[Senate Hearing 116-570]
[From the U.S. Government Publishing Office]
S. Hrg. 116-570
DRONE SECURITY: ENHANCING INNOVATION
AND MITIGATING SUPPLY CHAIN RISKS
=======================================================================
HEARING
before the
SUBCOMMITTEE ON SECURITY
of the
COMMITTEE ON COMMERCE,
SCIENCE, AND TRANSPORTATION
UNITED STATES SENATE
ONE HUNDRED SIXTEENTH CONGRESS
FIRST SESSION
__________
JUNE 18, 2019
__________
Printed for the use of the Committee on Commerce, Science, and
Transportation
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
Available online: http://www.govinfo.gov
_________
U.S. GOVERNMENT PUBLISHING OFFICE
52-607 PDF WASHINGTON : 2023
SENATE COMMITTEE ON COMMERCE, SCIENCE, AND TRANSPORTATION
ONE HUNDRED SIXTEENTH CONGRESS
FIRST SESSION
ROGER WICKER, Mississippi, Chairman
JOHN THUNE, South Dakota MARIA CANTWELL, Washington,
ROY BLUNT, Missouri Ranking
TED CRUZ, Texas AMY KLOBUCHAR, Minnesota
DEB FISCHER, Nebraska RICHARD BLUMENTHAL, Connecticut
JERRY MORAN, Kansas BRIAN SCHATZ, Hawaii
DAN SULLIVAN, Alaska EDWARD MARKEY, Massachusetts
CORY GARDNER, Colorado TOM UDALL, New Mexico
MARSHA BLACKBURN, Tennessee GARY PETERS, Michigan
SHELLEY MOORE CAPITO, West Virginia TAMMY BALDWIN, Wisconsin
MIKE LEE, Utah TAMMY DUCKWORTH, Illinois
RON JOHNSON, Wisconsin JON TESTER, Montana
TODD YOUNG, Indiana KYRSTEN SINEMA, Arizona
RICK SCOTT, Florida JACKY ROSEN, Nevada
John Keast, Staff Director
Crystal Tully, Deputy Staff Director
Steven Wall, General Counsel
Kim Lipsky, Democratic Staff Director
Chris Day, Democratic Deputy Staff Director
Renae Black, Senior Counsel
------
SUBCOMMITTEE ON SECURITY
DAN SULLIVAN, Alaska, Chairman EDWARD MARKEY, Massachusetts,
ROY BLUNT, Missouri Ranking
TED CRUZ, Texas, AMY KLOBUCHAR, Minnesota
DEB FISCHER, Nebraska RICHARD BLUMENTHAL, Connecticut
MARSHA BLACKBURN, Tennessee BRIAN SCHATZ, Hawaii
MIKE LEE, Utah TOM UDALL, New Mexico
RON JOHNSON, Wisconsin TAMMY DUCKWORTH, Illinois
TODD YOUNG, Indiana KYRSTEN SINEMA, Arizona
RICK SCOTT, Florida JACKY ROSEN, Nevada
C O N T E N T S
----------
Page
Hearing held on June 18, 2019.................................... 1
Statement of Senator Sullivan.................................... 1
Prepared statement........................................... 1
Statement of Senator Markey...................................... 3
Statement of Senator Scott....................................... 44
Statement of Senator Lee......................................... 52
Statement of Senator Sinema...................................... 54
Statement of Senator Blumenthal.................................. 56
Witnesses
Angela H. Stubblefield, Deputy Associate Administrator, Office of
Security and Hazardous Materials, Federal Aviation
Administration................................................. 4
Prepared statement........................................... 6
Dr. Catherine F. Cahill, Director, Alaska Center for UAS
Integration, Geophysical Institute, Unniversity of Alaska
Fairbanks...................................................... 11
Prepared statement........................................... 13
Brian Wynne, President and Chief Executive Officer, Association
for Unmanned Vehicle Systems International..................... 15
Prepared statement........................................... 17
Harry Wingo, Faculty, College of Information and Cyberspace,
National Defense University.................................... 20
Prepared statement........................................... 21
Harold H. Shaw, Chief Security Officer, Massachusetts Port
Authority...................................................... 38
Prepared statement........................................... 40
Appendix
Letter dated June 18, 2019 to Hon. Dan Sullivan and Hon. Edward
Markey from Marc Rotenberg, EPIC President; Jeramie Scott, EPIC
Senior Counsel; and Caitriona Fitzgerald, EPIC Policy Director. 65
American Fuel & Petrochemical Manufacturers, prepared statement.. 66
Response to written questions submitted to Angela H. Stubblefield
by:
Hon. Dan Sullivan............................................ 67
Hon. Deb Fischer............................................. 68
Hon. Todd Young.............................................. 69
Hon. Amy Klobuchar........................................... 70
Hon. Tammy Duckworth......................................... 71
Response to written questions submitted to Dr. Catherine F.
Cahill by:
Hon. Todd Young.............................................. 75
Hon. Tammy Duckworth......................................... 77
Response to written questions submitted to Brian Wynne by:
Hon. Todd Young.............................................. 86
Hon. Tammy Duckworth......................................... 87
Response to written questions submitted to Harry Wingo by:
Hon. Todd Young.............................................. 89
Hon. Tammy Duckworth......................................... 90
Response to written questions submitted to Harold H. Shaw by:
Hon. Todd Young.............................................. 91
Hon. Tammy Duckworth......................................... 92
DRONE SECURITY: ENHANCING INNOVATION AND MITIGATING SUPPLY CHAIN RISKS
----------
TUESDAY, JUNE 18, 2019
U.S. Senate,
Subcommittee on Security,
Committee on Commerce, Science, and Transportation,
Washington, DC.
The Subcommittee met, pursuant to notice, at 2:25 p.m. in
room SD-562, Dirksen Senate Office Building, Hon. Dan Sullivan,
Chairman of the Subcommittee, presiding.
Present: Senators Sullivan [presiding], Lee, Scott, Markey,
Blumenthal, and Sinema.
OPENING STATEMENT OF HON. DAN SULLIVAN,
U.S. SENATOR FROM ALASKA
Senator Sullivan. Good afternoon. This subcommittee hearing
on Security as part of the broader Commerce Committee will now
come to order.
I want to thank our witnesses for being here and I want to
thank you in advance for a little bit of a juggling that we're
going to be doing. There are several votes that we're now in
the middle of and we're trying to keep them to 10 minutes. So
we're going to try and do a little port starboard activity here
between the Chairman and Ranking if we have to. We might have
to briefly recess if both of us are going down there to vote
but we don't want to take away from the importance of this
important subcommittee hearing.
So I'm going to truncate in the issue of time my opening
statement, which I will submit the written opening statement
for the record, without objection.
[The prepared statement of Senator Sullivan follows:]
Prepared Statement of Hon. Dan Sullivan, U.S. Senator from Alaska
Good afternoon.
Unmanned Aircraft Systems (UAS)--commonly referred to as
``drones''--have the potential to provide huge societal benefits.
Whether its delivering goods and services with precision and ease,
transporting key medical supplies to remote areas, inspecting hard to
reach critical infrastructure, or enhancing the capabilities of our
first responders, drones can make these often times dangerous or
mundane tasks safer and more routine.
But like any tool, these systems can also be used for nefarious
purposes, as we've seen with the reported sightings at Newark
International Airport and the Gatwick and Heathrow airport incidents,
and--perhaps more frighteningly--with the weaponization of these
commercial drones on the battlefields of Syria and Yemen.
The proliferation of civilian drones raises security risks,
including the possibility that bad actors could use a drone to carry
out an attack or other economically disruptive activities.
In September 2011, the FBI disrupted a homegrown terrorist plot to
attack the Pentagon and the Capitol with large model aircraft packed
with high explosives. Numerous other safety incidents involving drones
have been reported in the United States and abroad.
In order to realize a future which safely and effectively
integrates drones into the national airspace, a robust and reliable
counter drone--or counter-UAS--framework needs to be in place in order
to protect critical infrastructure, population centers, and personal
and corporate privacy.
The first step in this process is to ensure that federal, State,
and local agencies have the tools they need to execute counter-UAS
operations.
There are multiple legal and regulatory considerations associated
with taking any counter-UAS action. Drones are considered aircraft, and
an attempt to damage a drone or hack into its signals is often legally
equivalent to taking the same action against a manned aircraft.
The Super Bowl earlier this year served to highlight the magnitude
of the challenge faced by law enforcement agencies. The FBI--using
systems provided by the Department of Defense and exercising authority
granted last October in the FAA Reauthorization Act of 2018--dealt with
54 drone incursions in the ``no drone zone'' set up around the stadium.
While FAA has issued general guidance to law enforcement regarding
unlawful drone operations, it is not clear that law enforcement
agencies currently have sufficient training or technical capacity to
respond to this emerging threat.
In addition to attempting to combat illicit drone activity, many of
those same federal, State, and local agencies are employing drone
programs of their own to enhance their operational effectiveness--be it
police, fire, or search and rescue. But the market for small drones is
dominated by Chinese manufacturers--notably DJI Science and Technology
Company which has almost three quarters of the entire global market
share. There are serious and credible security and privacy concerns
with government agencies using these foreign built products.
Recently, DHS circulated a draft internal memo warning against
using Chinese-made drones that may present ``potential risk to an
organization's information'' by containing ``components that can
compromise your data and share your information on a server accessed
beyond the company itself.'' The memo emphasized that users should
study and understand what access the drone system has to networks and
to take precautionary steps such as turning off the device's Internet
connectivity and removing secure digital cards.
In 2017, the U.S. Army issued a guidance directing units to
discontinue the use of DJI products, citing concerns over data security
and cyber vulnerabilities. Also in 2017, Immigration and Customs
Enforcement issued a bulletin alleging that DJI had actively targeted
government and privately owned U.S. entities to collect and exploit
their sensitive data.
It's critical that we enhance and encourage domestic manufacturing
of these drone systems, so that we can fully and safely exploit the
benefits that drones present while not sacrificing security and
privacy. There has been some movement in this space from a handful of
U.S. companies who are creating open source software that can be
coupled more safely with Chinese made hardware--but this is not enough,
we need domestically owned and manufactured hardware and software to
ensure sensitive information is not falling into the hands of our
adversaries.
Today we will be hearing from government, academic, and industry
witnesses to examine the security threats and challenges posed by
drones, and ways to best integrate those systems into the national
airspace safely and effectively.
With that, I want to thank our witnesses for being here today and I
look forward to hearing their thoughts on these issues. I now recognize
the Ranking Member for any opening statement that he may have.
Senator Sullivan. But we are here today to discuss the
issue of unmanned aircraft systems, UASs, or commonly known as
drones, and they have the potential for huge societal benefits,
whether it's safety, whether it's getting to remote areas,
whether it's examining critical infrastructure, but these, like
any important technology, can also be used in a way that
creates challenges or even nefarious opportunities.
We are seeing challenges and problems with regard to drones
as it related to sightings at Newark International Airport, the
Gatwick and Heathrow Airport incidents in London, and so what
this hearing, with our strong witnesses here today, is going to
be looking at is looking at the opportunities but also
addressing some of the challenges that we see with regard to
the overall drone system, how we are working with Federal
agencies, states, localities in making sure that as we look at
these systems, that some of the challenges, particularly it's
becoming a theme, by the way, on this committee with regard to
technologies provided by China, are not used in a way that
undermines American interests, whether national security
interests, privacy interests, or economic security interests of
our citizens.
So with that, I'm going to turn my time over to my Ranking
Member, Senator Markey, so we can again get our witnesses on
record with their statements and then, once the votes are
moving and finished, we will have numerous questions for all of
you.
So Senator Markey.
STATEMENT OF HON. EDWARD MARKEY,
U.S. SENATOR FROM MASSACHUSETTS
Senator Markey. Thank you, Mr. Chairman, very much, and
thank you for this very important hearing.
Let me first welcome Mr. Harold Shaw, the Chief Security
Officer of the Massachusetts Port Authority, to our
subcommittee.
Among many responsibilities, Massport owns and operates the
airports, including Logan Airport in Boston that connects
Massachusetts and New England to the world. Massport epitomizes
professionalism and always puts safety and security first, and
I am pleased, Mr. Shaw, that you are here to represent that
incredible group of professionals.
Today, we only need to look up to see that the future is
already here. Drones are increasingly present in people's
every-day lives and this technology has the potential to
revolutionize the way we live and conduct business.
Imagine a world where drones deliver your packages,
groceries, school supplies directly to your doorstep, where
drones serve as early warning systems platforms, perform search
and rescue missions, and provide critical aid to those in need,
where drones find our missing pets, inspect our critical
infrastructure and even take out our garbage. The possibilities
are actually endless.
Yet, like all technology, there is a Dickensian quality to
drones. It is the best of inventions and the worst of
inventions simultaneously.
So today, we explore the degrading and debasing side of
drones. We must acknowledge that, although drones offer many
benefits, there are also safety and privacy risks that we need
to quickly address.
With more and more drones taking flight every day, the risk
of a drone colliding with a jumbo jet continues to rise. During
December 2018, in an incident at Gatwick in Great Britain,
reports of a drone sighting on the runway led to 33 hours of
disruptive travel.
The BBC reported that a thousand flights were canceled, not
delayed, as planes were grounded and that a 140,000 passengers
were caught up in the chaos.
Drones have similarly been sighted at Logan Airport in
Boston during the past year. Thankfully, travel was not
disrupted, but the economic consequences of drone delays at
airports could be enormous.
More importantly, should a drone like this actually strike
a plane or helicopter, the consequences and loss of life would
be catastrophic and it would change air travel in our country
forever.
We need to be thinking about how to prevent such threats
before tragedy strikes and we must also keep in mind that
airports are not the only danger zone. The sky is an open road
and drones can fly anywhere.
So we thank each of our witnesses for your willingness to
testify here today.
I thank you, Mr. Chairman, for this very important hearing
and look forward to your testimony.
Senator Sullivan. Well, thank you, Senator Markey, and I
want to thank the witnesses.
Again, we have a distinguished panel here. I'm going to
mention each one of you and then we'll begin with opening
statements and again if you can be a little flexible with our
voting, we'll be trying to make this as least disruptive as
possible but we have first, from left to right, Ms. Angela
Stubblefield, who is the Deputy Associate Administrator, Office
of Security and Hazardous Materials from the Federal Aviation
Administration.
Dr. Catherine Cahill. You mentioned one of your
constituents, Senator Markey. She is one of mine. I think
certainly gets the award for traveling the furthest for this
hearing. She's the Director of the Alaska Center for UAS
Integration, Geophysics Institute, at the University of Alaska
Fairbanks. So, Dr. Cahill, a special welcome to you.
Dr. Brian Wynne, who's President and Chief Executive
Officer, Association for Unmanned Vehicle Systems
International.
Dr. Harry Wingo, Faculty, College of Information and
Cyberspace, National Defense University, I also think a Navy
Seal in his background. So we honor your service, Mr. Wingo.
And, finally, Mr. Harold Shaw, Chief Security Officer and
Director of the Corporate Security and Emergency Preparedness
Department at the Massachusetts Port Authority.
Thank you all very much for attending this important
hearing and, Ms. Stubblefield, we'll begin with you.
STATEMENT OF ANGELA H. STUBBLEFIELD,
DEPUTY ASSOCIATE ADMINISTRATOR,
OFFICE OF SECURITY AND HAZARDOUS MATERIALS,
FEDERAL AVIATION ADMINISTRATION
Ms. Stubblefield. Good afternoon, and thank you, Chairman
Sullivan and Ranking Member Markey. I appreciate the
opportunity to speak with you today.
My office at the FAA works to address issues related to UAS
security and counter-UAS policy, including coordinating with
our Federal, state, and local and private sector security and
public safety partners on addressing risks associated with UAS
integration.
Safe and secure integration of UAS into the national
airspace system continues to be a national priority. However,
this cannot be achieved without addressing the risks posed by
the malicious or errant use of UAS.
Today, I would like to discuss how the FAA is working with
our Federal security partners to implement their counter-UAS
authorities and coordinating with law enforcement and critical
infrastructure owners, such as airport sponsors, to address UAS
safety and security risks.
Consistent with our mission to provide the safest, most
efficient airspace system in the world, the FAA has published
new rules to address the expanding operations and capabilities
of UAS, balancing the mitigation of safety and security risks
with the support for technological and operational
advancements.
One of the most important UAS efforts underway at the FAA
is the drafting of a remote identification rule. The ability to
remotely identify the location of UAS operators and connect
them with their aircraft in flight will be a crucial stepping
stone for UAS traffic management, facilitating what we envision
as high-volume safe and secure low-altitude drone operations.
From a security perspective, it will allow the FAA and our
security and law enforcement partners to locate, assess, and,
if necessary, take appropriate action against operators
conducting unauthorized UAS operations.
Trying to counter UAS policy, a critical component of UAS
integration is addressing risks posed by unauthorized drone
operations over certain national security-sensitive facilities,
missions, and assets.
Congress has granted the authority to counter such drone
operations to the Departments of Defense, Energy, Homeland
Security, and Justice. The FAA is closely working with these
agencies to ensure counter-UAS technologies are tested,
evaluated, and deployed in a manner that avoids adverse impacts
to the safety and security of the national airspace system.
With regard to counter-UAS technologies at domestic
airports, several unique challenges in the airport environment
necessitate further testing and technological development to
ensure such capabilities can be safely and effectively
deployed. As directed in the 2018 FAA Reauthorization Act, the
agency is currently planning to test UAS detection and
mitigation systems at several airports.
We also believe other actions, such as education, outreach,
and remote identification requirements, offer an effective and
cost-efficient multifaceted strategy to address many concerns
related to non-compliant UAS operations in and around the
airport environment.
That said, we understand the potential impacts a drone
disruption can cause at an airport. The FAA is engaging with
airport sponsors to assist them in making informed decisions
about deploying UAS detection technology.
The FAA is also closely coordinating with our Federal
security partners on a national Federal response plan through
which Federal counter-UAS authorities and resources can be
rapidly deployed to address a persistent UAS disruption at a
major U.S. airport.
The FAA and our security partners have determined that most
non-compliant UAS operations are likely errant without
malintent.
In addition to public education and outreach, the FAA is
addressing errant operations through inclusion of knowledge
testing for recreational users. However, if an operator is
unwilling or unable to comply with applicable regulations or
deliberately flouting them, the FAA will take action through
our civil enforcement tools, ranging from warning letters to
civil penalties to suspension or revocation of FAA
certifications.
Also, through the Law Enforcement Assistance Program and
Special Event Airspace Security planning, we are providing
support and assistance to law enforcement at the Federal,
state, and local level every day.
Finally, assessment of UAS security and safety necessarily
includes increasing concerns of cyber and data security risks.
Operators must consider what level of protection is
required for the data on their UAS. We strongly recommend that
UAS operators closely review their user licensing agreements
and the data access policies for their drones to ensure that
adequate protections are in place.
Likewise, the FAA is reviewing our agreements with UAS
service suppliers to ensure data transparency, sovereignty and
protection requirements are included.
The FAA continues to work with our Federal and national
security partners to identify and address cyber and data
security threats to aviation in general, including those
specific to UAS.
A robust security framework is critical to advancing the
Administration's goal of the UAS integration. The FAA, security
and law enforcement agencies, and critical infrastructure
owners working together to detect and respond to UAS risks will
enable the United States to continue leading the way in UAS
innovation and offer the safest, most secure, and most
efficient airspace system in the world.
We thank the Committee for your leadership on this issue
and look forward to working with you.
This concludes my statement, and I'm happy to answer your
questions, sir.
[The prepared statement of Ms. Stubblefield follows:]
Prepared Statement of Angela H. Stubblefield, Deputy Associate
Administrator, Office of Security and Hazardous Materials Safety,
Federal Aviation Administration
Chairman Sullivan, Ranking Member Markey, and Members of the
Subcommittee:
Thank you for inviting me to speak with you today. As the Federal
Aviation Administration's (FAA) Deputy Associate Administrator for the
Office of Security and Hazardous Materials Safety, I share the
Associate Administrator's responsibilities for formulating policies and
plans, and directing national programs involving internal security,
intelligence analysis and threat warning, emergency response, and safe
air transportation of dangerous goods. This includes ensuring programs
and operations are coordinated and integrated with the appropriate
external and internal organizations. My office coordinates regularly
with the National Security Council (NSC), the Departments of Defense
(DOD), Homeland Security (DHS), Justice (DOJ), and Energy (DOE), as
well as other security and safety partner agencies at the federal,
state, and local levels, to resolve complex national security, safety,
and crisis-response challenges. My office is helping to coordinate FAA
engagement with stakeholders on Unmanned Aircraft System (UAS) security
issues including UAS detection and Counter-UAS (C-UAS) policy.
UAS technology represents one of the fastest growing sectors in
aviation today. The volume of UAS operations is outpacing manned
aircraft, and there are currently nearly four times as many UAS as
registered manned aircraft. UAS are used every day to inspect
infrastructure, provide emergency response support, survey agriculture,
conduct geological and environmental surveys, and to go places that are
otherwise dangerous for people or other vehicles. Entrepreneurs around
the world are exploring innovative ways to use UAS in their commercial
activities. The need for us to fully integrate this technology into the
National Airspace System (NAS) in a safe, secure, and efficient manner
continues to be a national priority--one in which both the FAA and our
security partners are heavily invested.
UAS technology offers tremendous benefits to our economy and
society, as Congress has recognized, but we must also acknowledge that
potential misuse of this technology poses unique security challenges
that enable bad actors to overcome the traditional ground-based
security measures in place at most sensitive facilities. Today, I would
like to discuss with you the FAA's efforts in support of the safe,
secure, and efficient integration of UAS into the NAS, including the
status of our work with our Federal partners to implement counter-UAS
authorities and coordination efforts with airport sponsors and other
critical infrastructure owners to support their desire to identify and
respond effectively to the safety or security risks that may be posed
by the errant or malicious use of UAS.
Safe and Secure Integration of UAS into the NAS
The FAA's primary mission is to provide the safest, most efficient
airspace system in the world. The FAA uses its statutory authority to
carry out this mission by issuing and enforcing regulations and
standards for the safe operation of aircraft, by developing procedures
to ensure the safe movement of aircraft through the Nation's skies, and
by providing air traffic control and other air navigation services. In
exercising its authority, the FAA also must consider the public's right
of free transit through the navigable airspace. This requires close
coordination to balance the needs of our security partners with the
right of airspace access for both manned and unmanned aircraft.
Consistent with our mission, in 2016, the FAA issued the basic rules
for small UAS operations--14 C.F.R. part 107--which set the global
standard for integration and provided small UAS operators with
unprecedented access to the NAS.
Recently, as part of our effort to address the ever-expanding
universe of UAS operations and capabilities, the FAA together with the
Department's Office of the Secretary published a proposed new rule on
the operation of small UAS over people.\1\ The proposal seeks to
balance the need to mitigate safety risks with supporting technological
and operational advances. The FAA also recently published an advanced
notice of proposed rulemaking seeking public input to identify UAS
safety and security issues and explore ways to mitigate risks UAS may
pose to other aircraft, to people on the ground, or to national
security.\2\ The FAA's security partners have highlighted for us some
of the important security and public safety questions as we work
through these issues. Further, in February 2019, the FAA published an
interim final rule on external marking requirements for small UAS.\3\
The rule requires small unmanned aircraft owners to display their
unique identifier (FAA registration number) on an external surface of
the aircraft. Small unmanned aircraft owners are no longer permitted to
enclose the FAA-issued registration number in a compartment. The FAA
took this action to address concerns expressed by the law enforcement
community and the FAA's interagency security partners regarding the
risk a concealed explosive device poses to first responders who must
open a compartment to attempt to find the small unmanned aircraft's
registration number.
---------------------------------------------------------------------------
\1\ https://www.federalregister.gov/documents/2019/02/13/2019-
00732/operation-of-small-unmanned-aircraft-systems-over-people
\2\ https://www.federalregister.gov/documents/2019/02/13/2019-
00758/safe-and-secure-operations-of-small-unmanned-aircraft-systems
\3\ https://www.federalregister.gov/documents/2019/02/13/2019-
00765/external-marking-requirement-for-small-unmanned-aircraft
---------------------------------------------------------------------------
I would also highlight the work of our joint industry Unmanned
Aircraft Safety Team (UAST), which is taking a data-driven approach to
the analysis of small UAS safety issues and potential mitigation
initiatives. This joint government--industry collaboration is a key
effort by FAA's UAS Integration Office and engages leaders from
government and a wide variety of industry participants.
Going forward, however, perhaps one of the most important UAS
efforts underway at FAA is drafting a remote identification rule. The
ability to remotely identify UAS operators and connect them with a UAS
in flight will be a crucial stepping stone for UAS traffic management
and will facilitate what we envision as high volume, safe, and secure
low-altitude UAS operations. Congress recognized the importance of
remote identification when it enacted the FAA Extension, Safety, and
Security Act of 2016. That Act laid the foundation for the FAA's work
with operators and our security partners to realize the importance of
remote identification and to reach a consensus on how to address it.
More recently, the FAA Reauthorization Act of 2018 provided the FAA
with additional authority to move ahead with work on universal
registration and remote identification--both of which are critical to
the success of commercial UAS operations and safe and secure UAS
integration more broadly.
Remote identification is fundamental to both safety and security of
UAS operations. Remote identification will be necessary for routine
beyond visual line-of-sight operations and operations over people,
package delivery, operations in congested airspace, and for the
continued safe operation of all aircraft in shared airspace. It will
also be foundational for the advancement of automated passenger or
cargo-carrying air transportation--what is often referred to as Urban
Air Mobility. From a security perspective, remote identification is
vital to enabling us to connect a suspect UAS to its control station
location and to identify the registered owner of a suspect UAS. With
universal remote identification, the FAA, our national security
partners, and state and local law enforcement will be better able to
locate and identify a UAS operator, determine if a UAS is being
operated in an unsafe, unauthorized, or criminal manner, and take
appropriate action if necessary. The FAA is committed to establishing
remote identification requirements as quickly as possible.
Congress has recognized that integration of UAS into the NAS will
require dedicated traffic management. In 2016, Congress granted
authority to the National Aeronautics and Space Administration and the
FAA to conduct research and a pilot program for Unmanned Aircraft
Systems Traffic Management (UTM). UTM is essentially a set of concepts
and tools being developed to safely de-conflict and facilitate dense
low-altitude UAS operations. In 2018, Congress provided continued broad
authority for UTM implementation, which will allow the FAA to continue
its important work to balance the needs of all system users and ensure
that UAS are safely and securely integrated into the NAS. DOD, DHS and
other national security partners have joined in the development of UTM
concepts to support their missions. The FAA is already implementing
prototype foundational UTM capabilities such as the Low Altitude
Authorization and Notification Capability (LAANC), which gives UAS
operators the ability to request and receive near real-time response
from the FAA to authorize operators to quickly plan and execute their
flights in controlled airspace.
