Special Conditions: Embraer S.A. ERJ 190-300 Airplane; Electronic-System Security Protection From Unauthorized External Access, 27107-27108 [2017-12280]

Download as PDF Federal Register / Vol. 82, No. 113 / Wednesday, June 14, 2017 / Rules and Regulations DEPARTMENT OF TRANSPORTATION Federal Aviation Administration 14 CFR Part 25 [Docket No. FAA–2017–0238; Special Conditions No. 25–689–SC] Special Conditions: Embraer S.A. ERJ 190–300 Airplane; Electronic-System Security Protection From Unauthorized External Access Federal Aviation Administration (FAA), DOT. ACTION: Final special conditions; request for comments. AGENCY: These special conditions are issued for the Embraer S.A. (Embraer) ERJ 190–300 airplane. This airplane will have a novel or unusual design feature when compared to the state of technology envisioned in the airworthiness standards for transportcategory airplanes. These airplanes will have a digital-systems network architecture composed of several connected networks that may allow access to or by external computer systems and networks, and may result in airplane electronic system-security vulnerabilities. The applicable airworthiness regulations do not contain adequate or appropriate safety standards for this design feature. These special conditions contain the additional safety standards that the Administrator considers necessary to establish a level of safety equivalent to that established by the existing airworthiness standards. DATES: This action is effective on Embraer on June 14, 2017. We must receive your comments by July 31, 2017. ADDRESSES: Send comments identified by docket number FAA–2017–0238 using any of the following methods: • Federal eRegulations Portal: Go to http://www.regulations.gov/and follow the online instructions for sending your comments electronically. • Mail: Send comments to Docket Operations, M–30, U.S. Department of Transportation (DOT), 1200 New Jersey Avenue SE., Room W12–140, West Building Ground Floor, Washington, DC 20590–0001. • Hand Delivery or Courier: Take comments to Docket Operations in Room W12–140 of the West Building Ground Floor at 1200 New Jersey Avenue SE., Washington, DC, between 9 a.m. and 5 p.m., Monday through Friday, except Federal holidays. • Fax: Fax comments to Docket Operations at 202–493–2251. Privacy: The FAA will post all comments it receives, without change, to http://www.regulations.gov/, mstockstill on DSK30JT082PROD with RULES SUMMARY: VerDate Sep<11>2014 16:55 Jun 13, 2017 Jkt 241001 including any personal information the commenter provides. Using the search function of the docket Web site, anyone can find and read the electronic form of all comments received into any FAA docket, including the name of the individual sending the comment (or signing the comment for an association, business, labor union, etc.). DOT’s complete Privacy Act Statement can be found in the Federal Register published on April 11, 2000 (65 FR 19477–19478), as well as at http://DocketsInfo.dot. gov/. Docket: Background documents or comments received may be read at http://www.regulations.gov/ at any time. Follow the online instructions for accessing the docket or go to Docket Operations in Room W12–140 of the West Building Ground Floor at 1200 New Jersey Avenue SE., Washington, DC, between 9 a.m. and 5 p.m., Monday through Friday, except Federal holidays. FOR FURTHER INFORMATION CONTACT: Varun Khanna, FAA, Airplane and Flight Crew Interface, ANM–111, Transport Airplane Directorate, Aircraft Certification Service, 1601 Lind Avenue SW., Renton, Washington 98057–3356; telephone 425–227–1298; facsimile 425–227–1320. SUPPLEMENTARY INFORMATION: The FAA has determined that notice of, and opportunity for prior public comment on, these special conditions is impracticable because these procedures would significantly delay issuance of the design approval and thus delivery of the affected airplane. In addition, the substance of these special conditions has been subject to the public comment process in several prior instances with no substantive comments received. The FAA therefore finds that good cause exists for making these special conditions effective upon publication in the Federal Register. Comments Invited We invite interested people to take part in this rulemaking by sending written comments, data, or views. The most helpful comments reference a specific portion of the special conditions, explain the reason for any recommended change, and include supporting data. We will consider all comments we receive by the closing date for comments. We may change these special conditions based on the comments we receive. Background On September 13, 2013, Embraer applied for an amendment to Type Certificate No. A57NM to include the PO 00000 Frm 00003 Fmt 4700 Sfmt 4700 27107 new Model ERJ 190–300 airplane. The Model ERJ 190–300 airplane, which is a derivative of the Embraer Model ERJ 190–100 STD airplane currently approved under Type Certificate No. A57NM, is a 97- to 114-passenger transport-category airplane, designed with a new wing with a high aspect ratio and raked wingtip, and a new electrical-distribution system. The maximum take-off weight is 124,340 lbs (56,400 kg). Type Certification Basis Under the provisions of title 14, Code of Federal Regulations (14 CFR) 21.101, Embraer must show that the Model ERJ 190–300 airplane meets the applicable provisions of the regulations listed in Type Certificate No. A57NM, or the applicable regulations in effect on the date of application for the change, except for earlier amendments as agreed upon by the FAA. If the Administrator finds that the applicable airworthiness regulations (i.e., 14 CFR part 25) do not contain adequate or appropriate safety standards for the Model ERJ 190–300 airplane because of a novel or unusual design feature, special conditions are prescribed under the provisions of § 21.16. Special conditions are initially applicable to the model for which they are issued. Should the type certificate for that model be amended later to include any other model that incorporates the same novel or unusual design feature, or should any other model already included on the same type certificate be modified to incorporate the same novel or unusual design feature, these special conditions would also apply to the other model under § 21.101. In addition to the applicable airworthiness regulations and special conditions, the Embraer Model ERJ 190– 300 airplane must comply with the fuelvent and exhaust-emission requirements of 14 CFR part 34 and the noisecertification requirements of 14 CFR part 36. The FAA issues special conditions, as defined in 14 CFR 11.19, in accordance with § 11.38, and they become part of the type certification basis under § 21.101. Novel or Unusual Design Features The Embraer Model ERJ 190–300 airplane will