Saturday, December 23, 2017

UAV Certification - Issues and Global Scenario

1.                  UAS and their Use

Unmanned Aircraft Systems (UAS) has become a major support for defense services both in war as well as during peace time. The UAS consists of the unmanned aircraft and the associated ground operational control and support system. The military UAS finds extreme useful application in both intelligence gathering as well as arms dropping in hostile areas where manned aircraft deployment is considered dangerous. A concept of military operation of UAV is shown in figure - 1. The military UAVs are normally operated in segregated air space (military airspace) and thus do not confront with civil aviation. Military UAV being state aircraft are self-certified by the military themselves and their operational safety is governed by the defense aviation safety plan (DASP) formulated by each countries defense organization.

                                             Figure - 1: Concept of Military UAV Operation  

In civil sectors also, UAS is gaining momentum to dominate in the surveillance, emergency or quick and urgent air transportation as well as homeland security. UAS is a broad term applicable to UAV, RPV as well as common name ‘drones’. Drones have become very attractive with great usefulness and additionally supported by low cost, low risk and off the shelf availability.

2. ICAO and Civil Aviation
Post World War, realizing the great potential of air transportation for transferring people and cargo over long distances at short time, US government invited 55 countries to participate for a discussion at Chicago in 1944. The International Civil Aviation Organisation (ICAO) was formed by 55 countries who met in Chicago in 1944 to promote international air transportation. ICAO was formed to promote international air navigation and to foster planning & development of international air transportation. Today ICAO has 197 member states.
ICAO was officially formed on 04 April 1947. The Chicago convention adopted a preamble, 96 articles and 18 Annexures. These articles form the basis of International Air Law and the annexures define International Standards and Recommended Practices (ISRP). Airworthiness Document No. 9670, ICAO was released for manned aircraft.
There are two prerequisites for the introduction of an airworthiness regulatory system for all member countries of ICAO (Refer: Airworthiness Doc 9670, ICAO)
  a)  The provision in the basic law of the state for a code of airworthiness regulations and the promulgation thereof, and
b)  The establishment of an appropriate State Entity with the necessary authority to ensure compliance with the regulations, known as Civil Aviation Authority (CAA).

This authority (like DGCA in India) only can issue certification and permission for flight operations.

2.1 ICAO Circular 328 for Unmanned Aircraft System
The unmanned aircraft system are in use for several decades in many countries. However, looking at the potential growth and possibility of flying of manned and unmanned aircraft in the national airspace in very near future, ICAO at its 37 General Assembly meeting in 2010 addressed regulatory issues on UAS and proposed a circular on Unmanned Aircraft System.
This circular was approved and released in 2011 as ICAO Cir 328/AN/190/2011. The circular Based on Chicago Convention and uses the same standards as manned aircraft. All ICAO annexures are made applicable to UAS.
It was felt that a Remotely Piloted Aircraft System (RPAS) may be considered to consist of an unmanned aircraft and a set of additional configurable elements of following items:
ü  associated remote pilot station(s)
ü  command-control links
ü  software
ü  health monitoring
ü  ATC communications equipment
ü  a flight termination system
ü  launch and recovery elements
ü  RPAS operations: in ATS airspace subject to authorization
ü  Segregated airspace established by AIP (Aeronautical Information Publication) and /or NOTAM (Notice to Air Men) issued by Civil Aviation Authority of the country
            Comments from member States on this circular, particularly with respect to its application and usefulness, would be used to finalise the operational procedures.

2.2  Regulatory Issues with UAV
Regularity issues to be considered while permitting UAV operation in National Air Space (NAS) require to address following points:
a)    Safety and Security of the UAS
b)    Issues of Co-lateral Damage
c)    Airworthiness, Continued Airworthiness and Environments
d)    Operations, Maintenance and Licensing of UAV
e)    Air Traffic Management (ATM)

3.  Library Congress Study - 2016
            To harmonize rules of drone operation presently existing in 12 countries (Asia and Europe) and the European Union Commission and make proposal to integrate rules for all drones, following issues were surveyed:

      Regulations of drones based on weights
      Agency of Implementation of Regulation (CAA or others)
      UAS Registration and Labelling
      Flight authorisation procedure
      UAS operators qualification
      Operational requirements
      Real time supervision system and UAS cloud
The survey produced wide variations in the approach adopted in these countries.

