House and Senate Pass HR 636 - FAA Authorization Bill

On Monday the House adopted a version of HR 636 that substituted new language for that adopted by the Senate in April by a voice vote. The cybersecurity provisions in the Senate language were removed and a new cybersecurity section was added. One of the two unmanned aircraft provisions associated with critical infrastructure facilities was completely re-written and the other remained mainly intact.

Cybersecurity

Section 2111 of the bill would require the FAA to develop “a comprehensive and strategic framework of principles and policies to reduce cybersecurity risks to the national airspace system, civil aviation, and agency information systems”. It would require the FAA’s Aircraft Systems Information Security Protection Working Group (ASISPWG) to identify and address cybersecurity risks associated with aircraft systems {§2111(a)(2)(1)(A)} including:

• To assess cybersecurity risks to aircraft systems;

• To review the extent to which existing rulemaking, policy, and guidance to promote safety also promote aircraft systems information security protection;

• Cybersecurity risks associated with in-flight entertainment systems;

• Whether in-flight entertainment systems can and should be isolated and separate, such as through an air gap, under existing rulemaking, policy, and guidance; and

• To provide appropriate recommendations to the Administrator if separate or additional rulemaking, policy, or guidance is needed to address cybersecurity risks to aircraft systems;

Critical Infrastructure Overflight

Section 2209 is a rewrite of §2154 that was adopted from S 2658. It requires the FAA to establish procedures for critical infrastructure facilities to apply to the FAA “to prohibit or restrict the operation of an unmanned aircraft in close proximity to a fixed site facility” {§2209(a)}. The bill would limit such restrictions to the following types of facilities:

• Critical infrastructure, such as energy production, transmission, and distribution facilities and equipment;

• Oil refineries and chemical facilities;

• Amusement parks; and

• Other locations that warrant such restrictions.

Section 2210 is essentially the same language that was found in Senate bill. It would allow critical infrastructure owners more latitude in their use of drones in inspection and monitoring activities.

Moving Forward

With the July 15^th authorization deadline fast approaching, it appears that the Senate has accepted the House language on HR 636 by a vote of 89 to 4. The bill will go to the President who will certainly sign the bill.