incorporate the following novel or unusual design feature: A digital-systems network architecture composed of several connected networks. This network architecture and network configuration will have the capability to allow access E:\FR\FM\14JNR1.SGM 14JNR1 27108 Federal Register / Vol. 82, No. 113 / Wednesday, June 14, 2017 / Rules and Regulations to or by external network sources, and may be used for or interfaced with a diverse set of functions, including: • Flight-safety-related control, communication, and navigation systems (airplane-control domain); • Operator business and administrative support (operatorinformation domain); and • Passenger information and entertainment systems (passengerentertainment domain) mstockstill on DSK30JT082PROD with RULES Discussion The Embraer Model ERJ 190–300 airplane’s digital-systems network architecture is novel or unusual for commercial transport airplanes as it allows connection to airplane electronic systems and networks, and access from sources external to the airplane (e.g., operator networks, wireless devices, Internet connectivity, service-provider satellite communications, electronic flight bags, etc.) to the previously isolated airplane electronic assets. Airplane electronic assets include electronic equipment and systems, instruments, networks, servers, software and electronic components, fieldloadable software and hardware applications, databases, etc. This proposed design may result in network security vulnerabilities from intentional or unintentional corruption of data and systems required for the safety, operation, and maintenance of the airplane. The existing regulations and guidance material did not anticipate these types of digital-system architectures, nor access to airplane systems. Furthermore, 14 CFR part 25, and current systemsafety assessment policy and techniques, do not address potential security vulnerabilities by unauthorized access to airplane data busses and servers. Therefore, these special conditions are issued to ensure that the security, integrity, and availability of airplane systems are not compromised by certain wired or wireless electronic connections between airplane data busses and networks. These special conditions contain the additional safety standards that the Administrator considers necessary to establish a level of safety equivalent to that established by the existing airworthiness standards. Applicability As discussed above, these special conditions are applicable to the Embraer Model ERJ 190–300 airplane. Should Embraer apply at a later date for a change to the type certificate to include another model incorporating the same novel or unusual design feature, these VerDate Sep<11>2014 16:55 Jun 13, 2017 Jkt 241001 special conditions would apply to that model as well. This action affects only a certain novel or unusual design feature on one model of airplane. It is not a rule of general applicability. The substance of these special conditions has been subject to the notice and comment period in several prior instances and has been derived without substantive change from those previously issued. It is unlikely that prior public comment would result in a significant change from the substance contained herein. Therefore, the FAA has determined that prior public notice and comment are unnecessary and impracticable, and good cause exists for adopting these special conditions upon publication in the Federal Register. The FAA is requesting comments to allow interested persons to submit views that may not have been submitted in response to the prior opportunities for comment described above. List of Subjects in 14 CFR Part 25 Aircraft, Aviation safety, Reporting and recordkeeping requirements. The authority citation for these special conditions is as follows: Authority: 49 U.S.C. 106(g), 40113, 44701, 44702, 44704. The Special Conditions Accordingly, pursuant to the authority delegated to me by the Administrator, the following special conditions are issued as part of the type certification basis for electronic systemsecurity protection from unauthorized external access on Embraer S.A. Model ERJ 190–300 airplanes. 1. The applicant must ensure that the airplane electronic systems are protected from access by unauthorized sources external to the airplane, including those possibly caused by maintenance activity. 2. The applicant must ensure that electronic system-security threats are identified and assessed, and that effective electronic system-security protection strategies are implemented to protect the airplane from all adverse impacts on safety, functionality, and continued airworthiness. 3. The applicant must establish appropriate procedures to allow the operator to ensure that continued airworthiness of the airplane is maintained, including all post-typecertification modifications that may have an impact on the approved electronic system-security safeguards. PO 00000 Frm 00004 Fmt 4700 Sfmt 4700 Issued in Renton, Washington, on June 2, 2017. Michael Kaszycki, Acting Manager, Transport Airplane Directorate, Aircraft Certification Service. [FR Doc. 2017–12280 Filed 6–13–17; 8:45 am] BILLING CODE 4910–13–P DEPARTMENT OF COMMERCE Bureau of Industry and Security 15 CFR Parts 740 and 774 [Docket No. 160217120–7396–02] RIN 0694–AG85 Wassenaar Arrangement 2015 Plenary Agreements Implementation, Removal of Foreign National Review Requirements, and Information Security Updates; Corrections Bureau of Industry and Security, Commerce. ACTION: Correcting amendments. AGENCY: The Bureau of Industry and Security (BIS) maintains, as part of its Export Administration Regulations (EAR), the Commerce Control List (CCL), which identifies certain items subject to Department of Commerce jurisdiction. This rule corrects citations, replaces text that was inadvertently removed, and corrects other errors associated with the ‘‘Wassenaar Arrangement 2015 Plenary Agreements Implementation, Removal of Foreign National Review Requirements, and Information Security Updates’’ final rule published on September 20, 2016 (WA15 rule). DATES: This rule is effective: June 14, 2017. SUMMARY: For general questions contact Sharron Cook, Office of Exporter Services, Bureau of Industry and Security, U.S. Department of Commerce at 202–482 2440 or by email: Sharron.Cook@bis.doc.gov. For technical questions contact: Office of National Security and Technology Transfer Controls, Information Technology Control Division, Aaron Amundson at 202–482– 0707. SUPPLEMENTARY INFORMATION: FOR FURTHER INFORMATION CONTACT: Background On September 20, 2016, BIS published a final rule entitled, ‘‘Wassenaar Arrangement 2015 Plenary Agreements Implementation, Removal of Foreign National Review Requirements, and Information Security Updates’’ (81 FR 64656–64692), (WA15 E:\FR\FM\14JNR1.SGM 14JNR1