We are also using our existing airspace authority to address
concerns about unauthorized UAS operations over certain national
security-sensitive Federal facilities. To date, we have restricted UAS
flights over military installations and vessels, sensitive energy
facilities, and iconic landmarks, like the Statue of Liberty, Hoover
Dam, and Mount Rushmore, in the interest of national security. To
ensure the public is aware of these restricted locations, we created on
the FAA website an interactive map and repository of geospatial data
used by UAS Service Suppliers and others, and we have updated our
B4UFLY mobile app to include a warning to users in close proximity to
these sites. This work is also informing our efforts to determine the
most efficient and effective way to implement section 2209 of the FAA
Extension, Safety, and Security Act of 2016, which will establish a
process for critical infrastructure owners to petition the FAA for UAS-
specific flight restrictions over their facilities.
Counter-UAS Authority
Through the Fiscal Year 2017 and 2018 enactments of the annual
National Defense Authorization Act, Congress provided DOD and the DOE
with authority to respond to UAS that pose a threat to designated
facilities and assets. To ensure that C-UAS systems are operated safely
in the NAS, Congress requires close FAA coordination with DOD and DOE
to define what actions constitute a credible threat, develop a concept
of operations for employing C-UAS systems, analyze and mitigate the
spectrum impact of selected systems, and draft notification procedures
and reporting requirements. Pursuant to similar authority contained in
the FAA Reauthorization Act of 2018, DOJ and DHS are also working
closely with the FAA to ensure that UAS detection and mitigation
technologies are tested, evaluated, and deployed in a manner that
minimizes adverse impacts on airspace access, air navigation services,
avionics, and other systems that ensure safe and efficient operations
in the NAS, while also protecting individuals' privacy and civil
liberties.
The FAA's role in supporting our partner agencies' research and
eventual use of C-UAS technologies is to ensure that the safety and
overall efficiency of the NAS is not compromised while facilitating
their security responses. The FAA must be involved in deployment of C-
UAS technology at each fixed location, and for ad hoc and mobile
operations. We must conduct specific, data intensive analyses for each
potential deployment of C-UAS to ensure the concept of operations
balances the need for operator notification, airspace access, and
appropriate airspace safety mitigations with the protective missions of
our security partners. Neither the FAA nor our partner agencies want to
jeopardize aviation safety or interfere with compliant UAS operations.
In order to strike that balance, the FAA will continue working closely
with all of our partner agencies as they deploy C-UAS technology at
sensitive facilities and to cover high-risk operations and assets in
the United States. We worked through many of the toughest aspects of C-
UAS deployment with DOD and DOE and are now sharing these processes and
procedures with DHS and DOJ in order to expedite their implementation.
C-UAS in the Airport Environment
Section 2206 of the FAA Extension Safety, and Security Act of 2016
required the FAA, working with DHS and other relevant Federal agencies,
to evaluate UAS detection technology at airports. From February 2016
through December 2017, the FAA and our partner agencies observed and
assessed UAS detection technologies operating at domestic airports in
Atlantic City, New York City, Denver, and Dallas-Fort Worth. Through
this important work, the FAA learned that the airport environment
presents several unique challenges to the effective use of such
technologies. The technical readiness of the systems, available at the
time, combined with a multitude of other factors, such as geography,
interference, location of the majority of reported unauthorized UAS
sightings, and the cost of deployment and operation, demonstrate that
more testing, evaluation, technology development, and sensor
integration is required for effective use in domestic civil airport
environments.
In view of these results, the FAA believes other actions, such as
education and outreach in the local community, as well as
implementation of remote identification requirements, offer effective
and cost-efficient options to address many of the concerns related to
non-compliant UAS operations on and around airports and air traffic
patterns. That said, with the December 2018 protracted UAS disruption
at Gatwick Airport, and other disruptions at airports around the world
and in the United States, we understand and share the concerns of
airport sponsors and our security partners regarding the potential
safety hazards and security threats presented by errant or malicious
UAS in the airport environment. A number of airport sponsors have
acquired or are pursuing possible acquisition of UAS detection systems
for their airports. In an effort to make sure such activity is
conducted in a safe and coordinated manner, in early May, the FAA sent
informational correspondence to airport sponsors, which included
information to support informed airport decision-making regarding the
potential issues surrounding the demonstration or installation of UAS
detection systems at airports (including the legal uncertainties posed
by certain UAS detection systems), answers to some frequently asked
questions, and technical considerations that the FAA has used to assess
the readiness of UAS detection technologies.\4\ The FAA wants to
coordinate with airports that plan to use UAS detection systems to
ensure deployment and use does not create interference or obstruction
with aviation safety and efficiency systems at the airport.
---------------------------------------------------------------------------
\4\ https://www.faa.gov/airports/airport_safety/media/Updated-
Information-UAS-Detection-Countermeasures-Technology-Airports-
20190507.pdf
---------------------------------------------------------------------------
Another serious consideration is the quality and timeliness of data
provided from privately developed and purchased detection systems. Poor
quality information could lead to a reaction that is more detrimental
than the errant UAS itself. Such information could cause a significant
distraction to air traffic control and create unnecessary delays.
Detection systems would be a tool for airports to determine if there is
in fact a UAS in their airspace. That detection is the first step in
determining whether a UAS poses a threat. This underscores the
importance of implementing remote identification. Remote identification
will provide critical information to help determine the errant UAS
operator's intent. In addition, it is imperative that airports develop
and coordinate risk-based operational response plans with relevant
airport stakeholders, including the FAA, the Transportation Security
Administration, and airport law enforcement, to ensure safety hazards
or disproportionate efficiency impacts are not created when attempting
to respond to a potential security risk.
In the FAA's May communication with airport sponsors, the Agency
also reiterated its objection to the use of UAS mitigation systems by
any public or private sector entity outside the four Federal
Departments that have been provided statutory authority for C-UAS.
Given the impacts many UAS mitigation technologies can have on the
safety and efficiency of manned aircraft operations, compliant unmanned
aircraft, and the provision of air navigation services, the FAA does
not currently endorse the general use of any UAS mitigation technology
on or around an airport. The use of mitigation technology could
introduce more disruption and safety risk than the suspect UAS
operation, the very thing its use is intended to counter.
However, given the events in Gatwick, there is no doubt about the
significant operational and economic impacts a persistent UAS
disruption can have in the airport environment and the need to be able
to not only detect, identify, and track a disruptive UAS but also to be
able to take action to end the disruption. The FAA along with our
Federal security partners have formulated a concept of operations
(CONOPS) for a National Federal Response plan through which current
Federal C-UAS authorities and existing Federal C-UAS equipment can be
rapidly projected into a major U.S. airport experiencing a persistent
operational disruption due to an unauthorized UAS operation. This
CONOPS has been socialized with airport and airline associations and
should be finalized for implementation soon.
While there are a number of UAS detection and mitigation
technologies in the marketplace, relatively limited testing and
evaluation of these systems has been conducted at airports and in other
domestic civil environments due in large part to legal constraints. The
efficacy of their performance and the collateral impacts of their use
have not been documented sufficiently to provide confidence in their
purchase or use. The 2018 FAA Reauthorization Act directed the FAA to
undertake several pilot program activities related to testing and
evaluation of UAS detection and mitigation technology, including at
airports (Section 383) and to support safety enforcement (Section 372).
In addition, the FAA was directed to establish standards for the use of
C-UAS systems and to develop a plan for permitting, authorizing, or
allowing the use of such systems in the NAS (Section 383). The Agency
is currently developing plans and milestones for these efforts.
Enforcement
The interagency work to address the security challenges presented
by UAS appropriately has been focused on the risks presented by
criminal operations. To date, however, the FAA and our security
partners assess that a preponderance of the non-compliant UAS
operations that have occurred are likely errant with no malicious
intent. These errant operations present a safety concern, which the FAA
is addressing in a number of ways. First, public education and outreach
are key to reducing these incidents. Efforts such as the ``Know Before
You Fly'' information campaign and the small UAS registration process
serve as opportunities to help UAS operators understand the rules and
responsibilities for flying an aircraft in the NAS. The Agency is also
working to implement the requirements of Section 349 of the 2018 FAA
Reauthorization Act, which, among other things, provided the FAA with
authority to require knowledge testing of recreational users. Section
349 also requires recreational flyers to receive authorization from the
FAA to fly in controlled airspace and provides better clarity on
authorized operations. In the future, the FAA anticipates opening the
LAANC system to recreational pilots to allow users the ability to
efficiently request and receive authorization to operate in controlled
airspace.
That said, if an operator is unwilling or unable to comply with
applicable regulations, or is deliberately flouting the regulations,
the FAA will not hesitate to take enforcement action. We have a range
of civil enforcement tools available to address a violation of Federal
regulations--from warning letters to civil penalties, and, in the case
of an FAA certificate holder, suspension or revocation of that
certificate. Civil penalties range from a maximum per violation penalty
of $1,466 for individual operators to $32,666 for large companies.
Congress also gave the FAA authority to assess civil penalties of up to
$20,408 for interfering with law enforcement, first responders, or
wildfire fighting operations. The FAA may take enforcement action
against anyone who conducts an unauthorized UAS operation or who
operates a UAS in a way that endangers the safety of the NAS. Since the
promulgation of 14 CFR part 107 (August 2016), the FAA has initiated
more than 35 legal enforcement actions for unauthorized UAS operations
The FAA also supports criminal investigation and enforcement
actions by federal, state, local, tribal and territorial law
enforcement agencies through its Law Enforcement Assistance Program
(LEAP) and as part of its airspace security planning for sensitive
events such as this year's Super Bowl. LEAP special agents and the
FAA's operations security personnel engage in extensive outreach and
education efforts that include providing guidance on the FAA's website
to assist the law enforcement community in responding to UAS incidents
and hosting monthly UAS information webinars. Law enforcement officials
are often in the best position to detect and deter unsafe and
unauthorized UAS operations, and we rely heavily on their reports to
provide us with actionable information concerning these incidents.
Accordingly, the FAA works closely with these agencies to develop and
implement airspace security plans to protect sensitive events, provide
them with investigative support and information, as well as to provide
a communications link where these law enforcement agencies can pass
along reports and receive assistance in a timely manner.
Cyber and Data Security Risks
While security risks posed by the malicious use of UAS are usually
the focus of our discussions with critical infrastructure owners and
security partners, increasingly there are concerns about threats to the
safe and secure use of UAS due to cyber and data security risks. The
FAA considers cyber and data security risks and mitigations in every
aspect of our mission, including as they apply to aircraft
certification and systems as well as to protection of our own air
navigation services infrastructure. As FAA does with manned aviation,
the Agency takes a risk based approach regarding system and data
protection for UAS. While UAS are aircraft, they are also like so many
highly computerized devices we use in our professional and personal
lives. They can collect data and connect to the Internet where
information systems and data can be vulnerable to misuse if they are
not adequately protected. UAS operators, like computer users, need to
be aware of what data is on their systems and consider what level of
protection is required. The FAA strongly recommends that UAS operators
read the user licensing agreements for their UAS and consider whether
the data access, sharing, and protection policies the manufacturer has
in place are adequate or whether their data sensitivity necessitates
additional protection from disclosure and misuse. The FAA is also
looking at agreements the Agency has with non-federal UAS service
suppliers to ensure data transparency, sovereignty, and protection
requirements are included. Lastly, the FAA continues to work with its
Federal national security partners to identify and address cyber and
data security threats to aviation generally, including those
specifically related to UAS.
Conclusion
A robust security framework is critical to advancing the
Administration's goal to fully integrate UAS into the NAS. By enabling
Federal security and Federal law enforcement agencies to detect and
mitigate UAS threats and risks posed by errant or malicious UAS
operations, and by working with operators to develop the technology to
help minimize the risks posed by UAS, the United States will continue
to lead the way in UAS innovation, and offer the safest and most
efficient aviation system in the world. Working together, we are
confident we can balance safety and security with innovation. We thank
the Committee for its leadership on this issue, and we look forward to
working with you as we continue to safely, securely, and efficiently
integrate UAS into the NAS and solidify America's role as the global
leader in aviation.
This concludes my statement. I will be happy to answer your
questions at this time.
Senator Sullivan. Great. Thank you, Ms. Stubblefield.
We're all appreciative that the FAA is focused on this
important issue.
Dr. Cahill, the floor is yours, and again welcome from
Alaska.
STATEMENT OF DR. CATHERINE F. CAHILL, DIRECTOR,
ALASKA CENTER FOR UAS INTEGRATION, GEOPHYSICAL
INSTITUTE, UNIVERSITY OF ALASKA FAIRBANKS
Dr. Cahill. Thank you.
Chairman Sullivan and Ranking Member Markey and Members of
the Subcommittee, my name's Cathy Cahill, and I'm the Director
of the Alaska Center for Unmanned Aircraft Systems Integration,
also known as ACUASI, at the University of Alaska Fairbanks.
I'm an expert in atmospheric aerosols with 33 years'
experience conducting air pollution research, but, more
importantly, for today, I have been working with unmanned
aircraft systems at the University of Alaska Fairbanks, for 13
years.
My testimony is provided to you in my personal capacity as
a private citizen and based on my professional experience. It
does not necessarily represent the views of the University of
Alaska.
So what is the Alaska Center for Unmanned Aircraft Systems
Integration? ACUASI is the University of Alaska's Center of
Excellence for UAS and is one of the top research programs in
the country.
We are unique in that we lead one of the seven FAA UAS test
sites. We are one of the nine UAS integration pilot program
sites, and we happen to be one of the core members of the FAA
Center of Excellence for UAS Research, also known as ASSURE.
We are engaged with the best and the brightest commercial
and government entities on cutting edge UAS technologies, such
as detect and avoid. We are helping the FAA collect and analyze
the data needed to support the safe and secure integration of
UAS into the national airspace system.
We are also educating engineers, scientists, pilots, and
other future UAS users and providers. We're innovators in
research and we are also a target for industrial espionage.
Some universities and commercial entities focus on the
positive aspects of unmanned aircraft technology, including
detect and avoid systems, and payloads, like cameras and gas
sensors. They do not consider the inherent danger or sensitive
aspects of the technology.
The International Traffic and Arms Regulations, ITAR, are
designed to keep military technology from getting into the
wrong hands and they cover many portions of the unmanned
aircraft system technology we use every day.
ACUASI takes these regulations very seriously. However,
because ITAR does not apply to the information related to
general scientific, mathematical, or engineering principles
that are commonly taught in college or in the public domain,
engineering departments teach classes in aerospace engineering
to foreign students that include building UAS and payloads
without consideration of ITAR.
This fact, when combined with the open nature of the
academic setting, leading edge academic research and student
workers, makes universities susceptible for potential
industrial espionage and training in sensitive technologies.
We in our role as a test site, ASSURE core program, IPP
site, are testing detect and avoid technologies. Systems that
provide a UAS or its operator with the ability to locate other
aircraft in the air and either autonomously avoid them or
provide the remote pilot the information needed to avoid them.
This is one of the hottest areas of UAS technology
development because it appears to be one of the solutions that
will directly enable safe UAS operations beyond the visual line
of sight of the pilot-in-command. Therefore, detect and avoid
technologies are being driven by commercial interests and
they're useful for a number of beyond visual line of sight
operations, such as cargo delivery, package delivery,
infrastructure monitoring, host of other missions.
The security challenge with the UAS technology is that it
is the first step of the technology, known as counter-UAS, as
Ms. Stubblefield said. In this case, the use of counter-UAS
technology is limited to DoD, DOE, DOJ, DHS, and FAA to
maintain the highest levels of security and safety, to protect
critical infrastructure in special events, and to fulfill other
security requirements.
It is often classified, but the universities and companies
doing open DAA research often do not consider the implications
of the civilian research which can give bad actors insight into
how to defeat counter-UAS technologies.
Even though we are a leader in testing detect and avoid
technologies, we're not currently testing counter-UAS. It is
illegal for us to do so under Title 18, Title 49, and others of
the U.S. Code of Federal Regulations.
Also, because we are a leader in UAS, we advise many public
entities about what UAS they can use to achieve their goals and
one of our challenges is that almost all the systems available
in the small UAS market are foreign-made.
DoD and DOI have had prohibitions against using these
systems. This makes it very difficult for us to recommend
systems of use for our customers.
We're combating some of these risks by working with small
unmanned aircraft companies through the IPP and other programs
to get them certified as airworthy in the United States. We are
working to address foreign systems by using open source
autopilots instead of the foreign-made systems coming with
them.
Unmanned aircraft have a potential to do amazing things for
safety and to improve quality of life. We also do know that
they can be used for nefarious purposes. So we need to be very
careful that we don't give up the security, intellectual
property, and unmanned aircraft manufacturing capability we
have here in the U.S. during our rush to advance the positive
impacts of UAS technologies at the lowest cost possible.
Thank you. This ends my formal testimony. I'd be happy to
answer any questions you might have.
[The prepared statement of Dr. Cahill follows:]
Prepared Statement of Dr. Catherine F. Cahill, Director, Alaska Center
for Unmanned Aircraft Systems Integration (ACUASI), University of
Alaska Fairbanks (UAF)
Chairman Sullivan, Ranking Member Markey, and Members of the
Subcommittee, my name is Cathy Cahill and I am the Director of the
Alaska Center for Unmanned Aircraft Systems Integration (ACUASI) at the
University of Alaska Fairbanks (UAF). ACUASI is the University of
Alaska's Center of Excellence for UAS and one of the top UAS research
programs in the country. ACUASI is unique in that it has multifaceted
roles as lead of one of the seven FAA designated UAS Test Sites, is one
of the nine UAS Integration Pilot Program (IPP) sites, and is a core
university in the FAA's UAS Center of Excellence (a.k.a. the Alliance
for System Safety of UAS through Research Excellence--ASSURE). As a
result, our team is engaged with the best and brightest commercial and
governmental entities on cutting-edge UAS technologies, helping FAA
collect and analyze the data needed to support the safe integration of
UAS into the National Airspace System (NAS), and educating the
engineers, scientists, pilots and other future UAS users and providers.
Our diverse portfolio and academic standing allow us to demonstrate,
observe, and evaluate the risks associated with UAS use in military and
civil environments. This written testimony is provided to you through
my personal capacity as a private citizen and based on my professional
experience; however, it does not necessarily represent the views of the
University of Alaska.
Counter-UAS (C-UAS) and Detect and Avoid (DAA) technologies are two
of the hottest areas for UAS technology development. C-UAS technology
identifies potentially hazardous, unauthorized UAS and removes them
from the airspace. It is required by DOD, DOE, DHS, DOJ, and the FAA to
maintain the highest levels of safety while protecting critical
infrastructure and special events and fulfilling other security
requirements. DAA technology provides a UAS or its operator with the
ability to spot another aircraft in the air and either autonomously
avoid it or provide the remote pilot the information needed to avoid
it. This technology appears to be one of the technologies that will
enable safe UAS operations beyond visual line of sight of the Pilot in
Command. Both technologies require the ability to detect UAS so that
they can be either mitigated (C-UAS) or moved to avoid other aircraft
(DAA). Remote Identification (Remote ID), the ability of a UAS to
provide identification information to other parties during flight,
could increase both technologies' effectiveness by providing
information about the locations of all authorized UAS in an area,
thereby allowing UAS users to avoid other UAS and allowing security
officials to separate authorized UAS from unauthorized UAS. C-UAS and
DAA systems can be based on similar technologies and requirements;
however, the ability to test these systems is dramatically different
due to their nature. Testing C-UAS technologies is limited due to their
potential violation of sections in Title 18 United States Code
including the Pen/Trap Statute, the Wiretap Act, the Aircraft Sabotage
Act, the Computer Fraud and Abuse Act, and others, and in 49 U.S.C.,
under Aircraft Piracy. Additionally, countermeasure technologies are
frequently classified due to their value to national security.
Therefore, the number of companies able to test C-UAS technologies is
limited and requires the participation of one of the entities listed
above to access restricted airspace and deploy the countermeasures. In
contrast, DAA technologies are being driven by a large number of
commercial entities who want to fly beyond visual line of sight for
operations including package delivery, infrastructure monitoring, and a
host of other missions. These technologies are unclassified; however,
many include proprietary information. Even unclassified systems present
risks and may violate Title 18 and other laws. Recent FAA studies and
guidance \1\ show that UAS detection technology deployed at airports
has the potential to interfere with aircraft navigation and the control
of air traffic. The nature of these systems means that many of the
challenges of C-UAS are being solved by commercial entities which could
make them easy for foreign entities to acquire. ACUASI, as a UAS Test
Site, IPP site, ASSURE member, etc., has yet to test countermeasures
because it is not yet legal for us to do so; however, we have direct
experience in testing numerous DAA systems.
---------------------------------------------------------------------------
\1\ https://www.faa.gov/airports/airport_safety/media/Updated-
Information-UAS-Detection-Countermeasures-Technology-Airports-
20190507.pdf
---------------------------------------------------------------------------
Unmanned aircraft systems, including their payloads such as
infrared cameras, gas detectors, or other instruments carried by the
aircraft, are targets for industrial espionage. Some universities and
commercial entities focus on the positive impacts of the technology and
do not consider the inherent danger or sensitive aspects of the
technology. This, when combined with the nature of academic settings,
leading-edge academic research, and student workers, makes universities
susceptible to industrial espionage and the training of foreign assets
in otherwise protected technologies if precautions are not taken. The
ACUASI team takes International Traffic in Arms Regulations (ITAR)
seriously; we have specially keyed offices, ITAR signage, U.S.
citizenship/Permanent Resident requirements, and other security
measures in place to protect ITAR controlled aircraft, payloads, and
software. Going beyond what's required by law, we've had the FBI train
our team in recognizing and preventing industrial espionage. These
precautions, on occasion, conflict with academia's tradition of
encouraging openness on campus. Because ITAR does not apply to
information related to general scientific, mathematical or engineering
principles that are commonly taught in college or information in the
public domain, engineering departments teach classes in aerospace
engineering to foreign students that include building UAS and payloads
without consideration of ITAR. Many faculty I have spoken with do not
realize that some of the Forward-Looking Infrared (FLIR) cameras used
in academic research laboratories or in remote sensing classes are
actually ITAR controlled and that allowing foreign students to take
them apart, program them, etc. could violate ITAR. This makes
universities susceptible for industrial espionage and training in
sensitive technologies.
ACUASI works with and advises many public entities about UAS uses
and capabilities. One of our challenges is that several of these
entities, such as DOD and DOI, have had a prohibition against using
foreign-made UAS due to security concerns related to data being sent to
other countries. For example, DJI, the Chinese company that dominates
the small, commercial UAS market, is the most cost-effective system
available for many uses, including law enforcement, but data from DJI
UAS was automatically being sent back to the manufacturer in China. DJI
claims they now have new settings that the user can use to prevent that
from happening. Given the recent reports about Chinese companies being
required to provide intelligence to their government upon request, we
at ACUASI are hesitant to use any DJI system for any important research
or approved flights over critical infrastructure. I confess we fly a
small DJI system for public relations footage because it is quiet and
produces good quality video, but we take actions to ensure the system
is unable to communicate when not in use. The dominance of foreign
products in the small UAS realm limits the number of potential U.S.-
built platforms we can recommend to our partners and many are cost-
prohibitive. ACUASI has partnered with U.S.-based small UAS companies,
such as Skyfront, and we are working with them to get their aircraft
FAA type certified, meaning designated by the FAA as airworthy, so they
will have a competitive advantage over foreign, non-type certified UAS.
This effort is being conducted under the IPP. Another way we are
working to address the potential security risk of foreign made systems
is to modify foreign built systems to operate using an open-source
autopilot. For example, we have a DJI S-1000 frame, but it is not
running DJI software. Some good news on the viability of the U.S. UAS
market is that in the large UAS arena, U.S. manufacturers are producing
highly competitive products. ACUASI is moving towards larger, U.S.-
built UAS, like our Griffon Aerospace Outlaw SeaHunter, built in
Madison, Alabama, to meet industry needs for cargo delivery, long-
distance infrastructure monitoring, and other larger-scale UAS uses of
special importance to Alaska and other remote areas of the U.S.
Unmanned aircraft systems have a tremendous potential to increase
aviation safety by doing the dirty, dull, and dangerous flights that
currently put pilots at risk, improve cargo delivery to remote areas,
deliver packages quickly, effectively and economically; provide broad-
band communications to remote areas, improve maritime domain awareness,
facilitate search and rescue, assist law enforcement, monitor
infrastructure, and a host of other positive use cases. However, it has
been demonstrated that UAS can also be used to disrupt airports,
commerce and transportation, support terrorism, and conduct other
nefarious acts. The U.S. needs to ensure that it does not give up
security, intellectual property, and UAS manufacturing capacity during
this rush to advance the positive aspects of UAS technologies at the
lowest cost possible. Our ability to innovate sets the U.S. UAS
industry apart from other countries' UAS industries and the U.S. must
protect the resulting technology if it wants to continue as a world
leader in UAS while maintaining aviation safety and security.
This ends my prepared statement and I would be happy to answer any
questions you might have.
About Dr. Cahill:
Dr. Catherine F. Cahill is the Director of the Alaska Center for
Unmanned Aircraft Systems Integration (ACUASI) and a Full Professor of
Atmospheric Chemistry at the University of Alaska Fairbanks (UAF). Her
educational background includes earning degrees in Applied Physics
(B.S.) and Atmospheric Sciences (M.S. and Ph.D.) and researching trans-
Atlantic aerosol transport during a Fulbright Fellowship to Ireland for
her Postdoc. For many years, her research focused on the sources,
transport, transformation, and impacts of atmospheric aerosols,
including the effects of atmospheric aerosols on the Warfighter in Iraq
and Afghanistan and the long-range transport of pollution from China
into the Arctic. To understand the altitudes at which pollution crosses
the Pacific Ocean, Cathy needed to make vertical measurements of
aerosols in the atmosphere. In 2006, this need led her to start
designing aerosol samplers for unmanned aircraft. After a 2014-2015
sabbatical to Washington D.C. in which she served as a Congressional
Fellow to the U.S. Senate Committee on Energy and Natural Resources,
Cathy returned to UAF and became the Director of ACUASI.
Senator Sullivan. Great. Thank you, Dr. Cahill.
And next, we'll have Mr. Wynne.
STATEMENT OF BRIAN WYNNE, PRESIDENT AND CHIEF
EXECUTIVE OFFICER, ASSOCIATION FOR UNMANNED
VEHICLE SYSTEMS INTERNATIONAL
Mr. Wynne. Chairman Sullivan, thank you very much for the
opportunity to participate in today's hearing.
I'm speaking on behalf of the Association for Unmanned
Vehicle Systems International, the leading voice of unmanned
systems and robotics for more than 40 years, including unmanned
aircraft systems also known as UAS or drones.
The United States UAS market has become stronger and more
robust since the FAA implemented the small UAS rule. It is the
largest national market in the world for UAS and likely to
remain so for the foreseeable future.