4. Existing Regulations in some Countries
4.1 FAA Task Force Recommendation Nov 2015
FAA Aviation Rulemaking Committee made mandatory for small UAV owner (AUW from 250 gms to 25 Kg) be registered with effect from 21 Dec 2015 if the UAV is to fly in NAS (National Air Space). The UAV owner will be given a unique identification mark and all UAVs owned by him should display his identification mark on the UAV while flying.
The UAV need not be certified, however the flyer/owner must be registered and thereby obey operating rule under VFR (visual flight rules) condition. The concept is to prevent small & model Aircraft as well as UAV flying not to endanger NAS.
                   
Federal Aviation Administration FAA Part 107 issued on 21 Jun 2016 gives
operation limitations. Further on 18 Dec 2107 at the request of U.S. national security andlaw enforcement agencies, the FAA using its existing authority under Title 14 of Code of Federal Regulations has restricted drone flights up to 400 feet within the lateral boundaries of the DOE (Department of Energy) installation sites.

4.2 EASA Civil Drone Regulation
a) Categories and Proposal
1)     Low Risk (Open) – Requires no prior authorization for operation
2)     Medium Risk (Specific) – Requires authorization from competent authority (based on risk mitigation plan)
3)     High Risk (Certified) – Requires certification; Both UA and RP need to be approved by CA for operation
b) Regulation Release
      Prototype Regulation was published in August 2016.
      Public Consultation Period expires on 15 Sep 2017
      Final regulations will be submitted to EU (European Union) by the end of 2017.

4.3 Air Transport Circular UAS – DGCA, India
            Draft UAS Regulatory Circular issued by Directorate General of Civil Aviation, (DGCA), Government of India on 21.04.2016
a) UAS Classification
          Mini            < 2 Kg
          Micro          : 2- 20 Kg
          Small         : 20 – 150 Kg
          Large         : > 150 Kg

a)    UIN (Unique Identification  Number)
1)     All Unmanned Aircraft  will require UIN
2)     UA Operator permitted to fly > 200 ft, in Temporarily  Segregated Area
3)     Validity of UA Operational permit 2 years
4)     Sale/disposal of UAS with UIN must be informed to DGCA
5)     Other than micro UAV, all UAV RP (Remote Pilot) should have license
6)     UAS to be maintained as per manufacturer approved procedure
7)     Operator shall inform local Administration, ATS (Air Traffic Service) , BCAS (bureau of Civil Aviation  & Aerodrome office for operation indicating date, time and place.

5. Discussion and Conclusion
 The UAVs are employed in segregated areas at present, but there is a consensus views within the aerospace industry that the time is ripe when both manned and unmanned aerial vehicles will share the common air space. Thus the process of integrating the manned aircraft and UAV in the National Airspace has to be accepted and regulated. Thus, there is a needs to regulate the operation of UAS in one hand and at the same time the UAS themselves have to be certified to be airworthy by regulatory organizations.
On the airworthiness certification front the issues arise are
a)    Design standards to be followed for certification of UAV
b)    Reliability and Robustness of the UAS as well as the ground control stations
c)    Command Control and Guidance in the event of data link failure.
On the regulatory front issues arise are
a)    UAS mission and mission criticality
b)    Air Traffic Management for interoperability of UAS and manned aircraft in common airspace
c)    Collateral damage in the event of UAS failure during flight

Many countries and regulatory bodies like USA, UK, EASA and CASA have formulated the  operational procedure and regulatory control, however they are mostly in the form of notice of proposed amendment of existing manned regulation to include UAS or notice for introduction of new rules of operations for UAS. The finalised rules and regulations ar yet to be released.      

