Special Conditions: Embraer S.A. ERJ 190-300 Airplane; Electronic-System Security Protection From Unauthorized External Access, 27107-27108 [2017-12280]
Download as PDF
Federal Register / Vol. 82, No. 113 / Wednesday, June 14, 2017 / Rules and Regulations
DEPARTMENT OF TRANSPORTATION
Federal Aviation Administration
14 CFR Part 25
[Docket No. FAA–2017–0238; Special
Conditions No. 25–689–SC]
Special Conditions: Embraer S.A. ERJ
190–300 Airplane; Electronic-System
Security Protection From Unauthorized
External Access
Federal Aviation
Administration (FAA), DOT.
ACTION: Final special conditions; request
for comments.
AGENCY:
These special conditions are
issued for the Embraer S.A. (Embraer)
ERJ 190–300 airplane. This airplane will
have a novel or unusual design feature
when compared to the state of
technology envisioned in the
airworthiness standards for transportcategory airplanes. These airplanes will
have a digital-systems network
architecture composed of several
connected networks that may allow
access to or by external computer
systems and networks, and may result
in airplane electronic system-security
vulnerabilities. The applicable
airworthiness regulations do not contain
adequate or appropriate safety standards
for this design feature. These special
conditions contain the additional safety
standards that the Administrator
considers necessary to establish a level
of safety equivalent to that established
by the existing airworthiness standards.
DATES: This action is effective on
Embraer on June 14, 2017. We must
receive your comments by July 31, 2017.
ADDRESSES: Send comments identified
by docket number FAA–2017–0238
using any of the following methods:
• Federal eRegulations Portal: Go to
https://www.regulations.gov/and follow
the online instructions for sending your
comments electronically.
• Mail: Send comments to Docket
Operations, M–30, U.S. Department of
Transportation (DOT), 1200 New Jersey
Avenue SE., Room W12–140, West
Building Ground Floor, Washington, DC
20590–0001.
• Hand Delivery or Courier: Take
comments to Docket Operations in
Room W12–140 of the West Building
Ground Floor at 1200 New Jersey
Avenue SE., Washington, DC, between 9
a.m. and 5 p.m., Monday through
Friday, except Federal holidays.
• Fax: Fax comments to Docket
Operations at 202–493–2251.
Privacy: The FAA will post all
comments it receives, without change,
to https://www.regulations.gov/,
mstockstill on DSK30JT082PROD with RULES
SUMMARY:
VerDate Sep<11>2014
16:55 Jun 13, 2017
Jkt 241001
including any personal information the
commenter provides. Using the search
function of the docket Web site, anyone
can find and read the electronic form of
all comments received into any FAA
docket, including the name of the
individual sending the comment (or
signing the comment for an association,
business, labor union, etc.). DOT’s
complete Privacy Act Statement can be
found in the Federal Register published
on April 11, 2000 (65 FR 19477–19478),
as well as at https://DocketsInfo.dot.
gov/.
Docket: Background documents or
comments received may be read at
https://www.regulations.gov/ at any time.
Follow the online instructions for
accessing the docket or go to Docket
Operations in Room W12–140 of the
West Building Ground Floor at 1200
New Jersey Avenue SE., Washington,
DC, between 9 a.m. and 5 p.m., Monday
through Friday, except Federal holidays.
FOR FURTHER INFORMATION CONTACT:
Varun Khanna, FAA, Airplane and
Flight Crew Interface, ANM–111,
Transport Airplane Directorate, Aircraft
Certification Service, 1601 Lind Avenue
SW., Renton, Washington 98057–3356;
telephone 425–227–1298; facsimile
425–227–1320.
SUPPLEMENTARY INFORMATION: The FAA
has determined that notice of, and
opportunity for prior public comment
on, these special conditions is
impracticable because these procedures
would significantly delay issuance of
the design approval and thus delivery of
the affected airplane.
In addition, the substance of these
special conditions has been subject to
the public comment process in several
prior instances with no substantive
comments received. The FAA therefore
finds that good cause exists for making
these special conditions effective upon
publication in the Federal Register.
Comments Invited
We invite interested people to take
part in this rulemaking by sending
written comments, data, or views. The
most helpful comments reference a
specific portion of the special
conditions, explain the reason for any
recommended change, and include
supporting data.
We will consider all comments we
receive by the closing date for
comments. We may change these special
conditions based on the comments we
receive.
