Special Conditions: Embraer S.A. ERJ 190-300 Airplane; Electronic-System Security Protection From Unauthorized External Access, 27107-27108 [2017-12280]

Agencies

• Federal Aviation Administration
• DEPARTMENT OF TRANSPORTATION

[Federal Register Volume 82, Number 113 (Wednesday, June 14, 2017)]
[Rules and Regulations]
[Pages 27107-27108]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2017-12280]



[[Page 27107]]

-----------------------------------------------------------------------

DEPARTMENT OF TRANSPORTATION

Federal Aviation Administration

14 CFR Part 25

[Docket No. FAA-2017-0238; Special Conditions No. 25-689-SC]


Special Conditions: Embraer S.A. ERJ 190-300 Airplane; 
Electronic-System Security Protection From Unauthorized External Access

AGENCY: Federal Aviation Administration (FAA), DOT.

ACTION: Final special conditions; request for comments.

-----------------------------------------------------------------------

SUMMARY: These special conditions are issued for the Embraer S.A. 
(Embraer) ERJ 190-300 airplane. This airplane will have a novel or 
unusual design feature when compared to the state of technology 
envisioned in the airworthiness standards for transport-category 
airplanes. These airplanes will have a digital-systems network 
architecture composed of several connected networks that may allow 
access to or by external computer systems and networks, and may result 
in airplane electronic system-security vulnerabilities. The applicable 
airworthiness regulations do not contain adequate or appropriate safety 
standards for this design feature. These special conditions contain the 
additional safety standards that the Administrator considers necessary 
to establish a level of safety equivalent to that established by the 
existing airworthiness standards.

DATES: This action is effective on Embraer on June 14, 2017. We must 
receive your comments by July 31, 2017.

ADDRESSES: Send comments identified by docket number FAA-2017-0238 
using any of the following methods:
     Federal eRegulations Portal: Go to https://www.regulations.gov/and follow the online instructions for sending your 
comments electronically.
     Mail: Send comments to Docket Operations, M-30, U.S. 
Department of Transportation (DOT), 1200 New Jersey Avenue SE., Room 
W12-140, West Building Ground Floor, Washington, DC 20590-0001.
     Hand Delivery or Courier: Take comments to Docket 
Operations in Room W12-140 of the West Building Ground Floor at 1200 
New Jersey Avenue SE., Washington, DC, between 9 a.m. and 5 p.m., 
Monday through Friday, except Federal holidays.
     Fax: Fax comments to Docket Operations at 202-493-2251.
    Privacy: The FAA will post all comments it receives, without 
change, to https://www.regulations.gov/, including any personal 
information the commenter provides. Using the search function of the 
docket Web site, anyone can find and read the electronic form of all 
comments received into any FAA docket, including the name of the 
individual sending the comment (or signing the comment for an 
association, business, labor union, etc.). DOT's complete Privacy Act 
Statement can be found in the Federal Register published on April 11, 
2000 (65 FR 19477-19478), as well as at https://DocketsInfo.dot.gov/ gov/.
    Docket: Background documents or comments received may be read at 
https://www.regulations.gov/ at any time. Follow the online instructions 
for accessing the docket or go to Docket Operations in Room W12-140 of 
the West Building Ground Floor at 1200 New Jersey Avenue SE., 
Washington, DC, between 9 a.m. and 5 p.m., Monday through Friday, 
except Federal holidays.

FOR FURTHER INFORMATION CONTACT: Varun Khanna, FAA, Airplane and Flight 
Crew Interface, ANM-111, Transport Airplane Directorate, Aircraft 
Certification Service, 1601 Lind Avenue SW., Renton, Washington 98057-
3356; telephone 425-227-1298; facsimile 425-227-1320.

SUPPLEMENTARY INFORMATION: The FAA has determined that notice of, and 
opportunity for prior public comment on, these special conditions is 
impracticable because these procedures would significantly delay 
issuance of the design approval and thus delivery of the affected 
airplane.
    In addition, the substance of these special conditions has been 
subject to the public comment process in several prior instances with 
no substantive comments received. The FAA therefore finds that good 
cause exists for making these special conditions effective upon 
publication in the Federal Register.

Comments Invited

    We invite interested people to take part in this rulemaking by 
sending written comments, data, or views. The most helpful comments 
reference a specific portion of the special conditions, explain the 
reason for any recommended change, and include supporting data.
    We will consider all comments we receive by the closing date for 
comments. We may change these special conditions based on the comments 
we receive.

Background

    On September 13, 2013, Embraer applied for an amendment to Type 
Certificate No. A57NM to include the new Model ERJ 190-300 airplane. 
The Model ERJ 190-300 airplane, which is a derivative of the Embraer 
Model ERJ 190-100 STD airplane currently approved under Type 
Certificate No. A57NM, is a 97- to 114-passenger transport-category 
airplane, designed with a new wing with a high aspect ratio and raked 
wingtip, and a new electrical-distribution system. The maximum take-off 
weight is 124,340 lbs (56,400 kg).