According to the ABSI unmanned systems and robotics data
base, the United States has developed more unique UAS platforms
than any other country, nearly twice as many as the second
largest UAS-producing country.
It also has more than triple the number of manufacturers in
comparison, with 44 states having at least one UAS
manufacturer.
Thousands of businesses, small and large, are using UAS.
Over 1.4 million drones have been registered with the FAA,
greater than 400,000 of which are registered for commercial
operations.
While the vast majority follow the appropriate FAA rules,
occasionally bad actors threaten to undermine our great
progress. Careless and clueless operators can pose safety risks
and paint responsible legal drone operations in a negative
light while criminal behavior can jeopardize the security of
our airspace.
It's vital our regulatory framework evolve to address these
potential security challenges and ensure policy solutions are
put in place to detect, identify, track, and mitigate errant
drones.
Congress took a positive step when it granted some
countermeasure authorities to the Departments of Homeland
Security, Justice, Defense, and Energy. Congress has also
mandated the FAA create a process through which state and local
government entities can petition the agency to prohibit or
restrict drone operations in close proximity to critical
infrastructure or other fixed site facilities.
More needs to be done, but it's critical we approach the
security challenges from an overall airspace management
perspective rather than focusing solely on how to interdict an
errant drone.
First, we need to develop a holistic framework for
detecting, tracking, identifying, and mitigating drones.
Second, we need to secure UAS command and control connections
and the data UAS collect. Finally, we need to put in place
well-defined procedures for how to respond to potential
security threats, including clarity about who has the authority
to engage.
A critical component to all of this is remote
identification. It will provide law enforcement with the means
to identify and subsequently mitigate the careless, clueless,
or potentially criminal operators.
Remote ID is also vital to the realization of a UAS traffic
management system which would work alongside the existing air
traffic control system to reduce barriers to innovation and
improve security, thus security of the national airspace.
Remote ID is also critical for the ultimate realization of
flights over people and beyond line of sight operations. The
UAS industry has been hard at work developing remote ID and
mitigation solutions.
While the FAA is developing the rule that will 1 day codify
remote ID standards, the industry is looking for ways to
voluntarily provide remote ID on a tactical basis for certain
situations.
The industry is also working with government partners, such
as the Department of Interior, to develop data management and
risk mitigation strategies. It is my hope these efforts will
help to accelerate the rulemaking process.
Recent drone incursions at airports highlight the need to
move faster. Once again, industry is developing solutions, such
as electronic countermeasures, that take command and control of
an errant platform. However, a framework to implement these
types of solutions in the U.S. remains in development.
In the interim, we cannot stand idly by. That is why AUVSI
and the Airports Council International, North America, recently
commissioned a blue ribbon task force on UAS mitigation at
airports.
The task force includes a cross-section of stakeholders
representing the airport, UAS and manned aviation communities.
It will provide recommendations to airports and the Federal
Government to refine procedures and provide a policy framework
to address drone incursions.
We are optimistic its findings and recommendations could
serve as a blueprint to inform future conversations about
airspace security at other facilities.
The American UAS market is stronger and more robust than
any other country. To ensure domestic UAS companies continue to
flourish, we need to accelerate Federal rulemaking and develop
holistic policy solutions that give us the framework we need to
keep the skies secure.
Thank you very much. I look forward to questions from the
Committee.
[The prepared statement of Mr. Wynne follows:]
Prepared Statement Of Brian Wynne, President and Chief Executive
Officer, Association for Unmanned Vehicle Systems International
Chairman Sullivan, Ranking Member Markey, and members of the
subcommittee, thank you very much for the opportunity to participate in
today's hearing. I'm speaking on behalf of the Association for Unmanned
Vehicle Systems International, the world's largest non-profit
organization devoted exclusively to advancing the unmanned systems and
robotics community. AUVSI has been the voice of unmanned systems in all
domains for more than 40 years, including unmanned aircraft systems
(UAS).
On August 29, 2016, the FAA implemented the small UAS rule, also
known as Part 107. The rule was the result of years of collaboration
between government and industry that established a flexible, risk-based
approach to regulating UAS. This new regulatory framework helped reduce
many barriers to low-risk civil and commercial UAS operations, allowing
businesses and innovators to harness the tremendous potential of UAS
and unlock the many economic and societal benefits the technology
offers.
Since Part 107 was implemented, the demand for UAS has grown
exponentially and the United States UAS market has become stronger and
more robust. It is the largest national market in the world for UAS and
likely to remain so for the foreseeable future. According to the AUVSI
Unmanned Systems and Robotics Database, which documents the
introduction of UAS as well as unmanned systems in other domains, the
United States has developed more unique UAS platforms than any other
country; and nearly twice as many as the second-largest UAS producing
country. It also has more than triple the number of manufacturers in
comparison, with 44 states having at least one UAS manufacturer.
From examining pipelines and newsgathering to helping first
responders conduct search and rescue operations, UAS help save time,
save money and, most importantly, save lives. It is no wonder why
thousands of businesses--small and large--have embraced this
technology, and many more are considering integrating UAS into their
future operations. As of last month, more than 1.4 million drones had
been registered with the FAA, more than 400,000 of which are registered
for commercial operations. While the vast majority of UAS operators
follow the appropriate rules, occasionally bad actors threaten to
undermine the great progress we have made. Careless and clueless
operators can pose safety risks and paint responsible, legal UAS
operations in a negative light, while criminal behavior can jeopardize
the security of our airspace. As the number of UAS in our Nation's
airspace continues to grow, it is vital our regulatory framework around
UAS evolve to address these potential security challenges and ensure
technologies are put in place to detect, identify and mitigate UAS
which may pose a threat.
Congress took a positive step when it granted additional
authorities to the Department of Homeland Security and the Department
of Justice as part of the FAA Reauthorization Act of 2018, including
the authority to deploy appropriate countermeasures against UAS that
threaten security. Congress also gave limited authorities to the
Departments of Defense and Energy in the 2017 National Defense
Authorization Acts. In addition, Section 2209 of the FAA Extension,
Safety and Security Act, which was also adopted in the FAA
Reauthorization Act, created a process through which state and local
government entities can petition the FAA to prohibit or restrict the
operation of a UAS in close proximity to a fixed-site facility, such as
critical infrastructure.
As we consider what more needs to be done, it is critical that we
approach UAS security from an overall airspace management perspective.
That is, we need to address the issue in the context of the complete
solution, rather than focusing solely on how to interdict an errant
drone. We must meet three conditions in order for this approach to be
successful. First, we need to develop a holistic framework for
detecting, tracking, identifying, and mitigating UAS. Second, we need
to secure UAS command and control connections and the data UAS collect.
Finally, we need to put in place well-defined procedures for how to
respond to potential security threats, which includes clarity about who
has the authority to engage.
Let me first discuss detection, tracking and identification (DTI)
technologies as well as mitigation technologies. A critical component
for the future of DTI technologies is remote identification. It will
enhance the security of the national airspace and allow law enforcement
officials to quickly identify, track and apprehend operators acting
carelessly, recklessly, maliciously or illegally. A comprehensive
remote ID system would serve as a firewall of sorts. It would allow
recreational and commercial operators flying in compliance with the
appropriate rules to continue to do so unabated while providing law
enforcement with the means to identify, and subsequently mitigate, the
careless, clueless or potentially criminal operators.
The implementation of a remote identification system would not just
alleviate security concerns; it would also serve as the linchpin needed
to advance the UAS industry beyond what is currently possible. It is
vital for the realization of a UAS Traffic Management (UTM) system,
which would work alongside the existing air traffic control system to
reduce barriers to innovation and improve security of the national
airspace. It is also critical for the ultimate realization of expanded
operations, including flights over people or beyond line of sight. That
will help make operations like package delivery--and even autonomous
air taxi service--a reality in the coming years.
As for mitigation technologies, also known as counter-UAS
technologies, these will provide a way to interdict UAS that may pose a
threat. According to MITRE, there are two primary types of mitigation
technology: electronic, such as jamming the radio frequency or GPS
signal from the UAS; and kinetic, such as capturing the UAS with a net
or use of powerful lasers.
The UAS industry has been hard at work developing remote ID systems
as well as other DTI and mitigation technologies. The FAA, in
collaboration with industry, is developing the rulemaking process that
will one day codify remote ID standards. Meanwhile, industry is
refining those standards and looking for ways to voluntarily provide
remote ID on a tactical basis for certain situations. It is my hope
that these efforts by the industry will help to accelerate the
rulemaking process. What is more, there may be the need to clarify or
expand authorities to deploy appropriate countermeasures against UAS
that are deemed a threat. Currently, UAS mitigation authority is
limited to the Department of Defense, Department of Energy, Department
of Homeland Security and the Department of Justice.
Recent incursions around airports including Gatwick Airport in the
United Kingdom and Newark Liberty International Airport in the United
States demonstrate that more needs to be done and at a faster pace than
the regulatory process allows. If remote identification standards were
in place, the operators responsible for those incidents could have been
identified and tracked within a matter of minutes, mitigating the
safety threat and potentially avoiding disruptive airport closures.
Additionally, authorities could have used electronic countermeasures
that take command and control of an errant platform to help mitigate
the threat. These solutions exist, but here in the United States, the
framework to deploy them remains in development.
In the interim, we cannot stand idly by. That is why AUVSI and the
Airports Council International-North America recently commissioned a
Blue Ribbon Task Force on UAS Mitigation at Airports. The Task Force,
co-chaired by former FAA Administrator Michael Huerta and Los Angeles
World Airports CEO Deborah Flint, is studying the issue of UAS
detection, tracking, identification, and mitigation in and around
airports. The panel includes a cross-section of stakeholders
representing the airport, UAS and manned aviation communities, and will
provide recommendations to airports and the Federal government to
refine procedural practices in response to incursions and provide a
policy framework to address this timely and critical issue. The Task
Force also will consider comments from the public and meet with experts
in government, national security, law enforcement, pilots, air traffic
controllers and airline and airport leadership, to develop and release
initial findings this summer.
While the purview of the Task Force is mitigation around airports,
we are optimistic that its findings and recommendations could serve as
a blueprint to inform future conversations about UAS security at other
facilities, such as national landmarks, stadiums, prisons, military
bases, and other critical infrastructure. As such, we plan to share any
data the Task Force collects with the FAA to ensure that any solutions
we identify will help inform future rulemakings and conversations about
UAS mitigation across the national airspace. We will also make sure the
Task Force's reports are shared with Chairman Sullivan, Ranking Member
Markey, and members of the subcommittee.
The work of the Task Force is separate from, but complementary to,
industry-government partnerships currently underway to develop
effective UAS detection and mitigation solutions. Last year, AUVSI
collected more than 40 white papers on remote identification solutions
from industry stakeholders to help the FAA meet its congressional
directive under the 2016 FAA reauthorization extension to develop
consensus for such standards.
In addition, the Drone Advisory Committee (DAC), a Federal advisory
committee of which I am a member that provides the FAA with advice on
key UAS integration issues, considers remote identification and UAS
mitigation two of its top priorities. We discussed these topics at
length in our meeting earlier this month, and we formed task groups to
delve further into both remote identification and counter-UAS.
Eventually, the DAC will provide consensus-based recommendations to the
FAA to help inform its future rulemakings on these matters.
The FAA's UAS Integration Pilot Program is another important
industry-government partnership. It brings together state, tribal and
municipal governments with UAS industry leaders and academic
institutions to collect data and conduct critical research. Nine
projects across the country, from Alaska to Virginia, are currently
conducting research that will not only help inform the Federal UAS
policy framework for detection and mitigation, but also advance
expanded operations such as flights beyond line of sight and even
package delivery.
Importantly, the UAS Integration Pilot Program allows state and
local entities to provide input without infringing upon the FAA's
sovereignty over the U.S. airspace. Federal authority over the airspace
has been a bedrock principle of aviation law for more than 70 years,
and it is one of the reasons that the U.S. maintains an aviation safety
record that is the envy of the rest of the world. AUVSI has been in
discussions with our government partners responsible for national
security, and we will continue to work with policymakers to ensure that
government agencies have the authority to keep America's skies safe and
secure while maintaining Federal sovereignty over the U.S. airspace.
Security of the Nation's airspace is paramount, but we must also
ensure that the data collected, retained, transmitted or shared after
UAS flights is also secure. In 2015, the National Telecommunications
and Information Administration (NTIA) convened representatives from
government, industry, and civil liberty groups to develop a set of best
practices for UAS privacy, accountability, and transparency to ensure
that UAS operators are flying responsibly. AUVSI participated in this
process, and the resulting best practices include clear guidance for
operators for how best to collect, store and secure data.
The industry is also working with government partners to develop
data management and risk mitigation strategies. For example, since
2015, industry partners have been working collaboratively with the
Department of the Interior (DOI) to define, understand, and address
data management concerns. AUVSI appreciates that the solutions to
challenges should come from those who understand, know, and use
unmanned technologies. DOI has been a leader among the Federal agencies
in the use of UAS, and its work on this subject matches AUVSI's
longstanding principle on cybersecurity calling for industry-driven
consensus security standards, and cautioning against ``[p]rescriptive
regulation or government-imposed requirements.''
Finally, we also cannot ignore the importance of education in
deterring careless, clueless or criminal behavior. The legions of new
UAS operators may not all be aware of the FAA regulations that
determine where they can and cannot fly. AUVSI, the Academy of Model
Aeronautics and the FAA partnered to launch the Know Before You Fly
campaign in December 2014 to provide these new flyers with information
about how to fly safely and in compliance with applicable rules and
guidelines. In fact, the FAA recently issued new guidance for
recreational operators, and new rules for recreational flyers are also
under development. As the regulatory environment evolves, educating
flyers and raising awareness of new requirements can help increase
compliance. Recognizing the continued importance of education, our
organizations also recently signed a new memorandum of agreement that
solidifies our commitment to expanding and improving Know Before You
Fly over the next three years.
Much has been accomplished so far because government and industry
have banded together to advance UAS. We share the same goals--
supporting innovation while at the same time ensuring the security of
the national airspace--which has made for a working relationship that
is defined by both productivity and mutual respect. Thanks in part to
our strong partnerships, the United States UAS market is stronger and
more robust than any other country. To ensure domestic UAS companies
continue to flourish, we need to accelerate the Federal rulemakings.
The security of our airspace is a serious issue that should be
addressed from an overall airspace management perspective. Only by
working together can industry and government develop holistic policy
solutions that give us the framework we need to keep the skies secure
while still allowing the nascent UAS industry to truly take off. Thank
you, again, for the opportunity to speak today. I look forward to
answering any questions the committee might have.
Senator Markey. Next, we're going to hear from Harry Wingo
from the National Defense University. Welcome, sir.
STATEMENT OF HARRY WINGO, FACULTY,
COLLEGE OF INFORMATION AND CYBERSPACE,
NATIONAL DEFENSE UNIVERSITY
Mr. Wingo. Thank you.
Chairman Sullivan, Ranking Member Markey, members of the
Subcommittee, thank you for the opportunity to assist as you
work to build a more secure and prosperous nation.
I teach at the Nation's Cyber War College, the College of
Information and Cyberspace at the National Defense University.
I do not speak today, however, for the Department of Defense.
These views are my own.
I am excited about integrating commercial drones into the
national airspace for many of the reasons you know. This
represents the opportunity to move into the future with what is
essentially an Internet of drones.
The promise for commerce and for prosperity is vast.
Unfortunately, this promise may be marred by an overwhelming
new monopoly by a foreign company, DJI out of China.
The promise of the future will not happen if we do not
address what I call the three Ds of drone supply chain
security: data flows, dual use, and dependency.
By data flows, I mean that American geospatial information
is flown to Chinese data centers at an unprecedented level.
This literally gives a Chinese company a view from above of our
Nation.
DJI says that American data is safe but its use of
proprietary software networks means how would we know? Also, as
a great power competitor, China has access to this rich flow of
information.
Dual use means that the same Internet of drones that will
create jobs and save lives is also well suited to war. The
power and reach of U.S. military drones, big ones, has stopped
terrorists and saved American lives. Now consider how future
drone swarms may be flown to deadly military effect from
thousands of miles away.
America's current de facto by Chinese drone situation may
be helping China to build just that military capability. We
continue to save money by putting everything at risk.
Dependency on China for our aviation future is
unacceptable. We must stop pushing the China easy button over
and over again without vigorously exploring all options to
truly invest in America's drone system.
President Trump this month underscored that point with the
Presidential Memorandum pursuant to Section 303 of the Defense
Production Act. I can't say it better than the President here.
``The domestic production capability for small unmanned
aerial systems is essential to the national defense.''
Let's work together to create American independence in
drones. Here's what Congress should explore. Buy USA or at
least USA assembly. Open source. Drone highways, really skyways
being treated as infrastructure and synchronizing the American
artificial intelligence initiative with these efforts.
USA assembly can help but Buy American is better. Consider
3-D robotics and I've spoken with the CEO, Chris Anderson,
who's pushing efforts for open source. They used to produce
their drones in Mexico, then they had to change that.
Open source can make a difference. It made a difference for
the internet. It can lead to transparency. It can provide an
American more trusted alternative to the closed system that is
brought by the Chinese drone leader DJI and other companies.
Finally, envision drones are second or third. Envision
drones as infrastructure. Let's grow the Internet of drones the
same way we grew the internet. Let's build drone highways or
skyways the same way that President Eisenhower and Congress
built the Interstate Highway System.
These industry 4.0 industries require care and feeding at
this pivotal crossroads where we find ourselves. China is not
only ready and willing to wrestle this away from us, they're
doing so today.
Let's synchronize the Internet of drones with America's AI
initiative and that can be a force of multiplier for startups
and the innovation ecosystem out there for American drones.
Earlier this year, President Trump sounded the alarm on AI,
calling the Nation to compete at a level necessary to match
China's whole of nation commitment to AI dominance.
In summary, overreliance on Chinese drones creates
significant cybersecurity risks. These foreign drones are
exploiting us and putting the very known threats inside our
American businesses and government organizations at risk.
I've brought this to your attention today for the simple
fact. These threats should not and cannot be ignored. America
needs us now, right now.
Thank you.
[The prepared statement of Mr. Wingo follows:]
Prepared Statement of Harry Wingo, Faculty, College of Information
and Cyberspace, National Defense University
Chairman Sullivan, Ranking Member Markey and members of the
Subcommittee, thank you for the opportunity to address the security of
unmanned aircraft systems (UAS, or drones). I am humbled to have the
chance to assist your efforts to build a prosperous and secure Nation.
Fully integrating UAS into the National Airspace System (NAS) can
create new jobs and enhance the quality of life for all Americans. This
promise depends, however, on the security of UAS, including
understanding and managing risks to drone supply chains.
As faculty at the Nation's cyber war college, the National Defense
University's College of Information and Cyberspace, I educate national
security leaders about strategic risk. The views I express today are my
own; I am not speaking for the U.S. Department of Defense. My personal
and academic perspective reflects over 25 years focused on law and
policy issues concerning networked technologies, including roles at
Google, where I helped the CEO, CISO and other leaders to engage
Congress and the White House in the wake of the ``Operation Aurora''
cyber attacks; at the Federal Communications Commission, where I
focused on broadband, spectrum and network security issues; and, for
this Committee, as counsel to the great Senator Ted Stevens, when he
served as Chair. My views also reflect my over six years of active duty
service as a Navy SEAL officer, and my ownership of three small drones.
Accelerating the integration of UAS into commerce must be done with
a focus on supply chain security. Also key, however, is a special kind
of supply chain risk: The U.S. is over-reliant on the Chinese drone
monopoly embodied in SZ DJI Technology Co., Ltd., doing business as
DJI.
While advances in commercial drone technology are many, and
encouraging, I respectfully invite the Subcommittee to examine the
widening gap between China and the United States with respect to the
market share of small drone (less than 55 lbs.) platform manufacturers
like DJI.
Small drones are no small matter.
In 2016, the White House estimated that UAS could spur up to $82
billion in economic growth by 2025 and generate 100,000 jobs.\1\ The
potential for drones to benefit commerce has captured the interest of
many companies and countries around the world. In the race to UAS
dominance, however, China has taken a commanding lead in recent years.
---------------------------------------------------------------------------
\1\ McKevitt, J. (2017, March 23). FAA: Drones will fill the skies
in 2021. Supply Chain Dive. Retrieved from https://
www.supplychaindive.com/news/FAA-commercial-drone-use-delivery-
logistics/438710/.
---------------------------------------------------------------------------
DJI's market share may exceed 70 percent globally, and 80 percent
in the U.S. While hobby drone market share is different than commercial
market share, by any standard, China's leading drone company is
dominating the UAS space. DJI employs 14,000 people, and is based out
of Shenzhen.\2\ Meanwhile, Western drone companies like Parrot SA, a
French company, lag far behind. Others struggle to gain market share,
remain relegated to specific niches, have shut their doors, or have
shifted away from the drone platform market. One UAS innovator, Chris
Anderson, CEO of U.S.-based 3D Robotics, has pivoted from a platform
strategy to one of providing the software and analytics for UAS.\3\
---------------------------------------------------------------------------
\2\ Berlinger, J. (2019, January 21). Chinese drone maker DJI
uncovers fraud that could cost it $150 million. CNN Business. https://
www.cnn.com/2019/01/21/tech/dji-fraud-investigation-china-intl/
index.html.
\3\ See, e.g., Perlman, A. (2016, December 12). 3D Robotics'
Cautionary Tale: Losing The Hardware Game To China and Pivoting To
Software for Survival. UAV Coach. https://uavcoach.com/3d-robotics-
pivots-to-software-for-survival/.
---------------------------------------------------------------------------
While it is important to consider the security of all drones in
commerce, the global dominance of China's small drone platform
manufacturer, DJI, warrants a closer look with respect to its outsized
impact on drone security, but also on the long term viability of U.S.
companies as alternatives here and around the globe. This second aspect
of supply chain risk management is of a special, critical nature: It
presents a National risk, similar to that highlighted by President
Trump in calling out the risk of using 5G equipment from Huawei
(another Chinese company) in U.S. telecommunications networks. Unique
risks arise from DJI's being based in, and operated from, China--a peer
competitor to the United States.\4\
---------------------------------------------------------------------------
\4\ U.S. Department of Defense. (2018). Summary of the 2018
National Defense Strategy of the United States of America: Sharpening
the American Military's Competitive Edge. https://dod.defense.gov/
Portals/1/Documents/pubs/2018-National-Defense-Strategy-Summary.pdf.
---------------------------------------------------------------------------
The Rising Stakes of Drone Supply Chain Risk Management
The FAA has noted that drones are the fastest growing component in
aviation, with more than 350,000 UAS doing things that would be
difficult or dangerous for human beings to do.\5\ Drones are digital
infrastructure, and will play a key role in allowing the safe and
secure integration of unmanned aviation operations, including flights
over people, night operations and beyond visual line of sight
operations. A safe and efficient UAS Traffic Management (UTM) system
means that drone security extends beyond just the individual drones
themselves, but to the connected systems that will include detect-and-
avoid capabilities and permit reliable and secure data links between
Part 107 pilots and unmanned aircraft. Autonomous drone operations,
like land-bound driverless cars and trucks, demand ``baking in''
privacy and security from the design phase.
---------------------------------------------------------------------------
\5\ Federal Aviation Administration. (2019, April 30). Fact Sheet--
The UAS Integration Pilot Program and UAS Traffic Management Pilot
Program. https://www.faa.gov/news/fact_sheets/
news_story.cfm?newsId=23574.
---------------------------------------------------------------------------
A future-oriented, interconnected aviation network that relies on
emerging technology like artificial intelligence (AI) and 5G networks,
will revolutionize commerce. The range of use cases are highlighted by
the FAA's ten drone innovation projects in Fairbanks, Alaska; Reno,
Nevada; San Diego, California; North Dakota; Kansas; Durant, Oklahoma,
with the Choctaw Nation of Oklahoma; Memphis, Tennessee; Lee County,
Florida; North Carolina; and Herndon, Virginia. The projects include
emergency management, agricultural support and infrastructure
inspections.
Supply chain threats vary for UAS, and range from counterfeit parts
to ``back doors'' installed to enable remote control of drones or
otherwise disrupt UAS operations. Physical supply chain threats are
perhaps overshadowed by software supply chain threats, which have
increased as drones routinely connect to off-shore clouds of foreign
companies. Companies routinely reassure customers about security, but
the provision of firmware updates and the data flows from platforms
back to offshore cloud-computing storage facilities can increase risk
to UAS operations. Even if UAS were delivered to customers in
``pristine'' condition, the subsequent back and forth of image
processing and analytics data flows, along with software and firmware
updates, opens a ``front door'' to risk. Images collected in the U.S.
for storage in China, and subject to AI and machine learning, can be
demanded by Chinese authorities without the knowledge of U.S.
customers. How would a U.S. customer know such a request was made?
``Great Power'' Competition and Supply Chain Risk. Beyond the
supply chain security risks that exist for the entire industry, there
is a special class of risk concerning China's dominance of the U.S.
drone market. Unlike other potential threat actors, China poses the
most serious potential threat to U.S. drone security--that of a peer
competitor that clearly intends to dominate the general space in which
drones reside: Global Supremacy in Artificial Intelligence.\6\
---------------------------------------------------------------------------
\6\ See, e.g., Allen, G.C. (2019, February 6). Understanding
China's AI Strategy: Clues to Chinese Strategic Thinking on Artificial
Intelligence and National Security. The Center for a New American
Security. https://www.cnas.org/publications/reports/understanding-
chinas-ai-strategy.
---------------------------------------------------------------------------
In the context of National risk posed by over-reliance on Chinese
drones, I respectfully call the Subcommittee's attention to what I call
the ``Three Ds'' of strategic drone supply chain risk:
1. Data Flows. Reliance on broadband connections to offshore clouds
gives China unprecedented information about U.S. commerce (and
more).
2. Dual Use. China is an important and valued trading partner, but
U.S. leaders are mindful of the (hopefully avoidable) potential
for U.S.-China conflict, beyond competition, where UAS and
other ``Industry 4.0'' technology would provide military
advantage.
3. Dependency. Next-generation drone commerce in the U.S. is
increasingly reliant on a Chinese drone platform monopoly, a
factor that could hinder innovation and economic security.
Data Flows. The information risk from data flowing to China's
autocratic government should concern more than U.S. government
customers. The Pentagon in recent years has shifted from risk
mitigation to risk avoidance when it comes to Chinese drones. The
Pentagon ordered the U.S. military to stop using DJI drones a few years
ago, and the Department of Homeland Security has issued warnings to
their use in areas that impact National Critical Functions.\7\ More
recently, the President issued a memorandum finding that ``the domestic
production capability for small unmanned aerial systems is essential to
national defense.'' \8\
---------------------------------------------------------------------------
\7\ Sobczak, B. (2019, May 21). Feds to energy companies: Beware
drone made in China. E&E News. https://www.eenews.net/stories/
1060369689.