Background
On September 13, 2013, Embraer
applied for an amendment to Type
Certificate No. A57NM to include the
PO 00000
Frm 00003
Fmt 4700
Sfmt 4700
27107
new Model ERJ 190–300 airplane. The
Model ERJ 190–300 airplane, which is a
derivative of the Embraer Model ERJ
190–100 STD airplane currently
approved under Type Certificate No.
A57NM, is a 97- to 114-passenger
transport-category airplane, designed
with a new wing with a high aspect
ratio and raked wingtip, and a new
electrical-distribution system. The
maximum take-off weight is 124,340 lbs
(56,400 kg).
Type Certification Basis
Under the provisions of title 14, Code
of Federal Regulations (14 CFR) 21.101,
Embraer must show that the Model ERJ
190–300 airplane meets the applicable
provisions of the regulations listed in
Type Certificate No. A57NM, or the
applicable regulations in effect on the
date of application for the change,
except for earlier amendments as agreed
upon by the FAA.
If the Administrator finds that the
applicable airworthiness regulations
(i.e., 14 CFR part 25) do not contain
adequate or appropriate safety standards
for the Model ERJ 190–300 airplane
because of a novel or unusual design
feature, special conditions are
prescribed under the provisions of
§ 21.16.
Special conditions are initially
applicable to the model for which they
are issued. Should the type certificate
for that model be amended later to
include any other model that
incorporates the same novel or unusual
design feature, or should any other
model already included on the same
type certificate be modified to
incorporate the same novel or unusual
design feature, these special conditions
would also apply to the other model
under § 21.101.
In addition to the applicable
airworthiness regulations and special
conditions, the Embraer Model ERJ 190–
300 airplane must comply with the fuelvent and exhaust-emission requirements
of 14 CFR part 34 and the noisecertification requirements of 14 CFR
part 36.
The FAA issues special conditions, as
defined in 14 CFR 11.19, in accordance
with § 11.38, and they become part of
the type certification basis under
§ 21.101.
Novel or Unusual Design Features
The Embraer Model ERJ 190–300
airplane will incorporate the following
novel or unusual design feature:
A digital-systems network
architecture composed of several
connected networks. This network
architecture and network configuration
will have the capability to allow access
E:\FR\FM\14JNR1.SGM
14JNR1
27108
Federal Register / Vol. 82, No. 113 / Wednesday, June 14, 2017 / Rules and Regulations
to or by external network sources, and
may be used for or interfaced with a
diverse set of functions, including:
• Flight-safety-related control,
communication, and navigation systems
(airplane-control domain);
• Operator business and
administrative support (operatorinformation domain); and
• Passenger information and
entertainment systems (passengerentertainment domain)
mstockstill on DSK30JT082PROD with RULES
Discussion
The Embraer Model ERJ 190–300
airplane’s digital-systems network
architecture is novel or unusual for
commercial transport airplanes as it
allows connection to airplane electronic
systems and networks, and access from
sources external to the airplane (e.g.,
operator networks, wireless devices,
Internet connectivity, service-provider
satellite communications, electronic
flight bags, etc.) to the previously
isolated airplane electronic assets.
Airplane electronic assets include
electronic equipment and systems,
instruments, networks, servers, software
and electronic components, fieldloadable software and hardware
applications, databases, etc. This
proposed design may result in network
security vulnerabilities from intentional
or unintentional corruption of data and
systems required for the safety,
operation, and maintenance of the
airplane.
The existing regulations and guidance
material did not anticipate these types
of digital-system architectures, nor
access to airplane systems. Furthermore,
14 CFR part 25, and current systemsafety assessment policy and
techniques, do not address potential
security vulnerabilities by unauthorized
access to airplane data busses and
servers. Therefore, these special
conditions are issued to ensure that the
security, integrity, and availability of
airplane systems are not compromised
by certain wired or wireless electronic
connections between airplane data
busses and networks.
These special conditions contain the
additional safety standards that the
Administrator considers necessary to
establish a level of safety equivalent to
that established by the existing
airworthiness standards.
Applicability
As discussed above, these special
conditions are applicable to the Embraer
Model ERJ 190–300 airplane. Should
Embraer apply at a later date for a
change to the type certificate to include
another model incorporating the same
novel or unusual design feature, these
VerDate Sep<11>2014
16:55 Jun 13, 2017
Jkt 241001
special conditions would apply to that
model as well.
This action affects only a certain
novel or unusual design feature on one
model of airplane. It is not a rule of
general applicability.