Type Certification Basis

    Under the provisions of title 14, Code of Federal Regulations (14 
CFR) 21.101, Embraer must show that the Model ERJ 190-300 airplane 
meets the applicable provisions of the regulations listed in Type 
Certificate No. A57NM, or the applicable regulations in effect on the 
date of application for the change, except for earlier amendments as 
agreed upon by the FAA.
    If the Administrator finds that the applicable airworthiness 
regulations (i.e., 14 CFR part 25) do not contain adequate or 
appropriate safety standards for the Model ERJ 190-300 airplane because 
of a novel or unusual design feature, special conditions are prescribed 
under the provisions of Sec.  21.16.
    Special conditions are initially applicable to the model for which 
they are issued. Should the type certificate for that model be amended 
later to include any other model that incorporates the same novel or 
unusual design feature, or should any other model already included on 
the same type certificate be modified to incorporate the same novel or 
unusual design feature, these special conditions would also apply to 
the other model under Sec.  21.101.
    In addition to the applicable airworthiness regulations and special 
conditions, the Embraer Model ERJ 190-300 airplane must comply with the 
fuel-vent and exhaust-emission requirements of 14 CFR part 34 and the 
noise-certification requirements of 14 CFR part 36.
    The FAA issues special conditions, as defined in 14 CFR 11.19, in 
accordance with Sec.  11.38, and they become part of the type 
certification basis under Sec.  21.101.

Novel or Unusual Design Features

    The Embraer Model ERJ 190-300 airplane will incorporate the 
following novel or unusual design feature:
    A digital-systems network architecture composed of several 
connected networks. This network architecture and network configuration 
will have the capability to allow access

[[Page 27108]]

to or by external network sources, and may be used for or interfaced 
with a diverse set of functions, including:
     Flight-safety-related control, communication, and 
navigation systems (airplane-control domain);
     Operator business and administrative support (operator-
information domain); and
     Passenger information and entertainment systems 
(passenger-entertainment domain)

Discussion

    The Embraer Model ERJ 190-300 airplane's digital-systems network 
architecture is novel or unusual for commercial transport airplanes as 
it allows connection to airplane electronic systems and networks, and 
access from sources external to the airplane (e.g., operator networks, 
wireless devices, Internet connectivity, service-provider satellite 
communications, electronic flight bags, etc.) to the previously 
isolated airplane electronic assets. Airplane electronic assets include 
electronic equipment and systems, instruments, networks, servers, 
software and electronic components, field-loadable software and 
hardware applications, databases, etc. This proposed design may result 
in network security vulnerabilities from intentional or unintentional 
corruption of data and systems required for the safety, operation, and 
maintenance of the airplane.
    The existing regulations and guidance material did not anticipate 
these types of digital-system architectures, nor access to airplane 
systems. Furthermore, 14 CFR part 25, and current system-safety 
assessment policy and techniques, do not address potential security 
vulnerabilities by unauthorized access to airplane data busses and 
servers. Therefore, these special conditions are issued to ensure that 
the security, integrity, and availability of airplane systems are not 
compromised by certain wired or wireless electronic connections between 
airplane data busses and networks.
    These special conditions contain the additional safety standards 
that the Administrator considers necessary to establish a level of 
safety equivalent to that established by the existing airworthiness 
standards.

Applicability

    As discussed above, these special conditions are applicable to the 
Embraer Model ERJ 190-300 airplane. Should Embraer apply at a later 
date for a change to the type certificate to include another model 
incorporating the same novel or unusual design feature, these special 
conditions would apply to that model as well.
    This action affects only a certain novel or unusual design feature 
on one model of airplane. It is not a rule of general applicability.
    The substance of these special conditions has been subject to the 
notice and comment period in several prior instances and has been 
derived without substantive change from those previously issued. It is 
unlikely that prior public comment would result in a significant change 
from the substance contained herein. Therefore, the FAA has determined 
that prior public notice and comment are unnecessary and impracticable, 
and good cause exists for adopting these special conditions upon 
publication in the Federal Register. The FAA is requesting comments to 
allow interested persons to submit views that may not have been 
submitted in response to the prior opportunities for comment described 
above.

List of Subjects in 14 CFR Part 25

    Aircraft, Aviation safety, Reporting and recordkeeping 
requirements.

    The authority citation for these special conditions is as follows:

    Authority:  49 U.S.C. 106(g), 40113, 44701, 44702, 44704.

The Special Conditions

    Accordingly, pursuant to the authority delegated to me by the 
Administrator, the following special conditions are issued as part of 
the type certification basis for electronic system-security protection 
from unauthorized external access on Embraer S.A. Model ERJ 190-300 
airplanes.
    1. The applicant must ensure that the airplane electronic systems 
are protected from access by unauthorized sources external to the 
airplane, including those possibly caused by maintenance activity.
    2. The applicant must ensure that electronic system-security 
threats are identified and assessed, and that effective electronic 
system-security protection strategies are implemented to protect the 
airplane from all adverse impacts on safety, functionality, and 
continued airworthiness.
    3. The applicant must establish appropriate procedures to allow the 
operator to ensure that continued airworthiness of the airplane is 
maintained, including all post-type-certification modifications that 
may have an impact on the approved electronic system-security 
safeguards.

    Issued in Renton, Washington, on June 2, 2017.
Michael Kaszycki,
Acting Manager, Transport Airplane Directorate, Aircraft Certification 
Service.
[FR Doc. 2017-12280 Filed 6-13-17; 8:45 am]
 BILLING CODE 4910-13-P