Reference: 
 1) Drone Laws in UK - what are the rules : http://www.telegraph.co.uk
 2) EASA publishes a proposal to operate small drones in Europe_EASA.pdf;  
     https://www.easa.europa.eu/tags/unmanned-aircraft-systems. 
 3) Regulations of Drones: April 2016; The law library of congress; http://www.law.gov.
 4) ICAO Circular 328.

Thursday, December 21, 2017

Neutralization of Unauthorized Drones

1.                  UAS and their Use
Unmanned Aircraft Systems (UAS) has become a major support for defense services both in war as well as during peace time. The UAS consists of the unmanned aircraft and the associated ground operational control and support system. The military UAS finds extreme useful application in both intelligence gathering as well as arms dropping in hostile areas where manned aircraft deployment is considered dangerous. In civil sectors also, UAS is gaining momentum to dominate in the surveillance, emergency or quick and urgent air transportation and homeland security. UAS is a broad term applicable to UAV, RPV as well as common name ‘drones’. Drones have become very attractive for its usefulness and additionally supported by low cost, low risk and off the shelf availability.   

2.                  Unauthorised Use of Drones
However, unauthorized use of drones can pose very serious security threats to states from terrorists and insurgent activists or other organized crime groups. Drones can be used to obtain commercially sensitive information as well as pose great challenge to privacy of general citizen. While, military in the interest of state security and protection can use drones to any extent, unauthorized use of drones have to be prevented. With the maturity of technology, countermeasures or the defense system against illegal and harmful use of drones has to be found out and introduced. State has to enact appropriate legislation to use these countermeasures to avoid proliferations.   

3.                  Hierarchy of Countermeasures
Various countermeasures can be grouped and their hierarchy can be shown by a inverted pyramid as shown in figure -1.
Figure -1: Hierarchy of Counter measures


3.1 Regulatory Counter Measures
At the base of the pyramid, we have the regulatory countermeasures, which will control the design manufacture and sale so as to govern the supply of drones to market and sale to authorized/proper users. This can effected by:
3.1.1 Control Manufacture and Sales
a)      Domestic Manufacture and Sale
b)      Point of sale regulations, identity of buyer, purpose
c)      Regulate purchase and sale of drones above a certain level of capability.
d)     Regulate Manufacturing standards.

3.1.2  Civil Aviation Regulations
a)      Design and airworthiness clearances
b)      Operator (Owner & Remote Pilot) licensing regimes
c)      Operational requirements/restrictions (VFR, IFR etc.)
d)     Geo-fencing (no-fly zones built in to firmware)
e)      ATM/CNS requirements

3.1.3  Procurement and Import Regulations
      In the similar lines of MTCR (control of weight, payload and range of operation).

3.2              Passive Countermeasures
            The unauthorized drones which pass through the regulatory counter measure and finds its place in the hands of unauthorized users may be neutralized by the passive counter measures. The Passive Countermeasure includes:
a) Early Warning (Detection, Identification by use of RADAR, CCTV, and other Advanced Technologies).
b) Use Drone-shield
c) Neutralize by use of various jamming techniques like Signal jamming, GPS Spoofing etc.

3.3   Active Countermeasures
            For the drones which pass through the first two countermeasures and reach the unauthroised operation venue are to be neutralized by active countermeasures by destroying (kill). These may include: 
a)    For those drones who pass through passive measures, are subjected to active countermeasures to Kill
b)   Kinetic Kill (missiles, rockets and bullets)
c)    Laser Defence System to kill.

References: 
1. Assessment of known drones use by non state actors; Published by Remote Control Project January 2015, UK. [http://remotecontrolproject.org]
2. Expanding Anti UAVs Market to counter Drone Technology - Dinakar Peri; CLAWS Journal, Winter 2015.



Thursday, March 23, 2017

ISO 9001: Quality Management System

1. The International Organization for Standardization 
ISO (the International Organization for Standardization) is a worldwide federation of national standards bodies (ISO member bodies). ISO technical body prepares the International Standards. It collaborates closely with the International Electrotechnical Commission (IEC) on all matters of electrotechnical standardization.
ISO 9000 series was released in 1987 (1st edition). It had 4 variants:
ISO 9000: Vocabulary
ISO 9001: Model Quality Assurance with Design and Development and Production
ISO 9002: Model for Quality Assurance in Production, Installation and Servicing, and
ISO 9003: Model for Quality Assurance in final Inspection and Test.

