regulations (14 CFR) 21.17, Airbus 
must show that the Model A350-900 series meets the applicable 
provisions of 14 CFR part 25, as amended by Amendments 25-1 through 25-
129.
    If the Administrator finds that the applicable airworthiness 
regulations (i.e., 14 CFR part 25) do not contain adequate or 
appropriate safety standards for the Model A350-900 series because of a 
novel or unusual design feature, special conditions are prescribed 
under Sec.  21.16.
    Special conditions are initially applicable to the model for which 
they are issued. Should the type certificate for that model be amended 
later to include any other model that incorporates the same novel or 
unusual design feature, the proposed special conditions would also 
apply to the other model under Sec.  21.101.
    In addition to the applicable airworthiness regulations and 
proposed special conditions, the Model A350-900 series must comply with 
the fuel vent and exhaust emission requirements of 14 CFR part 34 and 
the noise certification requirements of 14 CFR part 36 and the FAA must 
issue a finding of regulatory adequacy under Sec.  611 of Public Law 
92-574, the ``Noise Control Act of 1972.''
    The FAA issues special conditions, as defined in 14 CFR 11.19, 
under Sec.  11.38, and they become part of the type-certification basis 
under Sec.  21.17(a)(2).

Novel or Unusual Design Feature

    The Airbus Model A350-900 series will incorporate the following 
novel or unusual design feature: an electronics network system 
architecture which is new and novel for commercial transport airplanes 
which introduces potential security risks and vulnerabilities not 
addressed in current regulations and aircraft-level or system-level 
safety assessment methods.

Discussion

    The Airbus Model A350-900 series architecture is new and novel for 
commercial transport airplanes because it allows connection to 
previously isolated data networks connected to systems that perform 
functions required for the safe operation of the airplane. This 
proposed data network and design integration may result in security 
vulnerabilities from intentional or unintentional corruption of data 
and systems critical to the safety and maintenance of the airplane. The 
existing regulations and guidance material did not anticipate this type 
of system architecture or electronic access to aircraft systems. 
Furthermore, 14 CFR regulations and current system safety assessment 
policy and techniques do not address potential security 
vulnerabilities, which could be exploited by unauthorized access to 
airplane networks and servers. Therefore, these special conditions are 
proposed to ensure that the security of airplane systems and networks 
is not compromised by unauthorized wired or wireless internal access.

Applicability

    As discussed above, these proposed special conditions apply to 
Airbus Model A350-900 series airplanes. Should Airbus apply later for a 
change to the type certificate to include another model incorporating 
the same novel or unusual design feature, the proposed special 
conditions would apply to that model as well.

Conclusion

    This action affects only certain novel or unusual design features 
on the Airbus Model A350-900 series airplanes related to electronic 
system security protection. It is not a rule of general applicability.

List of Subjects in 14 CFR Part 25

    Aircraft, Aviation safety, Reporting and recordkeeping 
requirements.

    The authority citation for these special conditions is as follows:

    Authority:  49 U.S.C. 106(g), 40113, 44701, 44702, 44704.

The Proposed Special Conditions

    Accordingly, the Federal Aviation Administration (FAA) proposes the 
following special conditions as part of the type certification basis 
for Airbus Model A350-900 series airplanes. Isolation of the Airplane 
Electronic System Security Protection from Unauthorized Internal 
Access.

0
1. The applicant must ensure that the design provides isolation from, 
or airplane electronic system security protection against, access by 
unauthorized sources internal to the airplane. The design must prevent 
inadvertent and malicious changes to, and all adverse impacts upon, 
airplane equipment, systems, networks, or other

[[Page 76254]]

assets required for safe flight and operations.
0
2. The applicant must establish appropriate procedures to allow the 
operator to ensure that continued airworthiness of the aircraft is 
maintained, including all post type certification modifications that 
may have an impact on the approved electronic system security 
safeguards.

    Issued in Renton, Washington, on October 22, 2013.
Stephen P. Boyd,
Acting Manager, Transport Airplane Directorate, Aircraft Certification 
Service.
[FR Doc. 2013-29986 Filed 12-16-13; 8:45 am]
BILLING CODE 4910-13-P
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.