\8\ President Donald J. Trump. (2019, June 10). Memorandum on
Presidential Determination Pursuant to Section 303 of the Defense
Production Act of 1950, as amended. https://www.whitehouse.gov/
presidential-actions/memorandum-presidential-determination-pursuant-
section-303-defense-production-act-1950-amended/.
---------------------------------------------------------------------------
Despite these precautions, the less risk-averse commercial sectors
are embracing Chinese drones, as are State and Local governments who
are choosing to purchase DJI platforms, and to take advantage of the
company's very capable analytics tools and services.\9\ While sharing
information from individual users, or even the data from specific
companies or government units may seem inconsequential, DJI is
compelled by Chinese law to provide information to the Chinese
government. DJI's prowess in applying cutting edge data science to the
growing deluge of data flowing into its cloud compute and storage
assets is always available to the Chinese government. Making this U.S.
information available to China must be considered in the context of
that country's official position on achieving dominance in areas of
disruptive technology like AI and Machine Learning.
---------------------------------------------------------------------------
\9\ See, e.g., Reagan, J. (2018, October 31). Propeller Partners
with DJI to Bolster Drone Analytics and Mapping. Drone Life. https://
dronelife.com/2018/10/31/propeller-partners-with-dji-to-bolster-drone-
analytics-and-mapping/; DJI. (2015, November 11). Commercial Drone Data
Opening Up New Opportunities for Industrial Applications. https://
www.dji.com/newsroom/news/blog-commercial-drone-data-opening-up-new-
opportunities-for-industrial-applications.
---------------------------------------------------------------------------
Dual Use. While it is important to acknowledge that DJI has created
technically compelling technology and services, they continue to do so
with the support of the Chinese government and in the context of great
power competition between the U.S. and China in areas that relate to
national security as much as they do to commerce.
History teaches that economic and national security are closely
linked. The recently celebrated Allied victory on the beaches of
Normandy, and ultimately victory in the World War II, turned on
technological power cultivated first in the field of commercial
innovation. The modest beginnings of Henry Ford's Model T bloomed into
U.S. dominance of the automotive market, which allowed our Nation pivot
to building machines of war. U.S. innovation in electronics and
communications technologies like telephones, radio and television,
eventually supported military radar and the Allied breakthrough at
Bletchley Park, where the private sector, academics and the national
security community united to defeat the Nazis' Enigma machine.
Commercial success led to military success.
As a policy counsel for Google years ago, I had the honor to work
with Vint Cerf, who while at DARPA co-created TCP/IP, a technology that
enabled the Internet. That open protocol built on packet switching, a
networking technology designed to make resilient our Nation's nuclear
strike command and control capabilities. Today, China is aggressively
dedicating national resources to building 5G networks able to increase
Internet of Things (IoT) connections by 10 to 100 times that of current
4G networks, all with an eye towards winning the race to overmatch with
respect to AI-enabled capabilities in UAS and other robotics
technology. While that advantage can be applied to commerce, it also
enhances China's military power.
Dependency. The U.S. has struggled to stem the tide when it comes
to growing or even maintaining its manufacturing capability with
respect to UAS platforms. There are many reasons for this, and the
details might possibly take up an entire hearing. What matters now is
taking a hard look at why and to what extent our Nation is relying on
Chinese drone infrastructure.
The technical capabilities and rapidly evolving features of DJI
drones have led even first-tier U.S. public safety teams like the New
York Police Department to turn to China for UAS platforms. These
choices are being made despite the Pentagon's ban on military use of
DJI, perhaps as a result of the law enforcement community facing
limited funding, a shortage of cybersecurity professionals able to
assess the risk, or simply a willingness to accept a different level of
risk than the U.S. military. Nonetheless, the different positions with
respect to DJI that is being taken by the Nation's first responders
highlights the shortage of alternatives to Chinese drones.
The United States is poised to leverage advances like the FAA's UTM
system and Remote ID for UAS, but the Congress should explore deeply
whether the benefits that will accrue from this might be diminished by
the trailing market share of U.S. companies in the platform market for
UAS. This harsh market reality may loom in related areas like 5G
infrastructure, or even in the AI systems for self-driving cars or
indoor robotics to be used in smart factories, hospitals, hotels and
homes. While China over the past 20 years has played an important role
in global commerce by augmenting the supply chain of U.S. companies,
the glaring gap between U.S. and Chinese companies like DJI in the UAS
platform market should be a wake up call.
Recommendation: Balance Risk Through Enhanced USA-Drone Incentives
I respectfully suggest the following potential areas for further
inquiry, oversight or legislation:
Incentives for Drones as ``Digital infrastructure''. Drones and UAS
are digital infrastructure. Just as President Eisenhower's Interstate
Highway Initiative had long-reaching benefits, an investment in the
next-generation aviation infrastructure that UTM represents warrants
investment tailored to create incentives for the private sector. While
funding concrete and steel for infrastructure projects matter, it is
important to envision the ``drone highways'' of the future and make
sure that we craft the right policies to remove legal and policy
barriers to innovation by U.S. companies, from startups to existing
industry leaders like Amazon, FedEx, UPS, Boeing or Lockheed. Another
company to consider engaging is Uber, who is working with the Army
Research Lab and the University of Texas at Austin to provide ``UAS on
demand'' services.\10\
---------------------------------------------------------------------------
\10\ Miller, S. (2018, August 14). Army Research Lab teams up with
Uber. https://defense
systems.com/articles/2018/08/15/uber-arl-ut-nasa.aspx. (These would be
above the 55 lb. limit for ``small UAS'' in the FAA's 14 C.F.R. Part
107 regulations, of course.).
---------------------------------------------------------------------------
USA Assembly. The recent attention to Huawei in the context of 5G
infrastructure and a U.S.-China ``trade war'' has led many to ask
whether we could sever all ties to China when it comes to high-tech
manufacturing for things like 5G equipment, or in this case, UAS
platforms. The reality is that short of armed conflict with China, it
is unlikely that a radical, across the board decoupling of our micro-
electronics supply chains with China would be possible (or beneficial).
The Chinese are far ahead of the U.S. on chip assembly, even if we
retain an advantage on chip foundries like Intel.\11\ It is worth
exploring whether and how it might be possible to cultivate realistic
alternatives to Chinese assembly of the smart components within UAS. It
is possible that advances in automation and AI-enabled smart factories
might help in this effort. The President's recent memorandum declaring
small UAS essential to national defense highlights a potential area for
leveraging related efforts within the U.S. government to grow our
domestic UAS production capacity.
---------------------------------------------------------------------------
\11\ Wang, B. (2019, February 23). China's Semiconductor Catchup is
Critical to Future Technology Competition. Next Big Future. https://
www.nextbigfuture.com/2019/02/semiconductor-race-and-parity-is-key-to-
global-technological-competition.html.
---------------------------------------------------------------------------
Abruptly disentangling our micro-electronics supply chain
completely from China would be difficult, and (short of outright armed
conflict with China) likely counter-productive. That said, we should
identify and cultivate alternative manufacturing partners, including
particularly those in the Western Hemisphere, Europe and Africa, and in
coordination with our ``Five Eye'' (FVEY) partners (The United Kingdom,
Canada, Australia, and New Zealand) and NATO countries. With respect to
NATO countries, France is of particular interest on UAS since the
Paris-based company Parrot SA is a distant but capable competitor to
DJI in the UAS platform market. Also noteworthy in the NATO context is
the Swiss company Flyability, whose indoor-drones are being used to
inspect U.S. nuclear power facilities. On the homefront, an innovative
leader in AI-enabled drone operations is Shield AI, which has a lidar-
enabled drone capable of flying autonomously through buildings. Based
out of San Diego, Shield AI has 100 employees and is an example of
platform innovation in the small drone space industry.
Open source. The Subcommittee might also explore the role that open
source initiatives like the DroneCode Project might play in providing
more transparency, particularly if U.S. companies continue to purchase
Chinese platforms. Currently, DJI adheres to a proprietary model that
acts to help lock-in its market dominance.\12\
---------------------------------------------------------------------------
\12\ See, e.g., DJI. (2018, October 31). DJI Expands Drone
Ecosystem With New Hardware, Software and Partnerships To Help
Enterprises Gain Aerial Productivity: AirWorks 2018 Bolsters The DJI
Platform For Businesses, Governments, And Others Ready To Do Their Work
Better With Professional Drones. https://www.dji.com/newsroom/news/dji-
expands-drone-ecosystem.
---------------------------------------------------------------------------
While the best result would be a growing and competitive U.S.
market in UAS platforms, incentives to encourage the growth of an open
ecosystem to counter DJI's proprietary system may help. The limitations
of this approach likely include the fact that open protocols work
better when championed by a large player in the market. Consider the
role that Google played in driving the success of Android phones.
Whether open-source models like DroneCode can help to boost the market
share of U.S. drone manufacturers is something worth examining.
Link ``USA Drone'' Incentives to AI Initiatives. President Trump's
Executive Order on Maintaining Leadership in Artificial Intelligence,
issued earlier this year, is a reminder of the high stakes in the AI
race between the U.S. and China.\13\ It is worth reviewing ways that
the Subcommittee might find common ground with other National efforts
related to AI. Integrating UAS into the NAS safely and securely is an
effort that implicates AI and Machine Learning, and finding ways to
leverage related efforts--like accelerating the use of autonomous
vehicles on our Nation's streets and highways--may help to speed the
National use of drones in commerce.
---------------------------------------------------------------------------
\13\ White House. (2019, February 11). Executive Order on
Maintaining Leadership in Artificial Intelligence. https://
www.whitehouse.gov/presidential-actions/executive-order-maintaining-ame
rican-leadership-artificial-intelligence/.
---------------------------------------------------------------------------
Understanding smart cities is one challenge facing the integration
of UAS into the NAS. I have personally researched a different area, but
one that concerns the use of AI and UAS: Using indoor drones to help
save lives during an active shooting.\14\ This scholarship is an
example of the work that I and my colleagues do on behalf of the
Nation, at NDU's the College of Information and Cyberspace.
---------------------------------------------------------------------------
\14\ Wingo, H. (2018). Set Your Drones to Stun: Using Cyber-Secure
Quadcopters to Disrupt Active Shooters. Journal of Information Warfare,
Vol. 17, Iss. 2, p.54-64. https://search.proquest
.com/openview/1ac335453924ced1aca49794f419d958/1?pq-
orgsite=gscholar&cbl=2046421.
---------------------------------------------------------------------------
Conclusion. The alarming lead taken by China in this increasingly
important area of interstate commerce demands purposeful, strategic
action to level set U.S. drone manufacturing with our peer competitor.
The United States is poised to reap the benefits of a next-generation
aviation system that relies more on autonomous systems connected by 5G
networks. This transition may be threatened, however, by continued
dependence on Chinese UAS platforms. The future of American commerce is
at stake.
I look forward to answering any questions you may have, and to
further discussing this or related matters with the Subcommittee.
Again, thank you for the opportunity to testify.
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
Senator Markey. Thank you, Mr. Wingo, very much.
Mr. Shaw, thank you.
STATEMENT OF HAROLD H. SHAW, CHIEF SECURITY OFFICER,
MASSACHUSETTS PORT AUTHORITY
Mr. Shaw. Good afternoon, Chairman Sullivan, Ranking Member
Markey, and Distinguished Members of the Committee.
On behalf of the Massachusetts Port Authority, I would like
to thank you for the opportunity to testify before the
Subcommittee regarding drone security, specifically our
concerns about the proliferation of unmanned aircraft systems,
and the risks posed to aviation safety.
The Massachusetts Port Authority or Massport, as we are
commonly called, is an independent quasi-state entity that
oversees Boston Logan International Airport, Wooster Regional
Airport, Hanscom Field, maritime facilities, and various real
estate holdings.
Our first priority is the safety and security of the
traveling public, our employees, and our neighboring
communities. As the chief security officer, I am responsible
for ensuring our organization is prepared for the threats we
face today and to anticipate the threats of the future.
I am here to testify that the rising incidents of
unauthorized UASs encroaching on airspace reserved for manned
aircraft is a clear and present risk that must be addressed
thoughtfully but urgently.
As Massachusetts Governor Charlie Baker recently
highlighted in a letter to the Acting FAA Administrator, ``The
Commonwealth is privileged to be a hub for high-tech
innovation, including the increased interest in UAS usage, but
it comes with challenges, especially with risks posed by
negligent, reckless, or malicious use.''
At Massport, we strive to utilize all available tools to
create a redundant multi-layered security structure that seeks
to drive down risk and respond to evolving threats.
In recent months, as this committee knows, there have been
incidents at international airports, including London Gatwick
and Newark Liberty, where UAS sightings disrupted operations.
Massachusetts has seen its fair share of incidents, as
well, including one where a recreational UAS violated temporary
flight restriction in a pier over Fenway Park during a Boston
Red Sox game with more than 35,000 spectators.
From January 2018 to March of this year, there were 32 UAS
sightings alone near the three airports that Massport operates.
If we were faced with a prolonged event similar to Gatwick,
then roughly 1,300 aircraft would be impacted. More
importantly, Logan could not serve as a refuge for any aircraft
forced to land because of an in-flight emergency or diverted
for weather.
Each of our 42 airlines would have to cancel or redirect
aircraft across 78 cities within the United States and 57
international destinations, impacting approximately 140,000
passengers all over the world.
Applying U.S. DOT criteria, the overall cost to air
passengers alone could easily reach tens of millions of
dollars. Airline costs of fuel and other operating costs would
increase this loss even more dramatically.
While the FAA has instituted mandatory UAS registrations
and seller specifications for flying near airports and are
educating the public on UAS safety, more needs to be done.
Senator Markey. Mr. Shaw, I apologize to you, but the next
roll call has gone off. So I'm going to have to gavel us to a
brief recess.
Senator Sullivan will arrive in three or four more minutes
and recommence the hearing. I'll make that roll call and then
come back. I apologize to you, but these five roll calls just
absolutely require our mandatory attendance.
So thank you. With that, we're in a brief recess.
[Recess.]
Senator Sullivan. We'll call the hearing back to order.
Mr. Shaw, if you can complete your statement, sir, and then
we'll get to questions.
Mr. Shaw. Yes, Mr. Chairman.
The airport operators, law enforcement, and key
stakeholders need appropriate legal and regulatory guidelines
to provide clear rules of the road, so that in an event we are
required to take proactive actions to identify, track, or even
possibly mitigate the threat, there will be well-defined
expectations and the lines of responsibility.
The efforts needed to address the risks posed, whether
intentional or not, can be grouped in the following three
categories: enforcement, technology, and collaboration and
research.
Enforcement. We support several initiatives in the 2018 FAA
Reauthorization Act, such as making certain UAS flights near
airports are criminal offense and requiring the FAA to develop
strategies to assist local governments responds to UAS threads.
Nevertheless, we strongly appeal to this committee to take
additional steps that will empower state and local partners to
take charge of their own safety.
The Preventing Emergent Threats Act of 2018 authorized some
Federal agencies to take action to intercept and neutralize
UASs that pose a threat to safety. However, they lack the
capability to provide robust and persistent coverage across the
Nation.
Enforcement would also include outreach to the public to
educate and provide clear guidance on what is permissible and
what is prohibited.
Technology. Currently, there is no single commercial system
available to airports that can safely and effectively identify,
track, or neutralize a threatening UAS in domestic airspace.
We commend the FAA's efforts to support research and
development projects and we encourage the FAA to expand
existing pilot programs to identify a solution as soon as
possible. At Massport, we are aggressively reviewing available
technologies that promote better UAS situational awareness.
With that said, the FAA has expressed concern to airports
about deploying new technologies based on safety
considerations. It is current Federal law which has chilled our
efforts to actively test.
Collaboration and research. We support multistate and
Federal agency collaboration, information-sharing, testing,
training, and setting common standards and operating
procedures.
We are achieving this through participation in multiple
working groups as well as our relationship with one of just
seven FAA-designated UAS test sites within the United States.
Finally, the FAA has announced a pilot program for testing
UAS detection systems at five yet-to-be-chosen airports. As the
FAA continues to work on UAS integration, Governor Baker and
Massport has asked Logan Airport be considered for this
important pilot program.
Thank you again for the opportunity to speak on this
important issue. I look forward to addressing any of your
questions.
[The prepared statement of Mr. Shaw follows:]
Prepared Statement of Harold H. Shaw, Chief Security Officer,
Massachusetts Port Authority
Introduction
Good afternoon, Chairman Sullivan, Ranking Member Markey, and
members of the Committee. On behalf of the Massachusetts Port
Authority, I would like to thank you for the opportunity to testify
before the Subcommittee on Security about Unmanned Aircraft Systems
(UAS) and the risks they can pose to aviation safety.
The Massachusetts Port Authority, or Massport as we are commonly
called, is an independent quasi-state entity that oversees Boston Logan
International Airport, Worcester Regional Airport, L.G. Hanscom Field,
maritime facilities, and various real estate holdings. Our first
priority is always the safety and security of the traveling public, our
employees, and our neighboring communities. As the Chief Security
Officer at Massport, I am responsible for ensuring our organization is
prepared for the threats we face today, and to anticipate threats of
the future. I am here to testify that the rising incidence of
unauthorized UAS encroaching on airspace reserved for manned aircraft
is a clear and present risk that must be addressed thoughtfully and
deliberately, but urgently.
As we speak, the Federal Aviation Administration, state and local
governments, and operators of critical infrastructure are seeking
appropriate ways to manage, and safely and securely integrate UAS usage
in our shared airspace. As Massachusetts Governor Charlie Baker
recently highlighted in a letter to acting FAA Administrator Daniel
Elwell, the Commonwealth is privileged to be a hub for high tech and
innovation companies, and we fully appreciate their potential to
enhance safety, security, and commerce. We also recognize that with
innovation, including advancements in UAS technology, come challenges--
especially risks posed by negligent, reckless, or malicious use. The
rapid pace of growth of the UAS industry and the ever-evolving UAS
technological landscape have out-paced the current laws and policies
designed to prevent harmful interaction between manned and remotely
piloted aircraft.
Our Approach to Safety and Security
Enhancing safety and security is, by definition, a fluid process
and always a work-in-progress. Every day we strive to identify and
utilize every available tool to create a redundant, multi-layered
system that seeks to drive down risk and respond to evolving threats.
This approach includes updating and standardizing operating procedures,
constant preparation through training and drills, collaboration among
many stakeholders, infrastructure investments, technology research and
application, and proactive testing and implementation of new
approaches.
Some of the activities we undertake at Logan Airport demonstrate
our commitment to safety and security. Since 9/11, the aviation
community at Logan has met every day to discuss security and
operations. We conduct multiple exercises every year, and work with our
law enforcement partners, which include a permanent Massachusetts State
Police troop presence, an FBI Joint Terrorism Taskforce Annex on the
airport premises, as well as the many Federal agencies charged with
securing our airports.
UAS Risks
Rapid advances in UAS technology promise to revolutionize air
transportation, and Massport looks forward to continuing to evolve with
the future of air travel. Nevertheless, the disruption of manned
aviation due to the proliferation of UAS is happening as we speak, and
increasing with each passing day. According to the FAA, airplane pilots
reported over 2,000 UAS sightings in the U.S. in first 10 months of
2018. UAS operators, many with little or no training, are encroaching
on airport flight paths causing risks of collision or ingestion by
aircraft engines. Nefarious actors could use UAS's to inflict
significant harm, potentially attacking an aircraft in the air or on
the ground with payloads of explosives, chemical, biological or
radiological material.
In recent months, as the Committee knows, there have been incidents
at international airports, including London Gatwick and Newark Liberty,
where reported UAS sightings disrupted operations. Massachusetts has
seen its fair share of incidents as well, including an incident where a
recreational UAS violated a temporary flight restriction and appeared
over Fenway Park during a Boston Red Sox game with more than 35,000 in
attendance. There were 32 reported UAS sightings alone at the three
airports Massport operates from January 2018 to March of this year.
The impact of an extended UAS incident would be significant to
Logan Airport. Flights from coast to coast would feel the ripple effect
of a handful of UAS's. If Logan Airport faced an extended halt of
flight operations due to reported UAS sightings like Gatwick did in
late 2018, then roughly 1,300 aircraft would be impacted. Passengers
and cargo would be grounded on the tarmac at Logan Airport. Aircraft
destined for Boston would be diverted in the air or held on the ground
at originating airports. Most importantly, Logan could not serve as a
refuge for aircraft forced to land because of an in-flight emergency or
diverted for weather. Disruptions at Logan Airport would also affect
the international airspace. Each of our 42 airlines would have to
cancel or redirect aircraft across 78 cities in the U.S. and 57
international destinations, impacting approximately 140,000 passengers
all over the world. If you were to apply USDOT criteria to this type of
event, then the overall costs to air passengers alone could easily
reach tens of millions of dollars. Airline costs for crew, fuel, and
other operating costs would increase this loss even more dramatically.
Our Response to UAS Risks
Massport applauds the FAA's efforts to ensure UAS can coexist
safely with manned flight. The FAA has instituted mandatory UAS
registration, established guidelines for flying UAS near airports, and
is educating the public on UAS safety. However, more needs to be done
to strengthen current laws and policies to counter UAS threats.
We recently conducted a UAS tabletop exercise, which included
Massport, the FAA control tower at Logan, Massachusetts State Police,
the FBI, TSA, and the Massachusetts Department of Transportation. The
drill confirmed, with some slight modifications, that we have effective
communications protocols in place for coordinating a response to a UAS
incident, but it also validated our concern that we lack the tools to
help us identify potential unauthorized UAS's or confirm sightings from
pilots. We need technical solutions to increase our situational
awareness with real-time intelligence so that we can detect and
neutralize potential threats as quickly as possible. We continue to
advance our efforts to better understand and address these needs. We
established an internal working group, participate in a Commonwealth-
sponsored Counter-UAS (CUAS) working group, and routinely engage with
our Federal partners to both learn more on the intricacies of this
subject matter, as well as advance a collaborative discussion on
potential solutions.
However, we need appropriate legal and regulatory guidelines that
provide clear rules of the road, so that in the event we are required
to take proactive actions to identify, track, and possibly even
mitigate the threat, there would be a clear understanding of
authorization and responsibility.
Recommendations
The efforts needed to address the risks posed by the misuse of
UAS's, whether intentional or not, can be grouped into three
categories: enforcement, technology, and collaboration/research.
Enforcement. Clearly, the FAA has the primary role in ensuring
UAS's are integrated into public airspace in a positive and safe manner
that allows for commercial and recreational use while addressing the
risks. We greatly appreciate the work this Committee and Congress have
done to address the issue. We support several initiatives in the 2018
FAA Reauthorization Act, such as making it a criminal offense to fly
certain UAS near airports, requiring the FAA to develop a strategy to
assist state and local government response to a UAS threat, and
directing the Comptroller General to study state and local roles in UAS
regulations. Nevertheless, we also strongly appeal to this Committee
and to Congress to take additional steps that will empower state and
local partners to take charge of their own safety. The Preventing
Emerging Threats Act of 2018 authorized some Federal agencies to take
action to intercept and neutralize UAS that pose a threat to safety;
however, they lack the capability to provide robust and persistent
coverage across the Nation. State and local agencies are ready to fill
this void, but we need greater legal authority to do so. We
respectfully request Congress pass additional legislation that extends
similar authority to state and local law enforcement agencies.
Enforcement should also include public outreach that provides clear
guidance of what is permissible and what is prohibited. We encourage
the FAA to enhance its outreach to recreational UAS operators, who
usually have less experience piloting aircraft, so they know when and
where to fly safely, and the consequences for breaking those rules. The
FAA does have an active website and mobile app that begin to help
address the problem. However, we advocate that more be done. We urge
the FAA to expeditiously implement several key provisions of the FAA
Reauthorization Act pertaining to recreational operations, including
rolling out the mandatory operator knowledge test and working with
community-based organizations to develop safety guidelines.
Technology. Currently, there is no single commercial system
available to airports that can safely and effectively identify, track,
and neutralize rogue UAS's in domestic airspace. We commend the FAA's
efforts to support research and development projects to counter the UAS
threat, and we encourage the FAA to expand existing pilot programs to
identify solutions to this ever-increasing challenge as soon as
possible.
At Massport, we actively and aggressively are reviewing available
technologies that promote better UAS situational awareness for
application at our airports and facilities. The FAA has expressed
concerns to airports about deploying new technologies, and potential
legal implications based on current Federal law. This has chilled our
efforts to engage proactively on testing new technologies that might be
able to assist us. We encourage FAA and our other key Federal partners
to reconsider its approach to CUAS capabilities, and work
collaboratively with airports to develop and deploy real solutions to
counter these threats. We are coordinating with our state partners and
will engage with the FAA as we move forward in this area.
Collaboration/Research. Like any serious security risk affecting
aviation, this needs to be a collective effort. We support multi-state
and Federal agency collaboration, information sharing, testing,
training, and setting common standards and operating procedures. In
Massachusetts, we are achieving this through the Massachusetts DOT
Aeronautics Division's CUAS Working Group. Massachusetts is also a
participant in the Northeast UAS Airspace Integration Research Alliance
(NUAIR), providing aeronautical research, UAS operations, and safety
management--one of just seven FAA-designated UAS test sites in the
United States.
Finally, the FAA has announced a pilot program for testing UAS
detection systems at five yet-to-be chosen airports. As the FAA
continues to work on UAS integration, Governor Baker and Massport have
offered our assistance and collaboration in achieving the important
balance of public safety and innovation. Today, we are renewing our
request for the FAA to consider Logan Airport for the UAS detection
systems pilot program. Massport and Logan Airport are playing a crucial
role in countering security threats to aviation every day, and, in
partnership with the FAA and other federal, state, and local partners,
we hope to bring that expertise to better integrate UAS into the
airspace while fostering safe and secure airport operations.
Conclusion
Thank you again for the opportunity to provide Massport's
perspective on this important issue. I look forward to your questions.
Senator Sullivan. Thank you, Mr. Shaw.
I want to thank all the witnesses and let's just begin the
questioning.
Dr. Cahill, you talked about that some of the work in
Alaska and other places has been a target of industrial
espionage. Have you seen this? Do you know which groups are
conducting the industrial espionage? Is it state actors? If
anyone else on the security side can comment on that that would
be helpful.
Dr. Cahill. Mr. Chairman, we do see a lot of approaches
from foreign entities. We have had----
Senator Sullivan. Can you be more specific?
Dr. Cahill. So I get a lot of requests from places like
Iran, Russia, Pakistan, and other places, wanting to come learn
about our test site and some ITAR technology, talk to us about
various types of research we're doing, and so it is an area of
concern that we are getting these approaches.
We do report to the appropriate authorities when they
occur. It is a case where, because we are a university, they
assume that we're going to be a somewhat easier target, I
believe, than the Defense community, but it is a case where we
have regular contacts from foreign agents looking to talk to
us.