Agencies

[Federal Register Volume 82, Number 113 (Wednesday, June 14, 2017)]
[Rules and Regulations]
[Pages 27107-27108]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2017-12280]



[[Page 27107]]

-----------------------------------------------------------------------

DEPARTMENT OF TRANSPORTATION

Federal Aviation Administration

14 CFR Part 25

[Docket No. FAA-2017-0238; Special Conditions No. 25-689-SC]


Special Conditions: Embraer S.A. ERJ 190-300 Airplane; 
Electronic-System Security Protection From Unauthorized External Access

AGENCY: Federal Aviation Administration (FAA), DOT.

ACTION: Final special conditions; request for comments.

-----------------------------------------------------------------------

SUMMARY: These special conditions are issued for the Embraer S.A. 
(Embraer) ERJ 190-300 airplane. This airplane will have a novel or 
unusual design feature when compared to the state of technology 
envisioned in the airworthiness standards for transport-category 
airplanes. These airplanes will have a digital-systems network 
architecture composed of several connected networks that may allow 
access to or by external computer systems and networks, and may result 
in airplane electronic system-security vulnerabilities. The applicable 
airworthiness regulations do not contain adequate or appropriate safety 
standards for this design feature. These special conditions contain the 
additional safety standards that the Administrator considers necessary 
to establish a level of safety equivalent to that established by the 
existing airworthiness standards.

DATES: This action is effective on Embraer on June 14, 2017. We must 
receive your comments by July 31, 2017.