1.1 Revisions of ISO 9000 Series
The ISO 9000 series standards were revised in 1994 (2nd edition) retaining the similar structure i.e. ISO 9001:1994 – Manufacturing with Design & Development; ISO 9002:1994 – Production and Installation (No Design) and ISO 9003: 1994 – Final inspection and test.
However the 3rd revision i.e. ISO 9001: 2000, “Quality Management Systems – Requirements”, prepared by Technical Committee ISO/TC 176 ’Quality Management and Quality Assurance, Subcommittee SC 2, Quality Systems’ saw a major change. This replaced the three standard into one (ISO 9001: 2000) along with change in title. In this standard, the term ‘quality assurance’ is no longer used. The revision allowed exceptions to design and development procedures if a company does in fact not engage in the creation of new products, as well as introducing a few concepts. This version of the standard adopted:
a)     Process Approach replacing an inspection mentality.
b)    A focus on Management Commitment instead of only relying upon quality personnel.
c)    Performance metrics
d)    Continual Improvement 
e)    Customer Satisfaction

The fourth edition is ISO 9001: 2008. The clause wise there is no change between ISO 2000 and 2008. ISO 9001 is made applicable to any industry including software companies.
No new requirement included and some requirements were clarified or improved for clarity. It also made better alignment with ISO 14001:2004.
The fifth edition in 2015 cancels and replaces the fourth edition (ISO 9001:2008), which has been technically revised, through the adoption of a revised clause sequence and the adaptation of the revised quality management principles and of new concepts. It also cancels and replaces the Technical Corrigendum ISO 9001:2008/Cor.1:2009 issued on 29.07.2009 (which replaces the correlation between ISO 9001: 2000 and ISO 14001: 1996 by correlation matrix between ISO 9001: 2008 and ISO 14001:2004)

2. ISO 9001 Standards
ISO 9001 is the world’s most popular and commonly used standard for quality management systems across all industry. A standard is not a law, but an agreement or best practice that an organisation can apply voluntarily. A standard reflects a good level of professionalism. A quality management system is a tool with which an organisation can determine how it can meet the requirements of its customers and the other interested parties that are involved in its activities.
By conforming to ISO 9001 quality management system, a company can show that:
a)    The organization provides products and services of consistent quality;
b)    The organization provides products and services that meet the customer’s requirements, comply with the law and legislation, and meet the organisation’s own requirements
c)   The organization can streamline its business processes and continuously improve them.
Further, ISO 9001 helps the organization to increase customer satisfaction and improve its image by showing that the organization complies with internationally recognized quality standards. This is often a requirement for customers and suppliers to do business in many national and international domain.

2.1  Quality Management Principles of ISO 9001
ISO 9001:2000 as well as 9001:2008 are based on 8 quality management principles as shown below. ISO 9000 describes each principles as:
a)    Principle 1: Customer Focus – Organisations depend on their customers, therefore it should understand current and future customer needs, should meet customer requirements and strive to exceed customer expectations.
b)    Principle 2: Leadership – Leaders must establish unity of purpose and set direction the organisation should take.
c)    Principle 3: Involvement of people – Full involvement of people at all levels.
d)    Principle 4: Process approach – Process approach to manage activities and related resources. 
e)    Principle 5: System approach to management – Interrelated processes make a system. Organisation must use a system approach to manage interrelated processes.
f)     Principle 6: Continual improvement – Organisations must make a permanent commitment to continually improve their overall performance.
g)    Principle 7: Factual approach to decision making – Organisations must base decisions on the analysis of factual information and data.  
h)   Principle 8: Mutually beneficial supplier relationships – Organisations and its suppliers are independent and a mutually beneficial relationship between both will enhance their values.