We have a large number of foreign students who do come to
UAF and do want to study aerospace engineering. We have an
aerospace engineering minor and we have had Bangladeshi
students and other students go through that program.
Senator Sullivan. Let me ask. You mentioned that you said
it was illegal to test counter-UAS programs. Can you explain
that? Maybe, Ms. Stubblefield, you can talk about that, as
well. Why is that? Is the University of Alaska doing that
anywhere outside of the United States?
Dr. Cahill. We are not testing any counter-drone
technologies. We are doing the detect and avoid. The reason we
can't, the Code of Federal Regulations, especially Title 18, is
the computer fraud and abuse. It is wire tap. It is pen trap.
It is aircraft sabotage.
Title 49 is piracy. So if we take down an unmanned
aircraft, we have just violated all of those laws. If we take
down one accidentally, then we've really violated those laws.
Senator Sullivan. So, Ms. Stubblefield, obviously we want
everybody here and all the witnesses to abide by the law, but
if it's a Title 18 problem or the Title 49 aircraft piracy
statutes, can the FAA provide exceptions? Do we have to change
that law?
Just let me give you an obvious example from my own
parochial standpoint. Alaska possesses very large expanses of
unpopulated land that's perfect for testing counter-UAS and
detect and avoid technologies, as you heard from Dr. Cahill.
The University of Alaska Fairbanks, is on the cutting edge of
this.
What do we need to do to be able to undertake these kind of
counter-UAS testing, which I think all the witnesses here
believe is important and yet we can't do it in America, as far
as I understand? Are there things that Congress needs to enact
laws? Do you have waiver authority? What's the status of this?
Do you think we should be able to do that?
Ms. Stubblefield. Well, certainly testing is important.
Legally, as Dr. Cahill indicated, there are multiples of
portions, provisions within Title 18 that prohibit the testing
of counter-UAS mitigation technology and some detection
technology, as well, depending on how it functions, based on
pen trap, wire tap, and computer fraud and abuse.
Any time you target a UAS, you implicate Section 32 of
Title 18. So DHS and Justice came to the Hill last year. We
actually supported them in getting that authority. So it is
necessary to have congressionally granted relief from those
Title 18 provisions.
Senator Sullivan. We need to pass a law?
Ms. Stubblefield. Yes, sir.
Senator Sullivan. You don't have any waiver authority?
Ms. Stubblefield. No, sir. Title 18 is----
Senator Sullivan. Do you think we should pass a law?
Ms. Stubblefield. I think it is important----
Senator Sullivan. With your, of course, guidance from the
FAA where we would work--this committee would work with you. I
mean, do you think it undermines our ability to take advantage
of these opportunities and also to promote national security if
we can't do our own counter-UAS work in our own country?
Ms. Stubblefield. So we can. The agencies that have that
authority can do the testing and are doing the testing right
now.
Senator Sullivan. What about University of Alaska
Fairbanks?
Ms. Stubblefield. So right now, it would have to be done
under the authority of one of the Federal departments that has
that authority. Congress did give FAA in the 2018
Reauthorization Act the authority to do testing and evaluation
that we would be able to utilize potentially test sites and
others to assist us with that.
It depends on how the law is expressly written in terms of
whether that's delegable for a particular department to be able
to utilize an educational facility or a non-Federal entity to
do that.
Senator Sullivan. Well, we will look forward to working
with you on this. I think it's an opportunity and I think it's
something that again I'll ask additional questions of some of
the other witnesses on their views on this.
Senator Scott.
STATEMENT OF HON. RICK SCOTT,
U.S. SENATOR FROM FLORIDA
Senator Scott. Mr. Wingo, it's my understanding that a
large percentage of the drones that are being used in the
United States and Canada are Chinese-made.
Mr. Wingo. That is correct, Senator.
Senator Scott. And it's something like 80 percent plus?
Mr. Wingo. I've heard that it's over 70 percent globally
and then over 80 percent in the United States. That's correct.
Senator Scott. And I guess Homeland Security put out an
advisory that sensitive data is being sent back to the company
which can be used by the Chinese Government.
Mr. Wingo. Yes, sir.
Senator Scott. So, I mean, China's not our friend. I mean,
they're stealing our trade secrets. They don't open up their
markets. They're militarizing the South China Sea. They're
involved in Venezuela where there's genocide going on.
So what are we doing and what should we be doing to stop
this?
Mr. Wingo. Thank you for asking that. What we need to do is
have a whole of nation effort to address this serious risk
today, as soon as possible. Part of that has to do with looking
at open source, looking at invigorating our own market here in
the United States. Competition is the best way. Take the field,
compete vigorously, use USA technology as much as possible.
I understand that doing a flash cut disentanglement of
everything in the supply chain may be unrealistic short of
actual conflict and we hope to avoid that, but what we do need
to do is stop saying this is just platform technology or we can
build the smarts in China and that it will cost less and then
we can actually go into other service markets.
This is too important. It's dual use technology. So the
main thing we have to do is look at drones as infrastructure
and consider really a Manhattan Project style investment
because this relates to smart driving cars and trucks, the
Internet of things, Internet of everything really, applies to
this area of commerce, and we need to look at all of the laws,
all the regulations that may be holding us back, sir.
Senator Scott. So is there a reason not to just outlaw it,
outlaw their sale?
Mr. Wingo. Well, there is one consideration. For some
places, for example, you mentioned DHS. The concern for the use
for inspecting critical infrastructure should be looked at very
carefully.
I'm not speaking for the Department of Defense today, but
DoD did put out a ban. DoD dealt with this risk by avoiding it
completely and saying stop using these drones if you're in the
U.S. military. So I think it depends on the risk.
I am concerned, for example, that the storied and amazing
New York Police Department turned to DJI for drones. When you
consider protecting a U.S. citizen at that level, to hand that
information over is concerning. So I think it really does
matter who is doing it.
On the other hand, if you consider what a flash cut might
have on innovators or on research, as Dr. Cahill mentioned,
that's something to be considered, but I really think we need
to roll up our sleeves as a nation and attack this right now.
Senator Scott. Wouldn't the easiest thing be to just outlaw
the sale? I mean, the American companies will show up. I mean,
there's plenty of technology in this country and innovation if
they have the same opportunity. I mean, China doesn't open up
their market. The reason why they can do this is they steal our
stuff and they don't open up their market. Why don't we just
say you can't sell anything here?
Mr. Wingo. Well, this is very similar to what's going on
with Huawei and considering 5G technologies and if you look at
the market shares, we're in a different position because of all
the water that's under the bridge so far.
We have been putting everything at risk by paying lower
costs. So a flash cut, I'm not sure that this is exactly the
time now to make that measure, but there are cases to be made
for that in definite and specific instances.
If you're touching public safety issues, if you're looking
at critical infrastructure, I think a case could be made to
having a ban like that.
Here's a consideration of a company in commerce,
Switzerland. So at least it's a NATO partner country. They are
using--Flyability is a company that is apparently inspecting
half of the nuclear power plants with indoor drone flights and
you can't get past the Nuclear Regulatory Commission and there
are concerns with commercial U.S. nuclear plants, as you know,
without really making sure you're cyber secure and safe.
So I think that's a good thing to look at and so I would
say, sir, at this point, it depends on what the risk is and I'm
at the College of Information and Cyberspace. It's the Nation's
Cyber War College. I and my colleagues, we stand ready,
willing, and able to help on any details that you want to go
into.
Senator Scott. And you all could put out a proposal?
Mr. Wingo. We could, sir.
Senator Scott. Thank you. It would be helpful to say
exactly what we should do. I don't know why we're doing
business with them. I think in so many areas, I think we're
crazy to do business with the Chinese. We ought to be buying
American products in every way we can. I mean, they've stolen
our jobs, our technology. So they're not our friend.
Mr. Wingo. If I may say something, as an American, I love
history and I consider the power of General Motors and Detroit
and the commerce that was there with U.S. automobiles and the
infrastructure that was in place and we could not have beat the
Nazis. We celebrated Normandy, the landing 75 years ago. That
would not have been possible if we couldn't have turned around
on a dime and produced engines of war, aircraft and tanks, but
that was because of our industrial base and so, Senator, I like
what you're saying because we have to address this issue.
As far as the details, we look forward to working with you
on that.
Senator Scott. Thanks.
Mr. Wingo. Thank you.
Senator Sullivan. Let me continue on this line of thinking.
You know, there's manufacturing of what Senator Markey had
displayed as drones.
Mr. Wynne, you actually mentioned that the manufacturing is
taking place throughout the United States, is that correct?
Mr. Wynne. That's correct.
Senator Sullivan. And so what's the issue? I'm trying to
get my arms around this. I think we all are. You heard Senator
Scott's questions.
If we're manufacturing drones all throughout the United
States and yet DJI, you mentioned, Mr. Wingo, DJI, which is a
Chinese company that dominates this field in America, globally,
what's the challenge to create more of our own home-based drone
manufacturing? Is it on the creating a drone, like Senator
Markey mentioned, or is it on kind of on the back end software
cloud aspects, which to me are the much more challenging
national security issues here as it relates to cloud storage in
China?
Mr. Wynne. I'm going to answer the question from----
Senator Sullivan. I know it's a multipart question.
Mr. Wynne. It is.
Senator Sullivan. Take a swing at it in whichever way you
want to answer it.
Mr. Wynne. It's a couple of pitches. I think I'd like to
answer the question from a market development standpoint
because my----
Senator Sullivan. What more can we do to enhance our
manufacturing capacity and base in America in this area?
Mr. Wynne. I think the simple answer to the question is
that American-made drones tend to be a little bit more up-
market and they tend to be more use-specific and what we have
been working with the FAA on is the creation of rules which
would go beyond Part 107 to more extended operations.
Senator Sullivan. And, excuse me, I'm going to have to go
vote, but my team is listening to your answer. So we will----
Mr. Wynne. Very well.
Senator Sullivan. And my good friend, Senator Markey, is
back here. So we will continue to roll. Thank you.
Senator Markey. Thank you.
Senator Sullivan. Sorry to interrupt.
Mr. Wynne. So the short answer to the question, I think, is
the more we have the ability to do extended operations, fly
over people, fly at night, fly beyond visual line of sight, the
more we will see the market development for more sophisticated
drones.
The vast majority of----
Senator Sullivan. Would benefit American manufacturers?
Mr. Wynne. Exactly. Because we?ve been making large-size
drones for military use for many, many years and a lot of the
robust nature of that manufacturing can come down into more
small platforms but more capable platforms.
So right now, there tends to be a bias toward greater
volumes and lower cost.
Senator Markey. The Chair recognizes himself. I call myself
the Chair for 5 minutes.
Although the FAA has been charged with the primary
responsibility to integrate drones into the national airspace,
it is often state and local organizations, like Massport, that
must be ready to take proactive measures to identify, track,
and possibly mitigate threats in real time.
As you note in your testimony, Mr. Shaw, the Federal
Government simply lacks the capability to provide robust
persistent coverage against drone threats across the entire
nation. That's why we'll continue to rely on organizations like
Massport to fill the void.
Mr. Shaw, given this responsibility, what tools and legal
authority should we provide to state and local agencies, like
Massport, so that they can defend airports from the risk
associated with drones flying in flight paths which could have
catastrophic effects?
Mr. Shaw. Thank you, Senator Markey.
First and foremost, at the local level, there are no
authorities that have been actually pushed down for whether it
be the Mass State Police or Massport Police in Massport's
perspective to be able to act or respond to a drone incident.
Unfortunately, we don't have, you know, the technology in
place to respond nor do we actually have the legal framework,
you know, and as Dr. Cahill even mentioned, to be able to
counter and respond to any type of incident specific at
Massport. You know, no pun intended, but we're flying blind at
this point.
What we need to be able to do to advance, you know, not
only the discussion but our ability to be able to effect a
uniform, a balanced, and a smart response is to be able to push
authorities down to the state and local level. They are the
first response requirements where we can in turn lean on them
to be able to hopefully react and respond to any type of drone
incident specifically within our environment.
On a day-to-day basis, we look at, you know, Massport but
really any other large international airport as its own special
event. You're really looking at, you know, for Massport in
particular, 140,000 passengers traverse through the airport on
any given day.
So the Federal Government has done a very good job in terms
of preparing for the special events, whether it be the Boston
Marathon, whether it be a Super Bowl event, or any other, you
know, major event across the country.
What we're confronted with on a day-to-day basis is our own
special event and how do we in turn equip law enforcement and
first response entities with those appropriate tools to be able
to adequately and effectively respond if we were confronted
with a similar event to that of Gatwick?
Senator Markey. So do you want the FAA to give you
authority to do your own individual counter----
Mr. Shaw. Not specifically to Massport but to----
Senator Markey. I don't mean you----
Mr. Shaw [continuing]. Law enforcement that in turn
supports Massport or similar to, you know, what happened with
the incursion over Fenway Park, you know. The ability for the
Boston Police Department to effectively respond, you know, to
that threat.
At this point in time, albeit, you know, whether it be DHS
or the FBI, they've done a very, very good job in terms of
dealing with bigger events, but day in and day out, they just
don't necessarily have the band width nor the resources to be
able to cover each and every one of the major airports across
the country.
Senator Markey. So you believe that individual law
enforcement agencies across the country should be given this
authority to be able to act proactively?
Mr. Shaw. Appropriately scoped, sir.
Senator Markey. Appropriately.
Mr. Shaw. Yes, sir.
Senator Markey. Do you agree with that, Ms. Stubblefield?
Ms. Stubblefield. Sir, to be clear, FAA doesn't give the
authority. Actually, the prohibitions that constrain the
ability of law enforcement to act against UAS are actually from
Title 18 and Title 49 and those are the authorities that have
been granted to DHS and Justice.
Senator Markey. I think it's time then for us, that is the
Congress, to think about modifying that authority so that we
deal with this tsunami of threats which are going to be out
there and allow for there to be additional protections which
are provided to the public.
Ms. Stubblefield?
Ms. Stubblefield. Yes, sir. But if I may on a couple of
different counts, one, there is the ability to use legal
detection capability, which Massachusetts Police actually does
have that capability in some circumstances, so that you can
identify where UAS are and in some cases, depending on the
technology that you're using, identify where the operator is
and be able to get law enforcement to that operator to engage
and be able to get that drone down safely.
Senator Markey. What authority would you want, Mr. Shaw?
Mr. Shaw. You know, just to kind of that one point. Then
it's not respective to the airport, you know, environment in
particular. We have incidental coverage through the State
Police at this point in time.
One of the things that we're looking at is, you know, is
there an ability to be able to push some of the authorities
that in turn have been, you know, passed to whether it be DHS
or DOJ and be able to allow, you know, specifically our state
and local authorities to be able to respond, react, and be able
to utilize the law respective to their own personal benefit.
Senator Markey. OK. So if I may ask, so it's important that
you can identify a problem?
Mr. Shaw. Yes, sir.
Senator Markey. But what can you do to mitigate it, to make
sure it doesn't happen in the first place? What authority do
you have?
Mr. Shaw. At this point in time, there is no authorities to
be able to actually mitigate the threat.
Senator Markey. Do they have nay authority, Ms.
Stubblefield, to mitigate, to prevent?
Ms. Stubblefield. So, sir, I think there's--I'd like to
make a distinction because I think your point about prevention
is important, and outreach and education are a significant part
of----
Senator Markey. Outreach and education to whom?
Ms. Stubblefield. To UAS operators.
Senator Markey. No, but I'm talking about----
Ms. Stubblefield. To the public.
Senator Markey. We're talking here about authority for
Massport and other entities like that.
Ms. Stubblefield. So----
Senator Markey. Should they have an ability to mitigate----
Mr. Stubblefield.--the challenge----
Senator Markey.--to be able to act preventively?
Ms. Stubblefield. Sir, the challenge that we face today
with mitigation authority, aside from the legal constraints,
which certainly you and your colleagues----
Senator Markey. We might have to----
Ms. Stubblefield.--could remedy,----
Senator Markey. Yes.
Ms. Stubblefield.--but I think it's important to understand
that the current counter-UAS technology that exists out there
for use, which is largely based on military-built technology
used in places where we don't have considerable concern about
the collateral impacts, when used in civil environments, has
significant impacts that can create tremendous safety hazards.
Senator Markey. I appreciate that, but I would trust the
Boston Police or Massport to be able to make that decision in
the context of Boston, its population, what the threat is as
they've identified it.
So I appreciate what you're saying. Obviously we're a
densely populated population, but when there's a drone flying
over Fenway Park, the consequences could be catastrophic,
especially if it might have been able to be identified in an
earlier stage. What would be wrong with that if Massport,
working with Boston Police, State Police, had identified it
earlier?
Ms. Stubblefield. The identification----
Senator Markey. I don't mean--identify, then take action.
Ms. Stubblefield. The action piece, sir, is that the tools
that are available can cause significant safety impacts. They
can impact onboard avionics of manned aircraft. They can impact
the operation of air navigation services infrastructure that we
use for manned aircraft.
When you target a----
Senator Markey. I appreciate what you're saying but the
problem is this. The problem can't be so dangerous that these
agencies should be aware of it but yet not dangerous enough
that they have authority to act in a preemptive way.
So we're guarding no man's land in terms of the protection
of the public and so what if they purchase--what if Massport,
for example, was the lead in building in all the protections
after 9/11? We went first in almost everything, brought in
Israeli experts because obviously Mohammed Atta and the other
nine had hijacked the two planes from Logan. So we went first
and understandably so and we're quite proud of that. I'm not
sure what goes on in the rest of the country in consultation
with what Massport did.
So these people are expert and they were acting in ways
that obviously the Federal Government had not acted in terms of
building in safeguards.
So part of my, you know, concern here is that we're caught
in a situation where highly qualified law enforcement officials
want the authority and the tools to be able to deal with
something and yet you're saying that the statute does not allow
them to do so and that you're thinking that that's justifiable
because of the risks that would be created if Massport had that
authority.
Ms. Stubblefield. Yes, sir. The technology is problematic.
It's a challenge and that's why testing it, we talked about
earlier, is so important to try to drive the industry toward
capabilities that don't have that impact on the safety systems
that are dependent upon for the airspace system.
Senator Markey. I appreciate that. Again, at Massport they
would be expert on this.
So let me ask this. What additional things would you like,
Mr. Shaw, for the FAA to be doing to prevent a scenario like
that which unfolded at Gatwick? What additional----
Mr. Shaw. I fully understand, you know, the challenges.
This is a tough situation, and I think we could boil it down
into really three salient points.
We're looking for, similar to what the FAA, you know, wants
to be able to roll out, is a system that is going to
effectively identify. We want a system that is integrated not
only from the tower but all the way down to local law
enforcement, so that response is, you know, quick and it's
efficient, and then we want an ability to be able to mitigate
or interdict a threat, you know, and I know it may be, you
know, a little wild to be able to get to that point, but the
reality behind it is that if we can build something within that
framework, you know, and move that process along, that we as
airport operators are going to, you know, feel a lot more
comfortable about, you know, the safety, you know, the security
and safety of the traveling public, you know, our communities
and our employees.
Fully understand that, you know, in terms of some of these
technologies that are out there, they may have adverse impact
in terms of avionics and so forth. So it needs to be a balanced
approach in terms of how the stuff would ultimately, you know,
work.
Senator Markey. Mr. Shaw, if I may,----
Mr. Shaw. Yes, sir.
Senator Markey.--I think we need a conversation between you
but all of those agencies out there and Ms. Stubblefield and
DHS. We need some kind of conversation that takes place. We
need a balance that is struck here and right now, I don't think
we have a full balance which has been created and I think it's
going to be something that's very important and I think this
hearing has helped to ensure that that kind of lack of
resolution of these issues has yet been reached.
So I have to go vote again. I apologize. I'm going to have
to briefly recess and Chairman Sullivan will be returning soon.
[Recess.]
Senator Sullivan. I call the hearing back to order.
Let me just continue with some of the line of questioning
that I had asked before we left and then I'm sure we can take
it to other areas, but I do want to talk, Mr. Wingo, but anyone
else, on this issue--there's the issue, as I mentioned,
manufacturing but there's also the issue of the broader impact
of cloud storage in China by U.S. companies in the aviation
infrastructure industry more broadly.
We've talked about it on the UAS systems, but is there a
broader challenge, and I'll open this up to any of our
witnesses, as it relates to those kind of concerns that are
really more the back end concerns with regard to software and
data storage? In particular, if the cloud storage is actually
located in China and could possibly, as Senator Scott had
mentioned, be under the control of the Chinese Government?
When you're talking about a country whose priorities always
align with having the Communist Party in charge and in control,
that risk, although it might seem remote, is something that we
need to be concerned about, quite frankly, because they do have
that control and that's the interest of their leadership, the
Communist Party in control as their Number 1 priority.
So if any of you can just address the cloud storage issue
in the U.S. aviation infrastructure space, whether it's the
drone technology and data or beyond?
Mr. Wingo. Thank you, Mr. Chairman.
I'll jump right in on that. It's a huge threat and we live
in a world where you have blended threats. So it's not only a
kinetic threat anymore. You can have incredible information
that's assembled as a result of the Chinese Government having
access to this rich amount of geospatial information and if you
take the photos that happen to be collected across the nation,
there may be a matter of interest.
Over time you've got a mosaic but you also have a chronicle
and as you touched on, China is a great power competitor and
they've been very clear about their belt and rope strategy.
They've been clear that they want AI dominance over the next
couple years.
The issue is when you can stitch together with nation state
capabilities all of those pieces, you come up with a very
damaging information set that puts the Nation at risk. So that
is absolutely a concern with cloud data storage and the
problem, and some of these are touched on as we are on the
threshold of another related Internet of things technology, if
you consider 5G networks and the issue with Huawei and the
concern is appropriate because if you're going into 10 to even
a hundred times of the processing power or broadband
throughput, what that means for cloud means you can apply
artificial intelligence to machine learning to draw out
insight, strategic level insight that didn't exist before.
The other thing I'm worried about is there's another aspect
to the regulatory and policy challenges that we've heard
already but when you're talking about President Xi Jinping, who
has more power than anyone has ever had within China's
government structure, that is also of concern.
If you look at the fact that they have very few
restrictions on their ability to gather information within
their own country, in the Northwest Section, in the province
where they have Uighur issues.
So all of this adds up to huge risk, oh, and if that wasn't
complicated enough, they're pairing up with Russia, as well.
Senator Sullivan. Any other thoughts on that?
[No response.]
Senator Sullivan. OK. Senator Lee.
STATEMENT OF HON. MIKE LEE,
U.S. SENATOR FROM UTAH
Senator Lee. Thank you, Mr. Chairman. Thanks to all of you
for being here.
I'm pleased that so far today we've had some discussion
already about the importance of federalism, about the concept
that we don't have a single system of government in our
country. We've got a multi-layer system in which some power is
reserved for the Federal Government and other powers are
reserved for the states and their political subdivisions or to
the people as it's stated in the 10th Amendment.
We've seen a number of concerning reports about drones
flying in airspace where they probably shouldn't be, above
crowded stadiums, sometimes smuggling contraband into prisons,
and near airports, including take-off and landing space, and so
drone threats extend beyond the interests that are necessarily
purely and obviously Federal. They end up affecting the same
set of interests that our state and local law enforcement
should be concerned about, as well.
So, Ms. Stubblefield, I've got some questions for you on
this. Is the FAA or any other Federal law enforcement agency or
any other Federal agency of any kind for that matter in a
position to directly mitigate any and every reckless or
criminal misuse of a drone?
Ms. Stubblefield. So I'll try to answer that in a couple
different ways. There are authorities that have been given to
four Federal departments to be able to mitigate, that is
disrupt, destroy, damage, take down, a UAS and that's the
Departments of Defense, Energy, Homeland Security, and Justice.
Senator Lee. Right.
Ms. Stubblefield. They've been given those authorities for
very specific mission sets, largely for the protection of
national security assets, although DHS and Justice do have the
authority, if requested by a state executive, to provide that
support to a mass gathering, if requested.
Senator Lee. Right, right. It's important that they have
that, but it's neither realistic nor the stated objective of
the Federal Government to say there can never be any
circumstance in which a state and local government law
enforcement agency would need to respond, right? I mean, surely
Federal agencies won't be able to handle every one of these
issues and surely there are interests that are non-Federal that
also need to be taken into account. Would you agree with that?
Ms. Stubblefield. Yes, sir, absolutely.
Senator Lee. And so in that respect, drone integration
probably isn't possible without state and local police being
able to act in real time in order to address threats that arise
from time to time, like drone usage. Would you agree with that?
Ms. Stubblefield. We certainly need a robust security
framework to support and enable full UAS integration.
Absolutely. Remote identification, we think, which we're
working very hard on to get that rule out later this year, is
focused on giving that information so that when a law
enforcement officer sees a UAS that they believe is not in a
place that it should be, they will have the ability to identify
something about that UAS and where its operator control station
is to be able to then go and engage that operator, determine
what their intent is, is their operation legal, and to get that
aircraft, that UAS down and out of potential harm's way, if
that's what it's creating a safety risk.
Senator Lee. How does the FAA believe that local or any
other non-Federal police should be able to respond to drone
incidents that take place in the sort of low altitude space?
Won't there need to be some non-Federal agencies that have
counter-UAS capabilities?
Ms. Stubblefield. The challenge with counter-UAS
capabilities currently is the technology that enables that type
of activity has significant impacts on the national airspace
system and on other types of communications capabilities,
particularly in urban environments.
So right now, because that technology is civilly
challenging to implement without a high degree of coordination,
which is what's been required for Federal agencies to be able
to use it, it's challenging to consider the ability of state
and local law enforcement to be able to do that without
potentially creating even greater safety impacts while they're
trying to address the security risk.
Senator Lee. OK. Mr. Chairman, I've got one additional
question. Can I carry that?
Senator Sullivan. Sure.
Senator Lee. One of the stated purposes of the UAS
Integration Pilot Program was to test and to evaluate various
models of state, local, and tribal enforcement in the
development and enforcement of Federal regulations for UAS
operations. This includes the testing of reasonable time,
place, and manner limitations on low altitude UAS operations.
Can you tell me specifically how the FAA has started
testing these reasonable time, place, and manner limitations in
the context of state and local law enforcement response?
Ms. Stubblefield. Well, fundamentally, the FAA manages the
airspace. We try to work very hard with all of the stakeholders
to include our state and local law enforcement whom we have an
entire program, our Law Enforcement Assistance Program,
dedicated to providing support, education, and assistance to
law enforcement.
However, we have not within the context of the IPP had any
requests for time, place, or manner restrictions. So we've not
been able to really test that activity.
Right now, as we look at what a future UTM might look like
with something like remote identification, which is going to
give a tremendous amount of information to state and local law
enforcement, as we look at something that might enable the
ability in the future with some type of dynamic airspace where
a local law enforcement officer who currently calls up the FAA
if there's an accident or wants to have some sort of airspace
restriction to enable a security response of some sort where
that might be something that could be done in an automated
fashion, such as how we do with airspace authorizations today,
those are the types of things that we envision potentially in a
UTM framework going forward.