The substance of these special
conditions has been subject to the notice
and comment period in several prior
instances and has been derived without
substantive change from those
previously issued. It is unlikely that
prior public comment would result in a
significant change from the substance
contained herein. Therefore, the FAA
has determined that prior public notice
and comment are unnecessary and
impracticable, and good cause exists for
adopting these special conditions upon
publication in the Federal Register. The
FAA is requesting comments to allow
interested persons to submit views that
may not have been submitted in
response to the prior opportunities for
comment described above.
List of Subjects in 14 CFR Part 25
Aircraft, Aviation safety, Reporting
and recordkeeping requirements.
The authority citation for these
special conditions is as follows:
Authority: 49 U.S.C. 106(g), 40113, 44701,
44702, 44704.
The Special Conditions
Accordingly, pursuant to the
authority delegated to me by the
Administrator, the following special
conditions are issued as part of the type
certification basis for electronic systemsecurity protection from unauthorized
external access on Embraer S.A. Model
ERJ 190–300 airplanes.
1. The applicant must ensure that the
airplane electronic systems are
protected from access by unauthorized
sources external to the airplane,
including those possibly caused by
maintenance activity.
2. The applicant must ensure that
electronic system-security threats are
identified and assessed, and that
effective electronic system-security
protection strategies are implemented to
protect the airplane from all adverse
impacts on safety, functionality, and
continued airworthiness.
3. The applicant must establish
appropriate procedures to allow the
operator to ensure that continued
airworthiness of the airplane is
maintained, including all post-typecertification modifications that may
have an impact on the approved
electronic system-security safeguards.
PO 00000
Frm 00004
Fmt 4700
Sfmt 4700
Issued in Renton, Washington, on June 2,
2017.
Michael Kaszycki,
Acting Manager, Transport Airplane
Directorate, Aircraft Certification Service.
[FR Doc. 2017–12280 Filed 6–13–17; 8:45 am]
BILLING CODE 4910–13–P
DEPARTMENT OF COMMERCE
Bureau of Industry and Security
15 CFR Parts 740 and 774
[Docket No. 160217120–7396–02]
RIN 0694–AG85
Wassenaar Arrangement 2015 Plenary
Agreements Implementation, Removal
of Foreign National Review
Requirements, and Information
Security Updates; Corrections
Bureau of Industry and
Security, Commerce.
ACTION: Correcting amendments.
AGENCY:
The Bureau of Industry and
Security (BIS) maintains, as part of its
Export Administration Regulations
(EAR), the Commerce Control List
(CCL), which identifies certain items
subject to Department of Commerce
jurisdiction. This rule corrects citations,
replaces text that was inadvertently
removed, and corrects other errors
associated with the ‘‘Wassenaar
Arrangement 2015 Plenary Agreements
Implementation, Removal of Foreign
National Review Requirements, and
Information Security Updates’’ final rule
published on September 20, 2016
(WA15 rule).
DATES: This rule is effective: June 14,
2017.
SUMMARY:
For
general questions contact Sharron Cook,
Office of Exporter Services, Bureau of
Industry and Security, U.S. Department
of Commerce at 202–482 2440 or by
email: Sharron.Cook@bis.doc.gov.
For technical questions contact:
Office of National Security and
Technology Transfer Controls,
Information Technology Control
Division, Aaron Amundson at 202–482–
0707.
SUPPLEMENTARY INFORMATION:
FOR FURTHER INFORMATION CONTACT:
Background
On September 20, 2016, BIS
published a final rule entitled,
‘‘Wassenaar Arrangement 2015 Plenary
Agreements Implementation, Removal
of Foreign National Review
Requirements, and Information Security
Updates’’ (81 FR 64656–64692), (WA15
E:\FR\FM\14JNR1.SGM
14JNR1
Agencies
[Federal Register Volume 82, Number 113 (Wednesday, June 14, 2017)]
[Rules and Regulations]
[Pages 27107-27108]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2017-12280]
[[Page 27107]]
-----------------------------------------------------------------------
DEPARTMENT OF TRANSPORTATION
Federal Aviation Administration
14 CFR Part 25
[Docket No. FAA-2017-0238; Special Conditions No. 25-689-SC]
Special Conditions: Embraer S.A. ERJ 190-300 Airplane;
Electronic-System Security Protection From Unauthorized External Access
AGENCY: Federal Aviation Administration (FAA), DOT.
ACTION: Final special conditions; request for comments.
-----------------------------------------------------------------------
SUMMARY: These special conditions are issued for the Embraer S.A.