Only a fully responsive QMS will include the totality of the eight principles and offer the organization the maximum return against these principles. However, this potential for enhanced marketability, productivity, and profitability is dependent upon the supplier’s desire to fully comply with the Standard, write the documented system in a user-friendly manner for a very wide range of readers, make a total management commitment to this effort, and establish a QMS that can be maintained in a cost effective manner.

The goal is to improve organizational effectiveness, not just get certified. Most importantly, a unified, strategic, business-and-quality policy signals to all employees that the main purpose of the ISO 9000 certification is to improve the effectiveness of the operation, not just achieve certification.

2.1.1 Quality Management Principles of ISO 9001:2015
The most recent ISO 9001:2015 standard is constructed around seven quality management principles:
1. Customer focus;
2. Leadership;
3. Engagement of people;
4. Process approach;
5. Improvement;
6. Evidence-based decision making;
7. Relationship management.
ISO 9001:2015 describes for each part which requirements your products, services and organisation have to meet in order to enjoy the above benefits.

2.2 Process Approach
The ISO 9001 adopts a process approach the effectiveness of a quality management system to enhance customer satisfaction by meeting customer requirements. A process is defined as any interrelated activity or activities through which a given set of inputs can be converted to a useful output of product or service. The output of one process can be input to a subsequent process.
The application of process approach in a quality management system enables:
a)    Understanding and consistency in meeting requirements;
b)    The consideration of processes in terms of added value;
c)    The achievement of effective process performance;
d)    Improvement of processes based on evaluation of data and information.

A functional representation of any process approach is shown in figure -1.



Figure 1 — Schematic representation of the elements of a single process

For an organisation to function effectively, it has to determine and manage numerous linked activities interrelated processes and their management to produce the desired results could be referred to as ‘process approach’.

2.3 PDCA Cycle
The process approach involves the systematic definition and management of processes, and their interactions, so as to achieve the intended results in accordance with the quality policy and strategic direction of the organization. Management of the processes and the system as a whole can be achieved using the PDCA cycle (Deming Circle) with an overall focus on risk-based thinking aimed at taking advantage of opportunities and preventing undesirable results.
The PDCA cycle or Deming's circle has four stages as

1.    Plan – Establish the objectives of the system and its processes, and the resources needed to deliver results in accordance with customer’s requirements and the organisations policies and identify and address risks and opportunities.
2.    Do – Try the plan on a test basis
    3. Check – Evaluate the plan to see if it works.
    4.  Act – Permanently implement the plan.

The PDCA Cycle of ISO 9001:2015 is shown in figure -2.  


  (Figures in the bracket indicates the applicable clause numbers as per ISO 9001:2015)
Fig. - 2: PDCA Cycle as Per ISO 9001: 2015

2.4 Risk Based Approach
The concept of risk-based thinking has been implicit in ISO 9001:2008 through requirements for planning, review and improvement. ISO 9001:2015 on the other hand specifies the organization to understand its context (clause 4.1) and determine associated risks and opportunities and make these as the basis for planning (see clause 6.1). This represents the application of risk-based thinking to planning and implementing the QMS processes (see clause 4.4). This will also assist in determining the extent of documented information. 
The risk-based thinking applied in this version has enabled some reduction in prescriptive requirements and their replacement by performance-based requirements. There is greater flexibility than in ISO 9001:2008 in the requirements for processes, documented information and organizational responsibilities.
One of the key purposes of a QMS is to act as a preventive tool. Consequently, the 2015 version does not have a separate clause or sub-clause on preventive action. The concept of preventive action is expressed through the use of risk-based thinking in formulating QMS requirements.
Although clause 6.1 specifies that the organization shall plan actions to address risks, there is no requirement for formal methods for risk management or a documented risk management process. Organizations can decide whether or not to develop a more extensive risk management methodology than is required by this International Standard, e.g. through the application of other guidance or standards.