Right now, we work that sort of on a case-by-case basis
with law enforcement engaging the FAA to provide that
restriction as necessary to support those response activities.
Senator Lee. OK. Thank you. I'm out of time. Let me just
say I think we've established in our conversation here today
that it is important to integrate state and local law
enforcement personnel. We can't do it without them. We can't
mitigate these threats without them.
That being the case, I think it's not just a possibility or
a potentiality, a hypothetical, a question off in the future. I
think it's absolutely essential that we test the local police,
that we test this in your evaluation, that we start testing
reasonable time, place, and manner limitations in the context
of state and local law enforcement.
Thank you, Mr. Chairman.
Senator Sullivan. Good point, Senator Lee.
Senator Sinema.
STATEMENT OF HON. KYRSTEN SINEMA,
U.S. SENATOR FROM ARIZONA
Senator Sinema. Thank you, Mr. Chairman, and thank you to
all of our witnesses today.
Drones have revolutionized aviation, making the skies
accessible for construction companies to perform inspections,
for photographers to take amazing photos, for search and rescue
operations to locate lost individuals, and to better monitor
our national borders.
I look forward to working with the FAA to authorize more
drone operations and harness the incredible economic potential
of drones, but as we integrate drones into the national
airspace, we need to make sure that we're monitoring the
potential security risks caused by drones, particularly in
sensitive areas, such as borders, near airports, and around
wildfires.
So my first question today is for Ms. Stubblefield. Drones
are being used on the front line of the border crisis by the
U.S. Government, but they're also being used by cartels.
Reports state that the cartels are using drones to monitor the
movements of U.S. law enforcement and to smuggle drugs across
the border.
When I visited the border earlier this year in April, I
actually saw striking videos of these drones infiltrating our
southern border. So last year, Congress provided DHS the
authority to mitigate these unauthorized drone operations and
asked DHS to coordinate with the FAA to ensure that DHS
intervention does not adversely impact legal aircraft
operations, but I understand that DHS has not yet used its
counter-drone authority on the Mexican border.
So my question is what's causing this delay? Is your team
and office coordinating with the DHS, and when can we expect
these counter-drone operations to begin at the border?
Ms. Stubblefield. Thank you, Senator Sinema, and clearly
the border risk is something of which the FAA is very well
aware and we are working very closely with DHS and Customs and
Border Protection on this issue.
The Section 1602, which gave DHS the authority in the
Preventing Emerging Threats Act in the FAA Reauthorization Bill
in October provided very specific direction about that the
risk-based assessment that needs to be conducted, the guidance
and coordination that needs to occur, starting with defining
threat and moving on from there, and we are working closely
with DHS on a weekly basis.
Actually, we meet with them to move forward their efforts
and they all do focus on this issue right now. We have a
roadmap for how they're implementing their counter-UAS
authority that looks at the types of technologies that they'll
want to use, the tests and evaluations necessary to be able to
mitigate any of those spectrum impacts, and they are working on
a risk-based approach to prioritize the sites where they will
deploy this technology, including the Southwest border.
Senator Sinema. Thanks. My next question is both for Ms.
Stubblefield and for Mr. Wynne.
Private drone activity near wildfires has been a
significant issue in Arizona. As you know, when unauthorized
drones are spotted near wildfires, the aerial firefighting
resources, like helicopters and air tankers, are grounded.
So this delays the response of our teams and endangers the
homes and the safety of Arizonan lives. It's not a new issue,
and I believe that both the FAA and AUVSI have worked to
educate the public on this topic, but the problem still exists.
Just last week, there was an unauthorized drone near the
Coldwater fire in the Coconino National Forest in Arizona and
that grounded our firefighting helicopters. So we've got to do
better.
So, Ms. Stubblefield, Congress increased fines for these
sort of dangerous drone operations near wildfires, but has the
FAA used their authority in finding the individuals who are
flying illegally and if no, why not?
To Mr. Wynne, none of the Federal agencies involved in
wildfire fighting have the authority to use mitigation
technology. Do you think that should change and if not, what
can we do to stop these drones from flying near our wildfires?
Ms. Stubblefield. So, first, Senator, yes, we have used
that authority. We have five enforcement cases that are as a
result of that authority that was provided to the FAA. So we
are utilizing that.
I think we have been working very closely with DOI and the
National Interagency Fire Center on this issue. We've long
provided TFRs and flight restrictions to support fire-fighting
activities.
The outreach and education campaigns have been working.
Actually, there has been a decrease in these sightings in both
2017 and 2018, which is extremely important, but there are two
other pieces that I'd like to highlight that are focused on
trying to continue to reduce and hopefully at some point
eliminate any of these unauthorized activities.
The first is remote identification. We believe that the
vast majority, if not all, of these incidents that we are
seeing of unauthorized drone activity are the clueless and the
careless and with remote identification rule in place, with
requirements for drones to have remote identification, the
local incident commander will be able to know where that
operator is, get to that operator, get that UAS out of the sky,
and enable those aerial fire-fighting capabilities.
The second is under Section 349 from our Reauthorization,
the FAA was given the authority over recreational operators
that includes the knowledge test and again that education piece
is so critical to be able to get to operators to make them
understand that when they do these things, there is a price
that's being paid potentially with people's lives and property
and AUVSI has been a key part of that education outreach, as
well.
Senator Sinema. Thanks.
Mr. Wynne. Senator, thank you for the question, and, yes, I
agree with everything Ms. Stubblefield has said, and I believe,
yes, in many instances where there's a wild land fire that
there's a temporary flight restriction in place. That's no
different in many instances than an airport and we would
support being able to use counter-authority in that
circumstance.
I think, you know, how that's done, you know, we see the
earlier conversation about how tricky that is and how that
needs to be done with overall airspace management in mind, but
as the industry, we bring you the full solution, not only the
drones that are actually providing the situational awareness,
the folks on the ground, my son is a firefighter, but also the
technologies that will inhibit those that potentially could
interfere with those operations.
Senator Sinema. Thank you, and thank your son for his
service.
Mr. Chairman, I yield back. Thank you.
Senator Sullivan. Senator Blumenthal.
STATEMENT OF HON. RICHARD BLUMENTHAL,
U.S. SENATOR FROM CONNECTICUT
Senator Blumenthal. Thanks, Mr. Chairman, and thanks for
focusing on this very important topic and to all of you for
being here today, thank you.
There's currently no requirement, so far as I know, that
drones have any kind of black box or flight recorder that would
give any evidence of its operation, its control, its flight
path, any of the details that we expect now in many commercial
planes, correct? Maybe that's a question for you, Ms.
Stubblefield.
Ms. Stubblefield. Yes, sir, Senator. There's not currently
a requirement, but the FAA is working on a Notice of Proposed
Rulemaking to implement those requirements as quickly as we
can.
Senator Blumenthal. And will they apply to all drones or
unmanned systems?
Ms. Stubblefield. As we are currently under the rulemaking
process, when we did the Aviation Rulemaking Committee, the
recommendations were that all UAS that were registered would
have that remote identification requirement.
Senator Blumenthal. Because right now, there's little more
than personal observation or the word of the operator as to
what any of these unmanned systems are doing, correct?
Ms. Stubblefield. Yes, sir.
Senator Blumenthal. And how quickly will you have the
rulemaking done?
Ms. Stubblefield. The Notice of Proposed Rulemaking is
slated to be out later this year, sir, and we are moving with
all due haste.
In addition to the rulemaking, it's important to understand
that there are also the standards that have to be in place for
what that remote identification, the format would be, as well
as how those things will be transmitted and, in addition, the
infrastructure that will enable state and local law enforcement
and other national security partners to be able to get that
information so that they can identify where the operator is and
respond immediately. So we're working on both of those
activities while we're pursuing the regulatory rule that will
actually make the requirement.
Senator Blumenthal. How long have you been working on it?
Ms. Stubblefield. Well, we've been working on the
rulemaking for over a year. What's important--well, actually,
we go back to the Aviation Rulemaking Committee that we had,
which was in the summer of 2017. So we've been working on this
issue for quite some time.
Senator Blumenthal. What's taking so long?
Ms. Stubblefield. The challenge has been that prior to
October, we did not have the authority over recreational users
to be able to craft a rule that would establish this
requirement across the board for all registered----
Senator Blumenthal. But doesn't the rule apply to the
unmanned system, not necessarily to the use? In other words, it
applies to recreational, commercial, any of these systems
presumably, regardless of the intended use, so to speak,
correct?
Ms. Stubblefield. It will now. Prior to the Reauthorization
Act and Section 349, the FAA, under the previous
reauthorization, was unable to levy those requirements against
recreational or hobbyist use.
Senator Blumenthal. Just so I'm clear, just so maybe I
haven't been, I'm referring to a flight recorder, a black box
that would give some indication of the flight path, the speed,
the characteristics of flight.
Ms. Stubblefield. Yes, sir.
Senator Blumenthal. Do you understand my----
Ms. Stubblefield. Yes, sir, remote identification.
Senator Blumenthal. Well, I guess I'm a little bit at a
loss. I understand the distinction you're making between
recreational and commercial use, but it seems to me pretty
important to have these black boxes in these UAS systems as
quickly as possible and we've seen some of the consequences, as
you say, the clueless or the careless may be in part the cause,
but exactly to prevent these kinds of potentially catastrophic
collisions in midflight and so forth. Black boxes are
important, don't you think?
Ms. Stubblefield. Absolutely, sir. Remote identification is
the top UAS rulemaking priority in the FAA right now. We are
putting all due resource to move that as expeditiously as
possible and again the FAA was bound by the lack of authority
until October.
Once we regained that authority, we were able to now--as we
craft the rule, to apply it, as you stated, across the board,
regardless of class of use.
Senator Blumenthal. Can you tell me when you expect this
rule to be published, the remote ID rule?
Ms. Stubblefield. In the Unified Agenda from the
Administration, September 2019, sir.
Senator Blumenthal. September 2019?
Ms. Stubblefield. Yes, sir.
Senator Blumenthal. A few months from now?
Ms. Stubblefield. Yes, sir.
Senator Blumenthal. Thank you very much, Mr. Chairman.
Senator Markey. I'll recognize myself for a second round of
questions and let me just ask you again, Ms. Stubblefield.
The FAA Reauthorization Act of 2016 directed the FAA to
develop standards for remotely identifying drone operators and
owners within 2 years of enactment of this law. By July 2018,
the FAA was supposed to issue final regulations for remote
identification based on those standards.
Today, nearly a year and a half after that deadline, the
FAA has published no such guidelines or guidance. In fact, the
FAA recently announced that it intends to only publish a notice
of proposed rulemaking in September of this year. A final rule
is nowhere in sight, notwithstanding the congressional mandate.
In April, I sent a letter, along with Senator Thune, urging
the FAA to swiftly publish a proposed rule for the remote
identification of drones. At the time, the FAA expected this
proposed rule to be issued by July 21st. So the current
timeline for a September notice of proposed rulemaking
represents an even further delay.
Ms. Stubblefield, please explain what is causing the FAA
delay on this critical rulemaking. Do you still plan to release
the proposal in September, and when will there be a final rule?
Ms. Stubblefield. Yes, sir. So as to the delay, it
primarily has been focused on the fact that until we had the
authority over recreational users, which are about a million of
the 1.4 million drone registrations that we have, it was very
hard to construct a rule that would meet congressional intent
and we are very appreciative that we regained that authority in
October.
It's a very complex rule and there are a number of
stakeholders to be taken into consideration as we work through
that rule.
It is critical that we get this right because it is
foundational not only from the security perspective but the
safety perspective, as well.
Senator Markey. Time is of the essence. Mr. Shaw, how
important is the remote ID rulemaking for the country?
Mr. Shaw. Critically important, Senator, and it only takes
one incident to occur. You know, if it was a catastrophic
incident that occurs specifically at an airport, it would set
us all back, you know, significantly, you know. Time is of the
essence and we need none of the rules but the technology is in
place to be able to appropriately protect the critical
infrastructures.
Senator Markey. Yes. So I agree with you. Time is of the
essence here. We've just got to get this done because you're
long past the deadline to do the proposed rulemaking.
So this is the box in which the drone that I held up
earlier in the hearing came in, and it just says quite clearly
on the box ``Made in China.''
So this is what every American is facing when they try to
buy a drone. So one of my questions to you then again, Mr.
Wingo, we need to provide Americans ways to deal with the
privacy compromise that can occur not only for our critical
infrastructure but for individual citizens. There are real
privacy concerns here, real security concerns.
So what can we do? What's your recommendation to all these
Americans that already own a drone made in China?
Mr. Wingo. Thank you. One of the first things is to
understand the risk so that you can mitigate the risk and you
just went a long ways toward calling that out on the national
stage.
I have here a French-made drone and obviously components
come from China but this is Parrot. They're Number 2 but far
behind DJI. So there you have privacy, things like GDPR, and if
you're looking at where data storage happens, that's a whole
different issue.
I would go back to saying Buy American and, you know, there
we have more jurisdiction. If you look at how control happens
with our cloud, I worked for Google for a couple years----
Senator Markey. Is this a Huawei issue to you?
Mr. Wingo. Yes, it is.
Senator Markey. You'd put it in the same category?
Mr. Wingo. I'd put it in the same category.
Senator Markey. Wow. That's very serious. So we have to
really think about what you're saying and again you just
mentioned the European privacy laws which would cover the
French making their device. Is that what you're saying?
Mr. Wingo. It is, although I'm saying I think there's an
American way that if we roll our sleeves up and bring the
engine of innovation that we have in this country and we
unleash through the right-minded regulations or no regulations
where they're not required and allow U.S. companies to take the
field, that's really a better way to protect privacy.
Senator Markey. It is, as long as we in the United States
animate these inanimate objects with our values. We've got to
do that.
Mr. Wingo. Exactly.
Senator Markey. The Chinese animate them with their values
which are inconsistent with ours. The French have their values,
but from my perspective, that's why I intend to reintroduce my
Drone Aircraft Privacy and Transparency Act so that we create
our own American set of guidelines for who we are and how we
should be interacting with these new technologies.
Mr. Wingo. Yes, sir. I was looking for a chance to hold up
my copy of the Constitution, but if we have U.S.-made drones,
we can infuse all those values, as you said, into that.
Right now, as we continue to buy China, it comes with all
those approaches to privacy and security.
Senator Markey. Thank you, sir.
Senator Sullivan. Let me ask a follow up for Mr. Wynne
here. Last week, the President transmitted a letter to key
congressional committees announcing that he has ordered the
Department of Defense to ``take action to develop and purchase
equipment and materials needed for creating, maintaining,
protecting and expanding production capabilities for small
unmanned aerial systems.'' So it's not just a concern obviously
of the Congress but the Executive Branch with the President
focused on this, as well.
What do you see as the concrete steps that the Department
of Defense and Congress can take to ensure that what he is
laying out is met and how do you see this enhancing the
opportunities for commercial UAS in the United States?
Mr. Wynne. Well, thank you, Senator, for the question.
You are in the midst of leaving for a vote now.
Senator Sullivan. I know.
Mr. Wynne. I was trying to make this argument and I think
I'll just return to it and hopefully it connects with your
question.
Effectively the real flying is yet to be done. The kind of
flying that we're doing today is almost episodic. It's very low
risk. It is not the integration that ultimately we all have
been talking about and trying to get to.
Integration means that we need to be flying as safely in
the national airspace as manned aircraft and that's, as you
know, a very, very high level of safety and sophistication and
professionalism.
We think that the sooner we can move to extended operations
that get us closer to integration the faster we are going to
have a more robust domestic, I would say, more volume.
As I indicated in my testimony, we have a very robust
domestic industry that has been doing this for a long time and
my community is not just operating in the airspace, it's
operating on the ground and in the maritime domain, as well,
and I think we need to think about unmanned systems in a more
holistic way.
So that to my mind is the solution. The faster we can move
toward extended operations, integrate aircraft, the unmanned
systems into the airspace safely and securely the more robust
and independence we will have.
Senator Sullivan. And is there anything that we in
particular should be doing here in the Congress with regard to
helping spur that development?
Mr. Wynne. I'm rarely at a loss for words on what I want
Congress to do, but I will say that we are still trying to
catch up with all of the things that were in the
Reauthorization Act for the FAA. We've talked about some of
those things----
Senator Sullivan. Do you think that was a good start?
Mr. Wynne. Beg pardon?
Senator Sullivan. Do you think that was a good start, what
was in there on the----
Mr. Wynne. I do. I do, and I participate on the Drone
Advisory Committee. We are trying to help the FAA with those
priorities. We've talked about remote identification as one of
them.
I'm also on the Management Advisory Council for the
Administrator and I can see how that fits into the broader
challenges that the FAA has in terms of other new entrants,
like commercial space, hypersonic, etcetera. So it's a
challenging and very exciting time.
Senator Sullivan. Good. Let me finish. Dr. Cahill, I didn't
want you to travel all this way without another question on an
important topic for you and Ms. Stubblefield, but it's the
issue of the beyond visual line of sight operations and long-
range testing, which again a state like ours, Alaska, given the
vast open spaces, has a lot of opportunities, but I also think
it's realistic training and experimentation because, as you
know, as we all know, the line of sight restrictions for drone
operations are not realistic as with regard to how drones are
used, whether in the military or, you know, industrial
inspections.
So let me ask both you and Ms. Stubblefield this last
question. The UAS Integration Pilot Program sites, like in
Alaska, are having a difficulty being allowed to fly beyond
visual line of sight for their tests.
My understanding, Dr. Cahill, is that the University of
Alaska Fairbanks, has actually had to conduct long-range beyond
visual line of sight operations in Canada, not Alaska, our good
friends, who also have a lot of space, but we'd rather be doing
it in our country.
Can you talk to this, and then perhaps, Ms. Stubblefield,
if you can discuss what the FAA's trying to do to address these
limitations which I think I understand the reasoning for them
but they don't seem to make a lot of sense, particularly in
places like Alaska where, you know, you have a lot of
opportunity for beyond line of sight testing?
So maybe, Dr. Cahill, if you can take a crack at this and,
Ms. Stubblefield, if you can address what you're trying to do
at the FAA to help her cause and our cause nationally?
Dr. Cahill. Certainly. Mr. Chairman, in terms of working at
the University of Alaska Fairbanks, we are an IPP site. We have
been working hand-in-hand with the FAA to work on the beyond
the visual line of sight safety cases and including detecting
the avoid technologies and other technologies to ensure the
safety of aviation in Alaska.
We have a large general aviation population. We want to
make sure that we do not ever create an incident. So we're
working hand-in-hand but we all know that FAA regulations are
written in blood.
So it is a case of being very careful to make sure that any
technology we are using is tested strongly enough that we can
say, yep, we can do this without visual observers and others.
This is important for Alaska because we can't put visual
observers where we want to fly. We can't stay in line of sight.
We don't have a last mile delivery problem. We have a last
several hundred miles delivery problem.
With the FAA, the concern is about being able to make sure
that you are not going to impact manned aviation and right now,
the FAA prefers that unmanned aircraft do not run transponders.
Canada will let us run transponders and let us run as a real
aircraft.
Senator Sullivan. So is that why UAF, University of Alaska
Fairbanks, is conducting beyond line of sight operations in
Canada?
Dr. Cahill. So Transport Canada had subcontracted to an
Inuit-owned company to do operations and developed the concept
of operations for operating in northern airports. Transport
Canada has a surveillance mission for all of Northern Canada
and they know that they're going to be getting some larger
aircraft. They have bought a European equivalent of the Global
Hawk and they need to work on how we actually integrate it at
airports.
They chose the University of Alaska Fairbanks, because we
have a lot of experience and some larger platforms to go ahead
and do this work. So we are doing operations in Canada out of
Canadian airports where we are transpondered. We are in the
flight patterns of the airports. I can tell whether or not our
team is at work because I come in in the morning, I can raise
any flight tracking software. I put in our tail number. It
tells me when we took off. It shows me exactly where our
aircraft is, what the pattern is, and we are communicating with
air traffic control and with all of the other aircraft in the
airspace.
So we are for all purposes, except for the fact our pilot
is not on the plane, acting as an aircraft there. We are trying
to feed all this data back into the FAA to say here's what
we're doing, here are the policies and procedures we're helping
develop to further this safely into the Alaskan airspace, but
there are issues in terms of transponders. There are issues in
terms of beyond visual line of sight detect and avoid, and I
think a bunch of things are going to need to come together to
really enable that.
We're very, very close and we are all trying to do this
safely. Safety is the key thing here. But I think with the
experience we're gaining in Canada with going--we flew 3,000
nautical miles beyond visual line of sight last summer in
Canada.
In the United States, I have permission to go 11 and a half
miles. That's the extent. So for me, it is a major difference
in terms of which country I'm operating in.
Senator Sullivan. Let me just ask a final question. Ms.
Stubblefield, can you address that, and are there ways in which
the FAA is looking to address this huge disparity obviously in
terms of non-line of sight? It's a pretty large disparity that
I think undermines the ability of universities like UAF to do
the kind of testing which we all recognize is important.
Ms. Stubblefield. Yes, sir. First, I'll say that again
going back to the remote identification, that's why it's so
critical beyond visual line of sight. It is vital to get that
off the ground and obviously the point of the IPP is to work
very closely with our IPP partners, including the University of
Alaska, to be able to work through these challenges and we're
breaking ground, quite frankly, on some of these issues.
I will apologize. This is not my area of expertise. So I
can't speak specifically to the challenge that Dr. Cahill
talked about, but we will certainly get back to you, sir, with
more in-depth knowledge. I apologize. I don't have that.
Senator Sullivan. OK. If you can get something for the
record for us to address that question in detail from the FAA
that would be very helpful.
Well, listen, I want to thank everybody. Thanks for your
patience. This was a little unorthodox where we've had to
recess a few times because of the vote schedule here, but I
want to thank all the witnesses, very, very informative.
We have a lot of work to do I think at all levels in the
legislative branch, executive branch, but as is the case with a
lot of these issues that are before this subcommittee, there's
a growing awareness of the challenges which in many ways is the
first step toward wisdom on how to address them.
We're starting to see that. You're starting to see a
bipartisan concern on a whole host of these economic and
security issues.
So I want to thank the witnesses and the record of the
hearing will remain open for two weeks. During this time,
Senators are asked to submit questions, additional questions
for any of the witnesses. Upon receipt, we respectfully request
the witnesses to submit their written answers to the Committee
as soon as possible but no later than Tuesday, July 2, 2019.
Again, I want to thank the witnesses.
This hearing is now adjourned.
[Whereupon, at 4:15 p.m., the hearing was adjourned.]
A P P E N D I X
Electronic Privavy Information Center
Washington, DC, June 18, 2019
Hon. Dan Sullivan, Chairman,
Hon. Edward Markey, Ranking Member,
U.S. Senate Committee on Commerce, Science, and Transportation,
Subcommittee on Security,
Washington, DC.
Dear Chairman Sullivan and Ranking Member Markey:
We write to you regarding the hearing on ``Drone Security:
Enhancing Innovation and Mitigating Supply Chain Risks.'' \1\ We write
to call your attention to the comprehensive regulations for drone
safety and privacy recently adopted by European Commission. The
regulation incorporates several safeguards supported by members of this
Committee. We urge the full committee to adopt standards for drone
operation in the United States that provide at least as much protection
as do the recently adopted standards for Europe.
---------------------------------------------------------------------------
\1\ Drone Security: Enhancing Innovation and Mitigating Supply
Chain Risks, 116th Cong. (2019), S. Comm. on Commerce, Sci., and
Trans., Subcomm. on Security (Jun. 18, 2019), https://
www.commerce.senate.gov/public/index.cfm/2019/6/drone-security-
enhancing-innovation-and-mitigating-supply-chain-risks.
---------------------------------------------------------------------------
The EU drone rules require the real-time broadcasting of certain
data, including the drone operator registration number, the
geographical position of the drone, the drone route course, and the
position of the drone operator.\2\
---------------------------------------------------------------------------
\2\ Commission Regulation 2019/945, 2019 O.J. (L 152) 1.
---------------------------------------------------------------------------
The Federal Aviation Administration recently published an interim
final rule that will require a visible registration number on the
exterior of drones.\3\ Previously, registration numbers could be hidden
inside drones. While EPIC agrees external marking are preferable to
hidden identifiers, EPIC said the rule did not go far enough. In
comments to the FAA, EPIC wrote, ``Because drones present substantial
privacy and safety risks, EPIC recommends that the FAA require any
drone operating in the national airspace system to broadcast location
when aloft (latitude, longitude, and altitude), course, speed over
ground, as well as owner identifying information and contact
information[.]'' \4\ EPIC also suggested the agency require operators
register and broadcast surveillance capabilities.
---------------------------------------------------------------------------
\3\ External Marking Requirement for Small Unmanned Aircraft, 84
Fed. Reg. 3669-3673 (Feb. 13, 2019), https://www.federalregister.gov/
documents/2019/02/13/2019-00765/external-marking-requirement-for-small-
unmanned-aircraft.
\4\ Comments of EPIC et al., to the Federal Aviation Admin.,
External Marking Requirement for Small Unmanned Aircraft (Mar. 15,
2019), https://epic.org/apa/comments/EPIC-Coalition-Comments-FAA-Drone-
ID-Mar2019.pdf.
---------------------------------------------------------------------------
As Senators Thune and Markey recently wrote to the FAA ``remote
identification will enhance safety, security, and privacy.'' \5\ The
Senators noted that the FAA was to issue regulations or guidance on
remote identification by July 2018, but, nearly a year after that
deadline, no such regulations or guidance has been issued by the FAA.
---------------------------------------------------------------------------
\5\ Letter from Sen. Edward J. Markey and Sen. John Thune to the
Honorable Elaine Chao, Secretary, U.S. Dept. of Trans. (Apr. 29, 2019),
https://www.markey.senate.gov/imo/media/doc/Remote
percent20Indentification.pdf.
---------------------------------------------------------------------------
Currently, individuals cannot hold drone operators accountable
because it is essentially impossible to identify the drone or the
operator of a drone. The modified registration scheme proposed by the
FAA still does little to solve this problem. Solutions exist.\6\ To
increase accountability of drone operators, the FAA Reauthorization Act
of 2018 requires the FAA to consider and develop remote identification
for drones.\7\ As the FAA Aviation Rulemaking Committee Working Group 1
pointed out, ``placing a sticker or FAA registration number on the UAS
will not provide remote ID and tracking, as it would be nearly
impossible to read a registration number on a UAS that is more than a
few feet away.'' \8\ Passive identification does not go far enough--the
FAA must require active remote identification. The FAA should mandate
remote identification and ensure also that drones routinely broadcast
course, location, and other relevant operational information. Drones
should simply not continue to fly above the laws that protect public
safety.