ADDRESSES: Send comments identified by docket number FAA-2017-0238 
using any of the following methods:
     Federal eRegulations Portal: Go to http://www.regulations.gov/and follow the online instructions for sending your 
comments electronically.
     Mail: Send comments to Docket Operations, M-30, U.S. 
Department of Transportation (DOT), 1200 New Jersey Avenue SE., Room 
W12-140, West Building Ground Floor, Washington, DC 20590-0001.
     Hand Delivery or Courier: Take comments to Docket 
Operations in Room W12-140 of the West Building Ground Floor at 1200 
New Jersey Avenue SE., Washington, DC, between 9 a.m. and 5 p.m., 
Monday through Friday, except Federal holidays.
     Fax: Fax comments to Docket Operations at 202-493-2251.
    Privacy: The FAA will post all comments it receives, without 
change, to http://www.regulations.gov/, including any personal 
information the commenter provides. Using the search function of the 
docket Web site, anyone can find and read the electronic form of all 
comments received into any FAA docket, including the name of the 
individual sending the comment (or signing the comment for an 
association, business, labor union, etc.). DOT's complete Privacy Act 
Statement can be found in the Federal Register published on April 11, 
2000 (65 FR 19477-19478), as well as at http://DocketsInfo.dot.gov/ gov/.
    Docket: Background documents or comments received may be read at 
http://www.regulations.gov/ at any time. Follow the online instructions 
for accessing the docket or go to Docket Operations in Room W12-140 of 
the West Building Ground Floor at 1200 New Jersey Avenue SE., 
Washington, DC, between 9 a.m. and 5 p.m., Monday through Friday, 
except Federal holidays.

FOR FURTHER INFORMATION CONTACT: Varun Khanna, FAA, Airplane and Flight 
Crew Interface, ANM-111, Transport Airplane Directorate, Aircraft 
Certification Service, 1601 Lind Avenue SW., Renton, Washington 98057-
3356; telephone 425-227-1298; facsimile 425-227-1320.

SUPPLEMENTARY INFORMATION: The FAA has determined that notice of, and 
opportunity for prior public comment on, these special conditions is 
impracticable because these procedures would significantly delay 
issuance of the design approval and thus delivery of the affected 
airplane.
    In addition, the substance of these special conditions has been 
subject to the public comment process in several prior instances with 
no substantive comments received. The FAA therefore finds that good 
cause exists for making these special conditions effective upon 
publication in the Federal Register.

Comments Invited

    We invite interested people to take part in this rulemaking by 
sending written comments, data, or views. The most helpful comments 
reference a specific portion of the special conditions, explain the 
reason for any recommended change, and include supporting data.
    We will consider all comments we receive by the closing date for 
comments. We may change these special conditions based on the comments 
we receive.

Background

    On September 13, 2013, Embraer applied for an amendment to Type 
Certificate No. A57NM to include the new Model ERJ 190-300 airplane. 
The Model ERJ 190-300 airplane, which is a derivative of the Embraer 
Model ERJ 190-100 STD airplane currently approved under Type 
Certificate No. A57NM, is a 97- to 114-passenger transport-category 
airplane, designed with a new wing with a high aspect ratio and raked 
wingtip, and a new electrical-distribution system. The maximum take-off 
weight is 124,340 lbs (56,400 kg).

Type Certification Basis

    Under the provisions of title 14, Code of Federal Regulations (14 
CFR) 21.101, Embraer must show that the Model ERJ 190-300 airplane 
meets the applicable provisions of the regulations listed in Type 
Certificate No. A57NM, or the applicable regulations in effect on the 
date of application for the change, except for earlier amendments as 
agreed upon by the FAA.
    If the Administrator finds that the applicable airworthiness 
regulations (i.e., 14 CFR part 25) do not contain adequate or 
appropriate safety standards for the Model ERJ 190-300 airplane because 
of a novel or unusual design feature, special conditions are prescribed 
under the provisions of Sec.  21.16.
    Special conditions are initially applicable to the model for which 
they are issued. Should the type certificate for that model be amended 
later to include any other model that incorporates the same novel or 
unusual design feature, or should any other model already included on 
the same type certificate be modified to incorporate the same novel or 
unusual design feature, these special conditions would also apply to 
the other model under Sec.  21.101.
    In addition to the applicable airworthiness regulations and special 
conditions, the Embraer Model ERJ 190-300 airplane must comply with the 
fuel-vent and exhaust-emission requirements of 14 CFR part 34 and the 
noise-certification requirements of 14 CFR part 36.
    The FAA issues special conditions, as defined in 14 CFR 11.19, in 
accordance with Sec.  11.38, and they become part of the type 
certification basis under Sec.  21.101.