3.          ISO 9001:2015 CLAUSES

3.1 Clause 1: Scope

3.2 Clause 2: Normative References
     ISO 9000:2015: QMS – Fundamentals and Vocabulary.

3.3 Clause 3: Terms and Definitions
     The terms and Definition given in ISO 9000:2015 apply.

3.4. Clause 4: Context of the Organisation
1)    Understand your organization and its unique context.
2)    Clarify the needs and expectations of interested parties (Customers, supplier and competitors).
3)    Define the scope of your quality management system – Scope and Boundaries may be defined in Quality Manual. Also define other documentations.
4)    Develop a QMS and establish documented information – Establish processes required, documentation and records.

1)  Provide leadership – main focus on quality and customers. Top management shall provide leadership by focusing on Quality and Customer.
2)  Provide leadership by establishing appropriate Quality Policy & implementing it.
3)  Provide leadership by defining and assign QMS roles and responsibilities and authorities and communicate.

1)  Define actions to manage risks and address opportunities – Consider risk and opportunities while developing QMS. Plan how to address risks and opportunities.
2)  Set quality objectives and develop plans to achieve them – Establish quality objectives for all relevant areas and develop plans to achieve objectives and evaluate results.
3)  Plan the procedure for changes (when required) to QMS and evaluate the impact of change.

1)  Provide Resources - Support your QMS by providing necessary resources (internal/ external, people, infrastructure, environment and monitoring & measuring resources). Necessary traceability records for M&M to be provided. Organization shall determine and provide knowledge to facilitate process operation. 
2)  Competence - Support your QMS by ensuring that people are competent. Determine competency requirement, evaluate and train if necessary. Keep records.
3)  Awareness - Support your QMS by explaining people quality policy, quality objectives and requirement of QMS and how people can help the QMS.
4)  Communication - Support your QMS by managing your communications (how to handle internal/external communication).
5)  Documented Information - Support your QMS by controlling documented information. Determine the documented information that your QMS needs. Manage the creation and revision of documented information. Control how retained documented information (records) be protected from unintended alterations.

3.8 Clause 8: Operations
1)  Operational Planning and Control - Develop, implement, and control your operational processes (internal as well as external/outsourced).
2)  Requirements for Product and Services - Determine and document product and service requirements.
3)  Design and Development - Establish a process to design and develop products and services. This will include D&D planning, determination of inputs, Control of D&D process, D&D outputs are adequate for subsequent process. The organization shall review and control of D&D Changes and retain documented information for D&D outputs.  .
4)  Monitor and control external processes, products, and services (Purchase) - Confirm that external products and services meet requirements. For this develop controls for externally provided products and services. Discuss your organization’s requirements with external providers.
5)  Production and Service - Manage and control production and service provision activities. Establish controls for production and service provision, identify your outputs and control their unique identity (traceability). Protect property owned by customers and external providers. Preserve outputs during production and service provision. Clarify and comply with all post-delivery requirements. Control changes for production and service provision.
6)  Release of Product & Services - Implement arrangements to control product through verification at appropriate stages. Release of product and services to customer to be done only after all planned arrangements have appropriately been met.
7)  Control nonconforming outputs and document actions taken - Identify outputs that do not conform to their requirements. Take actions so that nonconforming product does not reach customer. If rectified, check that rectification meets requirements. Retain documented information.

3.9. Clause 9: Performance Evaluation
1) Monitor, measure, analyze, and evaluate QMS performance – Plan how and what to monitor. Find out how well customer needs and expectations are being met. Evaluate QMS performance, effectiveness, conformity, and satisfaction.
2) Internal Audit - Use internal audits to examine conformance and performance. Audit your quality management system at planned intervals.
3) Management Review - Carry out management reviews and document your results. Management review input to be so decided that the review output brings opportunities for improvements, resources needed and if any change in QMS is desirable.

1) Determine improvement opportunities and make improvements – The improvements can include correction, corrective action, continual improvement, breakthrough change, innovation and reorganization.
2) Nonconformities and corrective Actions - Control nonconformities and address causes and consequences. Document your nonconformities and the actions that are taken. Update risk and opportunities determined during planning if necessary.

3) Continual Improvements - Enhance the suitability, adequacy, and effectiveness of your QMS.