---------------------------------------------------------------------------
\6\ See, e.g., Isabella Lee, FAA Issues Request for Information
(RFI) from Industry Partners Interested in Developing Remote ID and
Unmanned Traffic Management (UTM) Systems (Jan. 24, 2019) https://
uavcoach.com/remote-id-faa-rfi/ (``Remote ID development and testing
has already begun in the private and commercial sector.'').
\7\ See Federal Aviation Administration Reauthorization Act of
2018, Pub. L. No. 115-254, Sec. 376(b)(2), (c)(3)(A) 132 Stat. 3186,
3305-06 (2018) (directing the FAA to develop a plan for the
implementation of unmanned aircraft systems traffic management (UTM)
services that, inter alia, permit the testing of remote identification
and that assess the risks raised and mitigation means required to
remotely identify drones).
\8\ Aviation Rulemaking Comm., Fed. Aviation Admin., ARC
Recommendations Final Report: Appendix B Working Group 1 Report 42
(2017), https://www.faa.gov/regulations_policies/rulemaking/committees/
documents/media/UAS%20ID%20ARC%20Final%20Report%20with%20Appendices.pdf
---------------------------------------------------------------------------
We ask that this letter be submitted into the hearing record. EPIC
looks forward to working with the Subcommittee on this issue.
Sincerely,
/s/Marc Rotenberg
Marc Rotenberg
EPIC President
/s/Jeramie Scott
Jeramie Scott
EPIC Senior Counsel
/s/Caitriona Fitzgerald
Caitriona Fitzgerald
EPIC Policy Director
______
Statement from the American Fuel & Petrochemical Manufacturers
The American Fuel & Petrochemical Manufacturers (AFPM) is a trade
association representing high-tech American manufacturers of virtually
the entire U.S. supply of fuels and home heating oil, as well as the
petrochemicals used as building blocks for thousands of vital products
in daily life. AFPM members make modern life possible and keep America
moving and growing as they meet the needs of our Nation and local
communities, strengthen economic and national security, and support
over three million American jobs.
In today's fast changing world, the Nation's critical energy
infrastructure continues to face new threats and challenges, as new
vulnerabilities and pathways develop over time. AFPM members are
committed to protecting the health and safety of their workers,
contractors, customers, and the communities where they operate.
AFPM member companies recognize the National Airspace System
(``NAS'') is a highly integrated and complex network designed to
provide safe and reliable air transportation throughout the United
States. Unmanned aircraft systems (``UAS'') must be integrated into the
NAS while maintaining safety and without introducing excessive risk to
airspace users or persons and property on the ground. While significant
UAS integration progress has been made, there is still work to do. We
are committed to striking the appropriate regulatory and legislative
balance to ensure that American innovation can thrive without
compromising the security of the Nation's critical infrastructure.
Small UAS have become one of the most pressing security issues for
critical infrastructure owners and operators, including refineries and
petrochemical manufacturing facilities. Finding reliable and
scientifically valid methods to identify and interrupt intruding drones
is vitally important. In that regard, establishing remote
identification standards for all UAS operators and requiring they
register with the Federal Aviation Administration (``FAA'') will help
enhance the safety and security of the NAS and critical infrastructure
facilities.
Additionally, we remain concerned that FAA has not yet acted on its
statutory mandate in the FAA Extension, Safety, and Security Act of
2016 to allow critical infrastructure operators to apply for
designation to prohibit or restrict the operation of UAS in close
proximity to a fixed site facility.
Understanding that remote identification is an integral step in
detection and deterrence, we are concerned to see that the FAA has
further delayed the remote identification rule publication. We strongly
urge FAA to work expeditiously in finalizing the remote identification
rule and look forward to working with Congress and FAA on remote
identification and section 2209 implementation.
Thank you for your attention and work on security threats and
challenges posed by UAS, including the status of UAS detection and
mitigation technology and capabilities. We appreciate your leadership
on this important issue and look forward to working with lawmakers as
the process moves forward.
______
Response to Written Questions Submitted by Hon. Dan Sullivan to
Angela H. Stubblefield
Question 1. Sec. 383 of the most recent FAA Reauthorization directs
the FAA to work with DOD and DHS to help ensure counter drones, or
CUAS, that detect and mitigate hostile UAS do not adversely impact
airport operations or the NAS. This is a good step for the FAA but how
does it plan to address similar threats presented to other sectors,
such as energy, telecommunications, or even chemical? Does Sec. 383
give you the necessary authority to charter an ARC to examine how this
threat impacts other settings besides airports?
Answer. Section 383(a) requires the Administrator to work with the
Secretary of Defense, the Secretary of Homeland Security, and the heads
of other relevant Federal departments and agencies for the purpose of
ensuring that technologies or systems that are developed, tested, or
deployed by Federal departments and agencies to detect and mitigate
potential risks posed by errant or hostile unmanned aircraft system
operations do not adversely impact or interfere with safe airport
operations, navigation, air traffic services, or the safe and efficient
operation of the national airspace system. Section 383(b) also requires
the FAA to develop a plan for the certification, permitting,
authorizing, or allowing of the deployment of technologies or systems
for the detection and mitigation of unmanned aircraft systems. In
addition, section 383(b) requires the Administrator to charter an
aviation rulemaking committee (ARC) to make recommendations for such a
plan and any standards that the Administrator determines may need to be
developed with respect to such technologies or systems.
Given this authority, in addition to the FAA's broad mandate to
maintain the safety and efficiency of the National Airspace System
(NAS), we believe the FAA has sufficient statutory authority to
consider impacts generally to the NAS that are introduced by UAS
detection and mitigation systems, including other settings outside the
airport environment, in developing standards for C-UAS use.
Regarding addressing similar threats presented to other sectors,
the FAA is working closely with interagency partners, including the
study being conducted by the Department of Homeland Security pursuant
to section 1602 on critical infrastructure, to assess risks and
determine what, if any, additional authorities and resources are
needed. The FAA is coordinating with DHS and DOJ on that study.
Question 2. Have foreign entities, including Chinese -owned
companies, or organizations who receive funding by foreign entities
been involved in the development of Unmanned Aircraft System Traffic
Management (UTM)? Will foreign entities be allowed to operate UTMs,
and, if so, under what conditions?
Answer. UTM is a ``traffic management'' ecosystem for non-
controlled operations that is separate from, but complementary to, the
controller-provided services in the FAA's Air Traffic Management
system. UTM utilizes industry's ability to supply services under the
FAA's regulatory authority where these services do not exist. It is an
operator-centric concept with layered procedures, systems, and
responsibilities that will support the separation of UAS from one
another and from manned aircraft. Starting in April 2019, the FAA began
onboarding new service suppliers in six-month waves with UAS Service
Suppliers (USS) providing the UTM services directly.
Foreign entities will be allowed to operate services that are part
of the suite of tools and capabilities necessary for UTM. There are
several foreign USS that are currently approved for LAANC. The FAA is
working to implement data sovereignty, transparency, and protection
requirements for all USS. We will continue to work with our interagency
partners and evaluate potential data security risks and any necessary
mitigations.
LAANC is the Low Altitude Authorization and Notification
Capability, a collaboration between FAA and Industry. It directly
supports UAS integration into the airspace. It provides access to
controlled airspace near airports through near real-time processing of
airspace authorizations below approved altitudes in controlled
airspace.
Question 3. Have foreign entities, including Chinese owned
companies, or organizations who receive funding by foreign entities,
been chosen as providers of the Low Altitude Authorization and
Notification Capability (LAANC)? If so, what security and privacy
requirements has the FAA placed on foreign operators?
Answer. Both foreign companies and U.S. companies receiving
international funding are participating in LAANC.
All LAANC Providers sign a Memorandum of Agreement (MOA) and agree
to abide by specific operating rules. Both documents are available at
https://www.faa.gov/uas/programs_partnerships/data_exchange/
laanc_for_industry/, and all participants agree to the same terms. The
FAA is working to implement requirements that ensure data transparency,
sovereignty, and protection requirements are included for all USS.
Question 4. As the recent FAA reauthorization bill requires, the
FAA is developing a knowledge test for recreational UAS users--at
present, this has been suggested to be over 1 million Americans,
approximately. Will foreign entities, including Chinese-owned
companies, or organizations who receive funding by foreign entities be
allowed to conduct testing for recreational drone operators, allowing
them to obtain personal information of American citizens?
Answer. The FAA's top priority is safety. Our goal is to have the
test administered to the greatest number of recreational flyers. We
look forward to engaging with our Federal security partners as we
finalize the administration of this test. We're also putting out a
request for information (RFI) seeking input from the industry on how
the test should be administered.
______
Response to Written Questions Submitted by Hon. Deb Fischer to
Angela H. Stubblefield
Section 2209 of the FAA Extension, Safety, and Security Act of 2016
directs the FAA to set up a process by which operators of non-
governmental fixed site facilities could petition the agency to
prohibit UAS operations over critical infrastructure. During a Commerce
Committee hearing last month, Jay Merkle of the FAA's UAS Integration
office said the FAA is still working on a rulemaking. However, the 2016
legislation required the FAA to establish this process within 180 days.
Question 1. Please explain why the FAA is delayed in implementing
the 2209 process, and what the FAA's timeline is for implementation.?
Answer. In order to implement section 2209 of the FAA Extension,
Safety, and Security Act of 2016 (FESSA), the Department of
Transportation/FAA determined rulemaking is required and has initiated
this regulatory action.
In order to begin meeting the intent of 2209, the FAA used existing
authority (14 CFR 99.7) to establish special security instructions in
the form of flight restrictions over national security-sensitive sites
identified and sponsored by Federal security agencies (such as military
installations, sensitive energy facilities, high risk Federal prisons,
and iconic landmarks like the Statue of Liberty, Hoover Dam, and Mount
Rushmore). This activity has provided valuable lessons learned that are
informing the process being established in the rulemaking. As we
proceed with this work, FAA continues to meet with government partners,
critical infrastructure owners and associations to learn about the
volume of facilities various critical infrastructure sectors would like
to cover, incident response planning, law enforcement engagement,
public education and community outreach.
We strongly believe Remote ID requirements as part of a robust UTM
suite of services are going to resolve a lot of the challenges Congress
anticipated with 2209 to address the concerns of critical
infrastructure owners. Therefore, we have focused Agency resources on
maximally expediting the Remote ID rulemaking. Remote ID will be
crucial to enable enforcement of UAS flight restrictions as it will
permit location and identification of the operator whose UAS is
violating the flight restriction.
Question 2. Additionally, how do you expect FAA will define
``critical infrastructure'' facilities for the purpose of establishing
the 2209 process?
Answer. Section 2209 of the FAA Extension, Safety and Security Act
of 2016 required the Secretary of Transportation to establish a process
to prohibit or restrict the operation of an unmanned aircraft in close
proximity to a fixed site facility. The only fixed site facilities this
applies to include: ``Critical infrastructure, such as energy
production, transmission, and distribution facilities and equipment.
Oil refineries and chemical facilities. Amusement parks; and, other
locations that warrant such restrictions.'' The FAA Reauthorization Act
of 2018 amended the definition of a fixed site facility to explicitly
include railroad facilities.
Presidential Policy Directive 21, concerning critical
infrastructure security and resilience, states that the term ``critical
infrastructure'' has the meaning provided in section 1016(e) of the USA
Patriot Act of 2001 (42 U.S.C. 5195c(e)), namely systems and assets,
whether physical or virtual, so vital to the United States that the
incapacity or destruction of such systems and assets would have a
debilitating impact on security, national economic security, national
public health or safety, or any combination of those matters.
As the section 2209 rulemaking drafting process continues, FAA is
coordinating with DHS/CISA and making a determination about the scope
of critical infrastructure as it relates to implementation of section
2209.
______
Response to Written Questions Submitted by Hon. Todd Young to
Angela H. Stubblefield
In your testimony you note that you are using existing airspace
authority to address concerns about unauthorized UAS operations over
national-security sensitive facilities. Furthermore, this work is
informing your efforts on a yet-to-be-established process for critical
infrastructure owners to petition the FAA for UAS-specific flight
restrictions. Section 2209 of the FAA Extension, Safety, and Security
Act of 2016 directed the Secretary of Transportation to establish a
process to accept petitions to prohibit or restrict UAS operations over
critical infrastructure and other facilities--i.e. institute a no fly
zone over certain critical infrastructure.
Question 1. As I understand it, rulemaking and implementation of
Section 2209 has experienced continual delays. Why has implementation
of Section 2209 experienced delays?
Answer. Section 2209 rulemaking remains a priority for the FAA. We
also strongly believe Remote ID requirements as part of a robust UTM
suite of services are going to resolve a lot of the challenges Congress
anticipated with section 2209 to address the concerns of critical
infrastructure owners. Therefore, we have focused Agency resources on
maximally expediting the Remote ID rulemaking. Remote ID will be
crucial to enable enforcement of UAS flight restrictions as it will
permit location and identification of the operator whose UAS is
violating the flight restriction. The need to understand the scope and
volume of potential requests is also vital to developing a viable
implementation process for the rule and has necessitated meetings with
a variety of critical infrastructure operators and associations.
However, in order to begin meeting the intent of section 2209, the
FAA used existing authority (14 CFR 99.7) to establish special security
instructions in the form of flight restrictions over national security
sensitive sites identified and sponsored by Federal security agencies
(such as military installations, sensitive energy facilities, high risk
Federal prisons, and iconic landmarks like the Statue of Liberty,
Hoover Dam, and Mount Rushmore). This activity has provided valuable
lessons learned that are informing the process being established in the
rulemaking. As we proceed with this work, the FAA continues to meet
with critical infrastructure owners and associations to support learn
about the volume of facilities various critical infrastructure sectors
would like to cover, incident response planning, law enforcement
engagement, public education and community outreach.
Question 2. Do you need additional support from Congress to
implement Section 2209?
Answer. The FAA is working diligently to establish the regulatory
framework necessary for the safe and secure integration of UAS into the
National Airspace System. As noted above, the rulemaking to implement
section 2209 is one of several priorities for DOT and the FAA in this
regard.
From a national security perspective, there will always be varying
concerns about the risks associated with the advancement of information
technology products and services in the global supply chain. These
risks are generally associated with the Federal government's limited
visibility into, understanding of, and control over how foreign
technology is developed, integrated, and processed to assure the
integrity and security of the products. Nonetheless, with respect to
the United States economy, it is still important to maintain an open
investment climate in information technology, but there must be balance
between consumer and industry needs, and national security.
Question 3. With Chinese UAS companies clearly focusing on
controlling the drone hardware market, can you elaborate on a national
strategy to focus on supply chain concerns?
Answer. We believe the President's recent ``Executive Order on
Securing the Information and Communications Technology and Services
Supply Chain'' is prescient on this topic. We will work with the
agencies identified in his EO to protect the security, integrity, and
reliability of information and communications technology and services
provided and used in the United States. The EO directs the Secretary of
Commerce, in consultation with many other cabinet officials (the
Secretary of the Treasury, the Secretary of State, the Secretary of
Defense, the Attorney General, the Secretary of Homeland Security, the
United States Trade Representative, the Director of National
Intelligence, the Administrator of General Services, the Chairman of
the Federal Communications Commission, and, as appropriate, the heads
of other executive departments and agencies), to identify if foreign
information and communications technology or services pose undue risks
to the United States. It also allows them to negotiate measures to
mitigate risks. The EO was only recently published, but we are
analyzing its potential applicability and look forwarded to working
with the National Security Council and interagency partners to
implement the order, as appropriate.
Question 4. Additionally, what policies would you suggest to
effectively protect data of consumers or related to national security
that could be stored by foreign vendors or third parties?
Answer. The FAA considers cyber and data security risks and
mitigations in our mission to maintain the safety and efficiency of the
National Airspace System, including certification of aircraft and
avionics systems, as well as protection of the air navigation services
infrastructure. Cyber security and data protection in the context of
UAS is also paramount. While UAS are aircraft, they are also like so
many highly computerized devices we use in our professional and
personal lives that can collect data and connect to the Internet where
information systems and data can be vulnerable to misuse if they are
not adequately protected. UAS operators, just like computer users, need
to be aware of what data they are collecting with their UAS and
consider what level of protection it should be afforded.
The FAA strongly recommends that UAS operators read the user
licensing agreements on their drones and assess whether the data
access, sharing, and protection policies the manufacturer has in place
are adequate or whether their data sensitivity necessitates additional
protection from disclosure and misuse or even selection of a different
UAS. The FAA is also looking at agreements the Agency has with non-
federal UAS service suppliers (USS) to ensure data transparency,
sovereignty, and protection requirements are included. It is also
important to consider not just the state of the drone manufacturer but
also, depending on the sensitivity of the UAS work, the state of the
manufacture of components of the drone--such as chip sets and cameras.
Users should conduct risk-based analysis of their drones and the
purposes for which they use their drones to determine the level of
protection needed. That risk may vary widely between, for example, a
real estate agent and an electrical power plant manager.
We recognize that consumers do not have unlimited budgets and,
thus, they must balance cost with data sensitivity and security risks.
Alternatives do exist, but there may be a cost and capabilities trade-
off to consider.
______
Response to Written Questions Submitted by Hon. Amy Klobuchar to
Angela H. Stubblefield
One of the provisions in the 2018 FAA Reauthorization Act required
a study to assess privacy concerns that have been raised regarding the
integration of unmanned aerial systems (UAS) into the national
airspace. You also noted the need to secure data collected by UAS in
your testimony.
Question 1. In your view, what actions should be taken to address
both security and privacy concerns in response to the increased use of
UAS?
Answer.
Security:
The FAA considers cyber and data security risks and mitigations in
our mission to maintain the safety and efficiency of the National
Airspace System, including certification of aircraft and avionics
systems, as well as protection of the air navigation services
infrastructure. Cyber security and data protection in the context of
UAS is also paramount. While UAS are aircraft, they are also like so
many highly computerized devices we use in our professional and
personal lives that can collect data and connect to the Internet where
information systems and data can be vulnerable to misuse if they are
not adequately protected. UAS operators, just like computer users, need
to be aware of what data they are collecting with their UAS and
consider what level of protection it should be afforded.
The FAA strongly recommends that UAS operators read the user
licensing agreements on their drones and assess whether the data
access, sharing, and protection policies the manufacturer has in place
are adequate or whether their data sensitivity necessitates additional
protection from disclosure and misuse or even selection of a different
UAS. The FAA is also looking at agreements the Agency has with non-
federal UAS service suppliers (USS) to ensure data transparency,
sovereignty, and protection requirements are included. It is also
important to consider not just the state of the drone manufacturer but
also, depending on the sensitivity of the UAS work, the state of the
manufacture of components of the drone--such as chip sets and cameras.
Users should conduct risk-based analysis of their drones and the
purposes for which they use their drones to determine the level of
protection needed. That risk may vary widely between, for example, a
real estate agent and an electrical power plant manager.
We recognize that consumers do not have unlimited budgets and,
thus, they must balance cost with data sensitivity and security risks.
Alternatives do exist, but there may be a cost and capabilities trade-
off to consider.
Privacy:
It's not the FAA's mission, direction, or expertise to determine
what data privacy issues need to be regulated. As a general matter,
privacy intrusions tend to implicate state and local laws, rather than
Federal law. Accordingly, state law may already provide recourse for a
person whose privacy may be impacted by a remote pilot's use of a UAS.
Although the FAA recognizes that unique characteristics and
capabilities of UAS may pose risks to individual privacy, such concerns
are generally related to technology and equipment that may be installed
on an unmanned (or manned) aircraft and are not related to the safe
flight of the aircraft, which is the FAA's primary focus.
With that said, there are best practice documents available to
support both government and private sector use of UAS in a manner that
respects privacy, civil rights, and civil liberties.
NTIA published a voluntary best practices document,
``Voluntary Best Practices for UAS Privacy, Transparency, and
Accountability'', focused on data collected via a UAS
(commercial and non-commercial) and based on direction from the
President on February 15, 2015 to establish ``[A] multi-
stakeholder engagement process to develop and communicate best
practices for privacy, accountability, and transparency issues
regarding commercial and private UAS use in the NAS. . .'' The
FAA participated fully in this engagement process, which led to
the publication of best practices in May 2016.
In December 2015, DHS also published a set of best
practices, titled ``Best Practices for Protecting Privacy,
Civil Rights & Civil Liberties In Unmanned Aircraft Systems
Programs'' to inform DHS and local, state, tribal and Federal
government partners and grantees interested in establishing UAS
programs to ensure such programs are grounded in policies and
procedures that are respectful of privacy, civil rights, and
civil liberties. These best practices are not prescriptive, but
represent an optimal approach to sustaining privacy, civil
rights, and civil liberties throughout the lifecycle of a UAS
program. Although the intended audience is government agencies,
the private sector may also find these practices instructive in
operating UAS.
Question 2. What steps has the FAA taken to make sure that
companies are held accountable when data from a drone is misused?
Answer. Depending on the specific type of ``misuse,'' state or
Federal law may provide recourse for an individual whose data may have
been misused. Additionally, for USS, the FAA is instituting contractual
obligations for the handling of UAS and operator information.
______
Response to Written Questions Submitted by Hon. Tammy Duckworth to
Angela H. Stubblefield
Question 1. What specific recommendations or best practices does
the FAA provide to stakeholders, including law enforcement entities,
interested in addressing or preventing unauthorized drone access at
their facilities? What technology would the FAA recommend airports and
other critical infrastructure operators use to detect and deter drones?
Answer. The FAA revised its publicly available website on March 6,
2019 to include a comprehensive toolbox of information for the public
safety community. The toolbox includes information on how public safety
agencies can establish a drone program to enhance their capabilities as
well as how to pursue enforcement for suspected unauthorized drone use.
Current printable reference materials available to public safety
officials on the FAA website include: Law Enforcement Guidance for
Suspected Unauthorized UAS Operations, Law Enforcement Pocket Drone
Card. New additions include an expanded Law Enforcement and Public
Safety reference card and a reference card titled Drones in Public
Safety: A Guide to Starting Operations. We also have a ``No Drone
Zone'' kit with signage that property owners/managers can use to alert
the public that that drones may not take off or land on their property.
The site will continue to be updated with additional resources and
links to important information.
The FAA has finalized a comprehensive plan for communicating
information with public safety partners on responding to threats posed
by UAS. The plan includes numerous tactics to educate the public safety
community including offering live webinars, on-demand videos, a
repository of on-line information (guidance documents, videos, handouts
etc.), increased social media engagement and partnership with law
enforcement and public safety by both FAA headquarters and field law
enforcement assistance program special agents. Several of the proposals
have already come to fruition, and our engagement will continue to
increase and evolve with the development of future regulations.
The FAA's Law Enforcement Assistance Program (LEAP) is another key
resource for our law enforcement and security partners concerned about
errant or malicious UAS operations. This cadre of special agents, who
provide educational and investigative support to law enforcement,
conducts dozens of outreach sessions with law enforcement and public
safety partners each quarter. In addition, LEAP agents follow up with
law enforcement after notification of each alleged unauthorized UAS
operation reported to the FAA to see if we can provide information to
support their investigation or receive information to support an FAA
civil enforcement investigation.
The FAA distinguishes between UAS detection and UAS mitigation (C-
UAS) technology. UAS detection systems may detect, identify, monitor,
or track UAS. C-UAS means a system or device capable of lawfully and
safely disabling, disrupting, or seizing control of a UAS. While there
are a wide variety of commercially available UAS detection and
mitigation solutions in the marketplace, most are based on systems
designed for military applications, and sufficient testing has not been
conducted to determine their performance and impacts in domestic civil
environments. The potential impacts many of these mitigation systems
can have on avionics, air navigation services infrastructure, and
compliant UAS argue for a careful, coordinated, and phased approach to
allowing their use in the NAS. The FAA and other Federal agencies are
currently undertaking efforts to test these technologies in a variety
of civil environments in the coming months.
The use of UAS detection or C-UAS technology may implicate
provisions of law in title 18 and title 49 of the United States Code.
Only four Federal entities have express statutory authority to use C-
UAS technology: Department of Defense, Department of Energy, Department
of Justice, and Department of Homeland Security. The FAA does not
support the use of C-UAS technology by any public or private entity
beyond these four Federal agencies.
Regarding the use of UAS detection technology, in early May, the
FAA published an information package for airport sponsors containing
useful information about UAS detection systems and how to coordinate
with the FAA. Much of that information is useful to entities
considering how to identify and respond to unauthorized UAS operations
outside the airport environment as well.
Part of the UAS Detection Package sent by FAA to airports on May 7,
2019, was a document titled ``Technical Considerations''. This document
consists of selected technical questions and supporting materials that
may assist organizations that are reviewing the capabilities and
limitations of UAS detection systems. See https://www.faa.gov/airports/
airport_safety/media/Attachment-3-UAS-Detection-Technical-
Considerations.pdf
Question 2. The FAA's Drone Advisory Committee includes executives
from a cross-section of UAS stakeholders, including industry, academia
and retail. However, it does not appear that the perspectives of the
counter-drone (C-UAS) technology community is represented. Is this
simply an oversight, a lack of expressed interest by counter-drone
interests, or some other reason? Do you think the FAA should appoint a
member of the C-UAS technology community to the Drone Advisory
Committee? Please describe how FAA has communicated with C-UAS
interdiction technology developers any technical requirements or
feedback about the agency's view of how C-UAS should work in the
National Airspace System.
The FAA's Drone Advisory Committee (DAC) does include a member of
the C-UAS technology community: Jaz Banga, Co-Founder and CEO of
Airspace Systems, Inc. He represents the perspectives of the C-UAS
technology community. He is also currently leading a DAC task group
focused on recommendations for how industry can assist in reducing the
instances of unauthorized use of UAS by clueless or careless operators.
The FAA has met with dozens of UAS detection and mitigation
solution providers since 2016 and continues to meet with them on an
often weekly and/or monthly basis. We discuss with them the FAA's
concern about adverse safety impacts on NAS systems and compliant UAS,
as well as the mechanics of their systems and their performance in
different environments. We also review information and testing results
from other U.S. government agencies' tests of many C-UAS technologies.
The FAA was directed in section 383 of the FAA Reauthorization Act
of 2018 to develop a plan for the certification, permitting,
authorizing, or allowing of the deployment of technologies or systems
for the detection and mitigation of unmanned aircraft systems. In
addition, section 383 requires the Administrator to charter an ARC to
make recommendations for such a plan and any standards that the
Administrator determines may need to be developed with respect to such
technologies or systems. The FAA is working to implement these
requirements.
Question 3. Please describe all efforts FAA is making to stay
abreast of the most current capabilities for C-UAS detection and
identification and C-UAS interdiction and mitigation technology.
Answer. First, FAA has met and continues to meet on a weekly or
monthly basis with dozens of UAS detection and mitigation manufacturers
and vendors to be briefed on their products. Secondly, the FAA attends
or reviews the results of many of the testing demonstrations conducted
by our interagency, and sometimes state and local law government,
partners. Finally, as stated above, the FAA is working to implement the
requirements of section 383 of the FAA Reauthorization Act of 2018.