(Embraer) ERJ 190-300 airplane. This airplane will have a novel or
unusual design feature when compared to the state of technology
envisioned in the airworthiness standards for transport-category
airplanes. These airplanes will have a digital-systems network
architecture composed of several connected networks that may allow
access to or by external computer systems and networks, and may result
in airplane electronic system-security vulnerabilities. The applicable
airworthiness regulations do not contain adequate or appropriate safety
standards for this design feature. These special conditions contain the
additional safety standards that the Administrator considers necessary
to establish a level of safety equivalent to that established by the
existing airworthiness standards.
DATES: This action is effective on Embraer on June 14, 2017. We must
receive your comments by July 31, 2017.
ADDRESSES: Send comments identified by docket number FAA-2017-0238
using any of the following methods:
Federal eRegulations Portal: Go to https://www.regulations.gov/and follow the online instructions for sending your
comments electronically.
Mail: Send comments to Docket Operations, M-30, U.S.
Department of Transportation (DOT), 1200 New Jersey Avenue SE., Room
W12-140, West Building Ground Floor, Washington, DC 20590-0001.
Hand Delivery or Courier: Take comments to Docket
Operations in Room W12-140 of the West Building Ground Floor at 1200
New Jersey Avenue SE., Washington, DC, between 9 a.m. and 5 p.m.,
Monday through Friday, except Federal holidays.
Fax: Fax comments to Docket Operations at 202-493-2251.
Privacy: The FAA will post all comments it receives, without
change, to https://www.regulations.gov/, including any personal
information the commenter provides. Using the search function of the
docket Web site, anyone can find and read the electronic form of all
comments received into any FAA docket, including the name of the
individual sending the comment (or signing the comment for an
association, business, labor union, etc.). DOT's complete Privacy Act
Statement can be found in the Federal Register published on April 11,
2000 (65 FR 19477-19478), as well as at https://DocketsInfo.dot.gov/ gov/.
Docket: Background documents or comments received may be read at
https://www.regulations.gov/ at any time. Follow the online instructions
for accessing the docket or go to Docket Operations in Room W12-140 of
the West Building Ground Floor at 1200 New Jersey Avenue SE.,
Washington, DC, between 9 a.m. and 5 p.m., Monday through Friday,
except Federal holidays.
FOR FURTHER INFORMATION CONTACT: Varun Khanna, FAA, Airplane and Flight
Crew Interface, ANM-111, Transport Airplane Directorate, Aircraft
Certification Service, 1601 Lind Avenue SW., Renton, Washington 98057-
3356; telephone 425-227-1298; facsimile 425-227-1320.
SUPPLEMENTARY INFORMATION: The FAA has determined that notice of, and
opportunity for prior public comment on, these special conditions is
impracticable because these procedures would significantly delay
issuance of the design approval and thus delivery of the affected
airplane.
In addition, the substance of these special conditions has been
subject to the public comment process in several prior instances with
no substantive comments received. The FAA therefore finds that good
cause exists for making these special conditions effective upon
publication in the Federal Register.
Comments Invited
We invite interested people to take part in this rulemaking by
sending written comments, data, or views. The most helpful comments
reference a specific portion of the special conditions, explain the
reason for any recommended change, and include supporting data.
We will consider all comments we receive by the closing date for
comments. We may change these special conditions based on the comments
we receive.
Background
On September 13, 2013, Embraer applied for an amendment to Type
Certificate No. A57NM to include the new Model ERJ 190-300 airplane.
The Model ERJ 190-300 airplane, which is a derivative of the Embraer
Model ERJ 190-100 STD airplane currently approved under Type
Certificate No. A57NM, is a 97- to 114-passenger transport-category
airplane, designed with a new wing with a high aspect ratio and raked
wingtip, and a new electrical-distribution system. The maximum take-off
weight is 124,340 lbs (56,400 kg).
Type Certification Basis
Under the provisions of title 14, Code of Federal Regulations (14
CFR) 21.101, Embraer must show that the Model ERJ 190-300 airplane
meets the applicable provisions of the regulations listed in Type
Certificate No. A57NM, or the applicable regulations in effect on the
date of application for the change, except for earlier amendments as
agreed upon by the FAA.
If the Administrator finds that the applicable airworthiness
regulations (i.e., 14 CFR part 25) do not contain adequate or
appropriate safety standards for the Model ERJ 190-300 airplane because
of a novel or unusual design feature, special conditions are prescribed
under the provisions of Sec. 21.16.