Novel or Unusual Design Features

    The Embraer Model ERJ 190-300 airplane will incorporate the 
following novel or unusual design feature:
    A digital-systems network architecture composed of several 
connected networks. This network architecture and network configuration 
will have the capability to allow access

[[Page 27108]]

to or by external network sources, and may be used for or interfaced 
with a diverse set of functions, including:
     Flight-safety-related control, communication, and 
navigation systems (airplane-control domain);
     Operator business and administrative support (operator-
information domain); and
     Passenger information and entertainment systems 
(passenger-entertainment domain)

Discussion

    The Embraer Model ERJ 190-300 airplane's digital-systems network 
architecture is novel or unusual for commercial transport airplanes as 
it allows connection to airplane electronic systems and networks, and 
access from sources external to the airplane (e.g., operator networks, 
wireless devices, Internet connectivity, service-provider satellite 
communications, electronic flight bags, etc.) to the previously 
isolated airplane electronic assets. Airplane electronic assets include 
electronic equipment and systems, instruments, networks, servers, 
software and electronic components, field-loadable software and 
hardware applications, databases, etc. This proposed design may result 
in network security vulnerabilities from intentional or unintentional 
corruption of data and systems required for the safety, operation, and 
maintenance of the airplane.
    The existing regulations and guidance material did not anticipate 
these types of digital-system architectures, nor access to airplane 
systems. Furthermore, 14 CFR part 25, and current system-safety 
assessment policy and techniques, do not address potential security 
vulnerabilities by unauthorized access to airplane data busses and 
servers. Therefore, these special conditions are issued to ensure that 
the security, integrity, and availability of airplane systems are not 
compromised by certain wired or wireless electronic connections between 
airplane data busses and networks.
    These special conditions contain the additional safety standards 
that the Administrator considers necessary to establish a level of 
safety equivalent to that established by the existing airworthiness 
standards.

Applicability

    As discussed above, these special conditions are applicable to the 
Embraer Model ERJ 190-300 airplane. Should Embraer apply at a later 
date for a change to the type certificate to include another model 
incorporating the same novel or unusual design feature, these special 
conditions would apply to that model as well.
    This action affects only a certain novel or unusual design feature 
on one model of airplane. It is not a rule of general applicability.
    The substance of these special conditions has been subject to the 
notice and comment period in several prior instances and has been 
derived without substantive change from those previously issued. It is 
unlikely that prior public comment would result in a significant change 
from the substance contained herein. Therefore, the FAA has determined 
that prior public notice and comment are unnecessary and impracticable, 
and good cause exists for adopting these special conditions upon 
publication in the Federal Register. The FAA is requesting comments to 
allow interested persons to submit views that may not have been 
submitted in response to the prior opportunities for comment described 
above.

List of Subjects in 14 CFR Part 25

    Aircraft, Aviation safety, Reporting and recordkeeping 
requirements.

    The authority citation for these special conditions is as follows:

    Authority:  49 U.S.C. 106(g), 40113, 44701, 44702, 44704.

The Special Conditions

    Accordingly, pursuant to the authority delegated to me by the 
Administrator, the following special conditions are issued as part of 
the type certification basis for electronic system-security protection 
from unauthorized external access on Embraer S.A. Model ERJ 190-300 
airplanes.
    1. The applicant must ensure that the airplane electronic systems 
are protected from access by unauthorized sources external to the 
airplane, including those possibly caused by maintenance activity.
    2. The applicant must ensure that electronic system-security 
threats are identified and assessed, and that effective electronic 
system-security protection strategies are implemented to protect the 
airplane from all adverse impacts on safety, functionality, and 
continued airworthiness.
    3. The applicant must establish appropriate procedures to allow the 
operator to ensure that continued airworthiness of the airplane is 
maintained, including all post-type-certification modifications that 
may have an impact on the approved electronic system-security 
safeguards.

    Issued in Renton, Washington, on June 2, 2017.
Michael Kaszycki,
Acting Manager, Transport Airplane Directorate, Aircraft Certification 
Service.
[FR Doc. 2017-12280 Filed 6-13-17; 8:45 am]
 BILLING CODE 4910-13-P