Special conditions are initially applicable to the model for which
they are issued. Should the type certificate for that model be amended
later to include any other model that incorporates the same novel or
unusual design feature, or should any other model already included on
the same type certificate be modified to incorporate the same novel or
unusual design feature, these special conditions would also apply to
the other model under Sec. 21.101.
In addition to the applicable airworthiness regulations and special
conditions, the Embraer Model ERJ 190-300 airplane must comply with the
fuel-vent and exhaust-emission requirements of 14 CFR part 34 and the
noise-certification requirements of 14 CFR part 36.
The FAA issues special conditions, as defined in 14 CFR 11.19, in
accordance with Sec. 11.38, and they become part of the type
certification basis under Sec. 21.101.
Novel or Unusual Design Features
The Embraer Model ERJ 190-300 airplane will incorporate the
following novel or unusual design feature:
A digital-systems network architecture composed of several
connected networks. This network architecture and network configuration
will have the capability to allow access
[[Page 27108]]
to or by external network sources, and may be used for or interfaced
with a diverse set of functions, including:
Flight-safety-related control, communication, and
navigation systems (airplane-control domain);
Operator business and administrative support (operator-
information domain); and
Passenger information and entertainment systems
(passenger-entertainment domain)
Discussion
The Embraer Model ERJ 190-300 airplane's digital-systems network
architecture is novel or unusual for commercial transport airplanes as
it allows connection to airplane electronic systems and networks, and
access from sources external to the airplane (e.g., operator networks,
wireless devices, Internet connectivity, service-provider satellite
communications, electronic flight bags, etc.) to the previously
isolated airplane electronic assets. Airplane electronic assets include
electronic equipment and systems, instruments, networks, servers,
software and electronic components, field-loadable software and
hardware applications, databases, etc. This proposed design may result
in network security vulnerabilities from intentional or unintentional
corruption of data and systems required for the safety, operation, and
maintenance of the airplane.
The existing regulations and guidance material did not anticipate
these types of digital-system architectures, nor access to airplane
systems. Furthermore, 14 CFR part 25, and current system-safety
assessment policy and techniques, do not address potential security
vulnerabilities by unauthorized access to airplane data busses and
servers. Therefore, these special conditions are issued to ensure that
the security, integrity, and availability of airplane systems are not
compromised by certain wired or wireless electronic connections between
airplane data busses and networks.
These special conditions contain the additional safety standards
that the Administrator considers necessary to establish a level of
safety equivalent to that established by the existing airworthiness
standards.
Applicability
As discussed above, these special conditions are applicable to the
Embraer Model ERJ 190-300 airplane. Should Embraer apply at a later
date for a change to the type certificate to include another model
incorporating the same novel or unusual design feature, these special
conditions would apply to that model as well.
This action affects only a certain novel or unusual design feature
on one model of airplane. It is not a rule of general applicability.
The substance of these special conditions has been subject to the
notice and comment period in several prior instances and has been
derived without substantive change from those previously issued. It is
unlikely that prior public comment would result in a significant change
from the substance contained herein. Therefore, the FAA has determined
that prior public notice and comment are unnecessary and impracticable,
and good cause exists for adopting these special conditions upon
publication in the Federal Register. The FAA is requesting comments to
allow interested persons to submit views that may not have been
submitted in response to the prior opportunities for comment described
above.
List of Subjects in 14 CFR Part 25
Aircraft, Aviation safety, Reporting and recordkeeping
requirements.
The authority citation for these special conditions is as follows:
Authority: 49 U.S.C. 106(g), 40113, 44701, 44702, 44704.
The Special Conditions
Accordingly, pursuant to the authority delegated to me by the
Administrator, the following special conditions are issued as part of
the type certification basis for electronic system-security protection
from unauthorized external access on Embraer S.A. Model ERJ 190-300
airplanes.
1. The applicant must ensure that the airplane electronic systems
are protected from access by unauthorized sources external to the
airplane, including those possibly caused by maintenance activity.
2. The applicant must ensure that electronic system-security
threats are identified and assessed, and that effective electronic
system-security protection strategies are implemented to protect the
airplane from all adverse impacts on safety, functionality, and
continued airworthiness.
3. The applicant must establish appropriate procedures to allow the
operator to ensure that continued airworthiness of the airplane is
maintained, including all post-type-certification modifications that
may have an impact on the approved electronic system-security
safeguards.
Issued in Renton, Washington, on June 2, 2017.
Michael Kaszycki,
Acting Manager, Transport Airplane Directorate, Aircraft Certification
Service.
[FR Doc. 2017-12280 Filed 6-13-17; 8:45 am]
BILLING CODE 4910-13-P