Question 4. Please describe all of the tests and demonstrations FAA
has conducted for C-UAS technology, including tests and demonstrations
for detection and identification technology and tests and
demonstrations of C-UAS interdiction and mitigation technologies.
Answer. Consistent with section 2206 of the FAA Extension, Safety
and Security Act of 2016, the FAA conducted a pilot program to evaluate
the feasibility of integrating detection equipment in the airport
environment. Additional discussion of this effort is included below.
Section 383 of the FAA Reauthorization Act of 2018, Airport Safety and
Airspace Hazard Mitigation and Enforcement, directs and grants
authority to the FAA to conduct, notwithstanding various provisions of
title 18 and title 49, United States Code, additional testing of
detection and mitigation technologies at airports as well as develop
standards and a plan for allowing detection and mitigation systems to
be used in the NAS. The FAA is currently developing the actions,
resources requirements, and timeline for the section 383 pilot project
work and will be coordinating with other Federal agencies on these
efforts.
Section 2206 of the FAA Extension, Safety and Security Act of 2016
directed the FAA to establish a pilot program to evaluate the use of
UAS detection systems near airports and other critical infrastructure.
This congressional mandate did not provide the FAA with any relief from
various provisions of title 18 and title 49 implicated by certain
detection and all mitigation technologies. Under this program, the FAA
conducted limited technology evaluations at three airports (Atlantic
City International; Denver International Airport; Dallas Fort-Worth
International Airport) and worked with FBI on an evaluation at JFK
International in New York. We gained valuable data, but due to legal
constraints, no active Radio-Frequency (RF) technologies were
evaluated--only passive RF and other detection capabilities were
evaluated. That pilot program concluded, but the FAA has continued to
work with its interagency partners on detection and mitigation
evaluation efforts all of which are informing the section 383 pilot
program we are developing now.
The results of the section 2206 pilot suggested currently available
detection technologies, which do not implicate title 18 and other
Federal laws, encounter a number of challenges in the airport
environment that impact their performance accuracy and capabilities. In
addition, given the cost of some systems, the need for multiple
sensors/systems to address deficiencies, and the fact that 50 percent
or more of reported UAS sightings occur more than 5 miles from an
airport, the FAA believes registration, remote ID requirements for all
UAS operators, and the addition of a knowledge test for recreational
operators, which we are now able to pursue, will enable an effective
multi-faceted strategy to addressing risks posed by unauthorized UAS
operating on and around airports. Those who are conducting unauthorized
operations in the vicinity of airports could be identified and engaged
by law enforcement in real time, and the FAA would be able to pursue
education or, if necessary, enforcement action against the operator.
More testing and evaluation of detection technologies in the airport
environment is necessary to better characterize their performance
capabilities.
We do understand there is a gap between now and this future state,
which is why we published a package of useful information for airport
sponsors considering or deploying UAS detection technology. We want to
coordinate and work with airports to ensure such systems are safely
integrated into the airport environment if airports choose to deploy
them.
Testing of mitigation technology at airports is also vital to
identify and assess the FAA's ability to mitigate any safety impacts
their use may have at the airport. Section 383 testing and evaluation
will provide additional valuable information to better inform the
development of standards for UAS detection and mitigation systems.
Question 5. Why is there no FAA safety standard for UAS ``lost
link'' protocol? Has FAA assessed the risk of a UAV losing its control/
navigation signal? If so, what did it find? If not, why not?
Answer. Due to the rapid evolution of UAS technologies, there are
multiple (and more each day) methods by which an unmanned aircraft (UA)
operator may address lost link issues. Primary ``protocols'' include:
1. Pre-programmed commands directing the UA to either return to
base, land immediately, or hover in place.
2. In some instances, the UA is programmed to continue on its
predetermined course.
The definition for ``lost link'' is subjective depending on the
type of link that is used. Digital signals do not go ``lost link'' but
rather have increased delays in transmitting packet data to the UA.
Lost link occurs when the UA reaches a pre-programmed threshold delay
between data packets received. This programmed response is dependent on
the type of mission, environment, and most importantly, the air and
ground risk.
The FAA is currently in the process of determining testing
requirements for Control, Non-Payload Communications (CNPC) that will
enable the production of performance-based standards for RF-linked
operations. The criticality of the CNPC link varies with the nature of
the operation and levels of automation. A low-risk operation with a
high level of automation relies very little on the CNPC link. A more
complex operation that requires a pilot in the loop requires a more
continuous and reliable CNPC link. The standards that are being
developed, and their related testing requirements, take this variation
into consideration.
Question 6. Please explain why you believe, ``the problem with
counter-UAS capabilities right now is that it has a significant impact
on the National Airspace System and other communication systems,
especially in urban areas.'' Is this FAA's view of a specific kind of
C-UAS interdiction technology or all C-UAS interdiction technologies?
Answer. Some current C-UAS technologies pose a direct risk to
safety-of-life Air Navigation Services critical infrastructure and
avionics due to their spectrum-related impacts on these systems. In
particular, certain technologies can impact air-ground communications,
Global Positioning System (GPS) dependent navigation, and other
surveillance and airport safety systems. The operational use of C-UAS
in the National Airspace System also poses an indirect risk to persons
and property on the ground or other aircraft in flight--including
manned aircraft--depending on how the drone responds. Lastly, some C-
UAS systems can interfere with authorized or compliant drone activity
that may be occurring in proximity to the unauthorized drone. Not all
RF systems produce the same impacts on Air Navigation Service (ANS)
infrastructure, onboard manned aviation systems, nor on UAS.
The precise risks C-UAS technologies pose to safety-of-life
aircraft systems and ANS critical infrastructure depend on the specific
technology being employed, its location, and parameters of its use
(e.g., configurations regarding directional versus omnidirectional,
power levels, etc.). The FAA's greatest concern with the currently
available C-UAS technology is focused on those systems that interfere
with RF and GPS, a service on which both manned and unmanned aircraft,
as well as the agency's ANS and some airport and air carrier ground
systems, heavily rely.
In addition, given the limited amount of testing that has occurred
in the civil environment, we are also concerned about the reaction/
response of some UAS when they are subject to RF interference, which
can include uncontrolled flight that may present a safety risk for
people and property on the ground or other aircraft in-flight. Other
concerns involve impact to non-targeted aircraft, non-targeted spectrum
impacts, and ensuring non-interference with other data and
communications services, including for emergency personnel.
It is important to remember many C-UAS technologies were designed
for military use in conflict areas with very different geographies and
where collateral impacts are not a significant concern. It is vital
that C-UAS systems be tested in civil environments to determine both
impacts and efficacy.
Question 7. Does FAA believe that UAS control/navigation
communications are ``aeronautical communications'' subject to 18 USC
2511(2)(g)? Please describe the rationale for your response.
Answer. FAA recommends that any entity interested in UAS detection
or mitigation technology consult with legal counsel to assess their
risks and responsibilities under title 18, United States Code, as well
as other relevant provisions of Federal law.
______
Response to Written Questions Submitted by Hon. Todd Young to
Dr. Catherine F. Cahill
From a national security perspective, there will always be varying
concerns about the risks associated with the advancement of information
technology products and services in the global supply chain. These
risks are generally associated with the Federal government's limited
visibility into, understanding of, and control over how foreign
technology is developed, integrated, and processed to assure the
integrity and security of the products. Nonetheless, with respect to
the United States economy, it is still important to maintain an open
investment climate in information technology, but there must be balance
between consumer and industry needs, and national security.
Question 1. With Chinese UAS companies clearly focusing on
controlling the drone hardware market, can you elaborate on a national
strategy to focus on supply chain concerns?
Answer. In my opinion, if we do not maintain drone hardware and
software engineering, manufacturing, and testing capability in the
U.S., we are putting our country's security at risk. Unfortunately, the
economics of drone design and manufacturing, especially for small
commercial systems, are being driven by large foreign corporations that
are not subject to the same workforce costs, environmental standards,
and testing challenges as U.S. companies building and testing their
systems in the U.S. The costs associated with the highly technical
personnel required to design and build drone systems makes systems
designed in the U.S. more expensive than their foreign counterparts.
Additionally, manufacturing these systems is more difficult in the U.S.
where manufacturers are subject to stricter environmental standards and
labor is more expensive than in other countries. Testing also is more
difficult in the U.S. For years, U.S. companies have had to go overseas
to test their systems because the U.S. regulations have been so tight
that it was impossible to test the limits of their systems in a cost-
effective way in the U.S. Drone companies needed to have military
sponsorship to be able to test their systems in restricted airspace
because the testing of commercial systems could not be done in the
National Airspace System (NAS) outside of restricted areas, including
temporary flight restriction areas. The development of the FAA's Test
Sites was designed to help with this testing, but the Test Sites were
also limited in what could be done due to the requirements imposed on
them by their Public Aircraft status. For example, beyond visual line
of sight operations could not be conducted without chase aircraft or
daisy-chained visual observers keeping the aircraft in sight at all
time. Even now, only two beyond visual line of sight `commercial'
(i.e., under the small UAS rule [Part 107] that allows the commercial
operation of UAS in the NAS) missions have been flown in the NAS
without visual observers keeping their eyes on the airspace or aircraft
at all times. These operations were flown last week (July 30-31, 2019)
by the University of Alaska Fairbanks and their UAS Integration Pilot
Program partners. The solution to the supply chain threat must address
all of these challenges.
I recommend the following actions to protect the drone supply chain
from foreign influence:
1) Buy American
a. Require all Federal agencies conducting sensitive operations,
surveillance, critical infrastructure monitoring, mapping,
and other non-public relations missions to use U.S.-made
drones
2) Establish requirements for a system to be called a U.S.-made
drone
a. Require economic authority (pure U.S. ownership) for the drone
company and all parent companies
b. Require specific essential and software parts (autopilot,
communications devices, etc.) be U.S. made and a specific
percentage of the aircraft components be manufactured in
the U.S.
c. Require the assembly of the drone to occur in the U.S.
3) Subsidize U.S. drone manufacturers
4) Set aside remote airspace areas, preferably under the auspices of
FAA Test Sites to encourage collaboration and safe operations,
for conducting advanced commercial operations testing, such as
beyond visual line of sight tests, nighttime operations, detect
and avoid technology testing, etc.
5) Stop training foreign students in our advanced technologies
a. Do not allow foreign students to take classes or participate in
school activities that build drones or drone components,
such as autopilots, payloads, etc.
b. Do not allow foreign students to take classes that use
International Traffic in Arms Regulations (ITAR) listed
cameras or other sensor technologies
c. Do not allow foreign students to take classes directly
applicable to interfering with drone command and control,
such as jamming, hacking, spoofing
d. Educate university faculty about ITAR and enforce compliance
6) Prohibit drones from using foreign communications systems in the
U.S.
7) Prohibit Federal agencies from storing data in foreign vendor,
third party, or easily-accessible computer/cloud storage
systems
Question 2. Additionally, what policies would you suggest to
effectively protect data of consumers or related to national security
that could be stored by foreign vendors or third parties?
Answer. I recommend prohibiting Federal agencies from storing any
data, especially data related to national security or sensitive in
nature, including proprietary or confidential information provided to
the agencies by third parties, in foreign vendor, third party, or
easily-accessible computer/cloud storage systems.
To protect consumers' data, I recommend that at the very least the
Federal government should follow Europe's lead and institute a U.S.
form of their General Data Protection Regulation. Alternatively, the
Federal government could implement a nationwide version of the
California Consumer Privacy Act of 2018. Either way, consumers should
know how their data is being stored and if it is being shared. Foreign
vendors or third parties storing consumer data must be required to
comply with the data protection regulations to operate in the U.S. The
U.S. government must enforce the regulations to be effective in
protecting the consumers' data.
______
Response to Written Questions Submitted by Hon. Tammy Duckworth to
Dr. Catherine F. Cahill
Question. What is the FAA safety standard or procedure for ``lost
link'' drones that are unable to receive a navigation signal from its
operator? Are you aware of efforts at the FAA to develop a standard? If
not, should the FAA should develop such a standard or should this issue
be left to individual manufacturers?
Answer. Currently, the FAA does not have a fixed safety standard or
procedure for ``lost link''. However, the safety case for every flight
operation that requires FAA to grant a waiver or authorization requires
the operator to expressly state their ``lost link'' procedures. If the
FAA personnel reviewing the safety case do not feel that the proposed
``lost link'' procedures guarantee the safety of the National Airspace
System, they will deny the application for the waiver or authorization.
The FAA evaluates standards for inclusion in rulemaking; it does
not make them. However, ASTM International and other standards setting
bodies are working on developing standards for ``lost link'' procedures
as a part of their drone command and control standards set. The ASTM
set is shown below this paragraph. Please focus on sections 10 and 11.
The FAA will consider these standards as it develops more detailed
rules and regulations for drone operations.
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
______
Response to Written Questions Submitted by Hon. Todd Young to
Brian Wynne
From a national security perspective, there will always be varying
concerns about the risks associated with the advancement of information
technology products and services in the global supply chain. These
risks are generally associated with the Federal government's limited
visibility into, understanding of, and control over how foreign
technology is developed, integrated, and processed to assure the
integrity and security of the products. Nonetheless, with respect to
the United States economy, it is still important to maintain an open
investment climate in information technology, but there must be balance
between consumer and industry needs, and national security.
Question 1. With Chinese UAS companies clearly focusing on
controlling the drone hardware market, can you elaborate on a national
strategy to focus on supply chain concerns?
Answer. The United States UAS market has become stronger and more
robust since the FAA implemented the small UAS rule. It is the largest
national market in the world for UAS and likely to remain so for the
foreseeable future. According to the AUVSI Unmanned Systems and
Robotics Database, the United States has developed more unique UAS
platforms than any other country; and nearly twice as many as the
second largest UAS producing country. It also has more than triple the
number of manufacturers in comparison, with 44 states having at least
one UAS manufacturer.
Thousands of businesses--small and large--are using UAS. Over 1.4
million drones have been registered with the FAA, greater than 400,000
of which are registered for commercial operations. While the vast
majority follow the appropriate FAA.
The American UAS market is stronger and more robust than any other
country. To ensure domestic UAS companies continue to flourish, we need
to accelerate Federal rulemakings and develop holistic policy solutions
that give us the framework we need to keep the skies secure.
Question 2. Additionally, what policies would you suggest to
effectively protect data of consumers or related to national security
that could be stored by foreign vendors or third parties?
Answer. Safe, secure integration into the National Air Space (NAS)
is critical to realizing the potential UAS technologies have on our
society, economy, and lives. The integrity of the potentially enormous
future transfer of data, underpinning the UAS ecosystem of the future,
will require adequate standards, policies, and laws to maintain safety
of the NAS. AUVSI stands ready to support those efforts as the
landscape and requirements are defined.
______
Response to Written Question Submitted by Hon. Tammy Duckworth to
Brian Wynne
Question. What is the FAA safety standard or procedure for ``lost
link'' drones that are unable to receive a navigation signal from its
operator? Are you aware of efforts at the FAA to develop a standard? If
not, should the FAA should develop such a standard or should this issue
be left to individual manufacturers?
Answer. Yes, the FAA has developed UAS related standard procedures
for `lost link' situations. The standards are specific to the type of
operation and operator (for example; larger UAS above 55lbs, operating
in controlled airspace that have an airworthiness certificate and
smaller UAS operating under C.F.R., Part 107 and or waivers under these
regulations). We have included standards specific to UAS ``lost link''
below with excerpts from the text. Should UAS technology evolve beyond
the scope of the below standards or present an unsafe scenario
previously not present, AUVSI believes new appropriate standards should
be developed to maintain safety of the National Air Space.
Please find the sources and excerpts of known ``lost link'' related
standards below. Specific language is underlined for your benefit:
Advisory Circular 107-2
Subject: Small Unmanned Aircraft Systems (sUAS) Date: 6/21/16 AC
No: 107-2 Initiated by: AFS-800 Change:
FAA state in AC 107-2 5.2.3:
https://www.faa.gov/uas/resources/policy_library/media/AC_107-
2_AFS-1_Signed.pdf
5.2.3 Autonomous Operations. An autonomous operation is generally
considered an operation in which the remote pilot inputs a flight plan
into the CS, which sends it to the autopilot onboard the small UA.
During automated flight, flight control inputs are made by components
onboard the aircraft, not from a CS. Thus, the remote PIC could lose
the control link to the small UA and the aircraft would still continue
to fly the programmed mission/return home to land. During automated
flight, the remote PIC also must have the ability to change routing/
altitude or command the aircraft to land immediately. The ability to
direct the small UA may be through manual manipulation of the flight
controls or through commands using automation
JO 7110.65W [current]
m. 5-2-9. UNMANNED AIRCRAFT SYSTEMS (UAS) LOST LINK
This change adds a new paragraph. The change authorizes the
exclusive use of non-discrete beacon code 7400 for lost link conditions
of UASs. It also provides guidance for the air traffic controller on
how to handle the lost link situation. This change cancels and
incorporates FAA Notice JO 7110.724, dated November 11, 2016.
ORDER JO 7110.65X [current]
Effective Date: October 12, 2017
5-2-9. UNMANNED AIRCRAFT SYSTEMS (UAS) LOST LINK
Code 7400 may be displayed by unmanned aircraft systems (UAS) when
the control link between the aircraft and the pilot is lost. Lost link
procedures are programmed into the flight management system and
associated with the flight plan being flown. 9/13/18 JO 7110.65X CHG 2
JO 7110.65X 10/12/17 5-2-4 Beacon Systems When you observe a Code 7400
display, do the following: a. Determine the lost link procedure, as
outlined in the Special Airworthiness Certificate or Certificate of
Waiver or Authorization (COA). b. Coordinate, as required, to allow UAS
to execute the lost link procedure. c. Advise Operations Supervisor
(OS), when feasible, so the event can be documented. d. If you observe
or are informed by the PIC that the UAS is deviating from the
programmed Lost Link procedure, or is encountering another anomaly,
treat the situation in accordance with FAA Order J0 7110.65 Chapter 10,
Section 1, Paragraph 10-1-1c. NOTE- 1. The available lost link
procedure should, at a minimum, include lost link route of flight, lost
link orbit points, lost link altitudes, communications procedures and
preplanned flight termination points if the event recovery of the UAS
is deemed unfeasible. 2. Each lost link procedure may differ and is
dependent upon airframe and operation. These items are contained in the
flight's Certificate of Authorization or Waiver (COA) and must be made
available to ATC personnel in their simplest form at positions
responsible for Unmanned Aircraft (UAs). 3. Some UA airframes (Global
Hawk) will not be programmed upon the NAS Automation roll out to squawk
7400. These airframes will continue to squawk 7600 should a lost link
occur. The ATC Specialist must apply the same procedures described
above.
Add FAA Order JO 7110.65, [Canceled] N JO 7110.724 Air Traffic
Organization Policy Effective Date: November 10, 2016 Cancellation
Date: April 27, 2017 paragraph 5-2-9 to read as follows: 5-2-9 UNMANNED
AIRCRAFT SYSTEMS (UAS) LOST LINK Code 7400 may be displayed by unmanned
aircraft systems (UAS) when the control link between the aircraft and
the pilot is lost. Lost link procedures are programmed into the flight
management system and associated with the flight plan being flown. When
you observe a Code 7400 display, do the following: a. Determine the
lost link procedure, as outlined in the Special Airworthiness
Certificate or Certificate of Waiver or Authorization (COA). b.
Coordinate, as required, to allow UAS to execute the lost link
procedure. c. Advise Front Line Manager (FLM), when feasible, so the
event can be documented. d. If you observe or are informed by the PIC
that the UAS is deviating from the programmed Lost Link procedure, or
is encountering another anomaly, treat the situation in accordance with
FAA J0 7110.65 Chapter 10, Section 1, Para 10-1-1(c). NOTE 1--The
available lost link procedure should, at a minimum, include lost link
route of flight, lost link orbit points, lost link altitudes,
communications procedures and preplanned flight termination points if
the event recovery of the UAS is deemed unfeasible. NOTE 2--Each lost
link procedure may differ and is dependent upon airframe and operation.
These items are contained in the flight's Certificate of Authorization
or Waiver (COA) and must be made available to ATC personnel in their
simplest form at positions responsible for Unmanned Aircraft (UAs).
NOTE 3-Some UA airframes (Global Hawk, RQ-4) will not be programmed
upon the NAS Automation roll out to squawk 7400. These airframes will
continue to squawk 7600 should a lost link occur. The ATC Specialist
must apply the same procedures described above. Renumber 5-2-9 thru 5-
2-24 to 5-2-10 thru 5-2-25.
ORDER JO 7200.23 Effective Date: October 3, 2016B.
UAS Operations Information and ATO Guidance for UAs Operating Under
Part 91. to: (1) Lost Link, to include flight termination points (2)
Flyaway (3) Lost Sight of UA by the visual observer (4) Other items to
consider for inclusion in an LOA (if not contained in the COA): (a) Any
specific altitude limitations, geographic boundary limitations,
preferred route assignments, and periods of operations. This
information must be provided to the ATC facility involved in the LOA
via graphical depiction. (b) Weather requirements for operations. (c)
ATC facilities responsibilities. (d) UAS proponent responsibilities.
ASTM Standards F318-16
TABLE X2.1 Examples of Hazard or Failure Identification and
Mitigation Practices
6.4.25 Describe lost-link procedures for loss or interruption of
positive control. 6.4.26 Describe emergency procedures (in the event of
lost link, the UA shall squawk appropriate code if transponder
equipped).
8.1.2 System knowledge may also be enhanced through pilot and crew
training. Knowledge of critical performance parameters of a sUAS, such
as maximum command and control link range and lost-link protocols, is a
precondition for flight. For example, if a directional antenna is used,
one may choose to improve the antenna performance by physically
pointing the antenna towards the aircraft in a more optimal manner
consistent with its design. These practices offer a means to avoid
potential lost-link hazards. System knowledge is also important in
recovering from unusual attitudes and avoiding high-risk maneuvers.
Failure Condition Description Mitigation Examples Fly-away This
failure condition occurs when an unmanned aircraft fails to respond to
any ground control system commands, proceeds on a route unknown to the
pilot, and continues on a pathway until fuel exhaustion. These failure
conditions create significant risk to other aircraft and persons.
Therefore, it is incumbent upon the applicant to understand if their
sUAS is vulnerable to this failure condition. The applicant should
understand all scenarios where the aircraft could enter a ``flight not
under control of the pilot'' mode.
For those systems with pre-programmed flight paths (typically
invoked upon lost comm or lost C2 link events), the pilot should assure
that the aircraft follows a specific, known flight path upon a C2 link
failure condition.
The pilot and sUAS designer should know the deterministic behaviors
of the aircraft. Loss of electrical power to aircraft systems, such as
command and control or motors driving sUAS propulsion, or GPS, and so
forth Electrical power typically is used by the aircraft to power
flight computers (autopilot), control surfaces (actuators or servos),
GPS, radio, and so forth. The electrical system for a sUAS typically is
one distribution system with voltages affected by components within
that electrical power distribution system or the system being powered.
Therefore, a failure in the electrical power distribution system, its
components, its power source, and so forth may cause sUAS critical
systems failures. The pilot should check all connections before flight.
The battery capacity should be sufficient as determined by briefing and
flight plan before launch. All flight control surface movements should
be confirmed. A pre-flight checklist should be prepared and followed by
the pilot to assure that the electrical system is intact and
functional.
. . .
Loss of communications with sUAS (commonly referred to as a lost
link) Radio failure, antenna failure, interference from other systems,
weak signal, range exceedance, and so forth may cause loss of
communications (lost C2 link). Before flight, the pilot shall assess
radio communications via a consistent procedure, including exercising
the flight controls to assure the communications link is intact and
functional. Lost GPS (either a signal from the satellite or a failure
of the GPS systems on the sUAS) Most sUAS systems depend on GPS links
for navigation and control of the aircraft. Loss of GPS may occur
because of interference from other radio signals, loss of the GPS
itself (because of GPS failure, loss of electrical power to the GPS,
and so forth), shadowing caused by proximity to other structures or
land formations, and so forth. Before flight, the pilot shall assess
the GPS by confirming its performance: signal strength, sufficient
satellites in view, and accurate position of the stationary aircraft.
The pilot will assess the intended flight path to assess if GPS
loss may occur. The pilot may choose alternate flight paths to decrease
the chance of GPS loss. Loss of sUAS control as a result of ``hijack''
(another entity takes control of the sUAS) sUAS radio links may be
vulnerable to other signals, intentional and unintentional, which could
cause the aircraft to deviate from its intended flight path. Although
no aircraft failure may be present, the aircraft may no longer be
controlled by its pilot. The pilot should assess the radio link before
flight and immediately after flight. The pilot may choose to use
encrypted communications links. Loss of flight control (this scenario
comprises failure of flight control surfaces or the auto-pilot, and so
forth) Flight control failures may comprise system failures (such as
control surface actuators and servos), flight computer failures
(provides incorrect flight control signal to the control surface
actuator), and so forth. Before flight, the pilot will assess all
control surface function by actuating and observing proper movements of
surfaces. Control station failure Control station failures may occur as
a result of loss of electrical power, system failure (of components or
systems within the ground control system such as the ground control
computer or iPad or other), software failure (such as software), and so
forth. The control station may possess a backup power supply or ensure
that the remote control elements are charged to a satisfactory level
before every flight. The pilot will exercise the ground control system
to assure its appropriate operation before flight. Impacts of rain,
snow, dust, or other environmental factors Environmental conditions may
affect the sUAS including: carburetor icing for gasoline/diesel fueled
engines; radio signal deformation as a result of rain or snow; icing
that affects control surface movement; water exposure of the avionics;
humidity affecting connectors; and so forth.
***
This concludes AUVSI's response to the question for the record.
______
Response to Written Questions Submitted by Hon. Todd Young to
Harry Wingo
From a national security perspective, there will always be varying
concerns about the risks associated with the advancement of information
technology products and services in the global supply chain. These
risks are generally associated with the Federal government's limited
visibility into, understanding of, and control over how foreign
technology is developed, integrated, and processed to assure the
integrity and security of the products. Nonetheless, with respect to
the United States economy, it is still important to maintain an open
investment climate in information technology, but there must be balance
between consumer and industry needs, and national security.
Question 1. With Chinese UAS companies clearly focusing on
controlling the drone hardware market, can you elaborate on a national
strategy to focus on supply chain concerns?
Answer. A national strategy to focus on supply chain concerns
should,
1. Measure the current extent of market dominance and influence by
Chinese UAS companies, including the details on past and
anticipated purchase of Chinese UAS by U.S. Federal agencies
(e.g., the Department of the Interior), and provide expedited
recommendations for Congress concerning the potential to
promote ``Buy USA'' commercial drones in the near-term, and to
encourage the growth and sustainability of America's domestic
UAS market in the long term (Note: This assessment should be
done with focus and appropriate speed, and in a manner that
eases the burden of participation by small USA-based companies,
but that requests more from market-leading Chinese UAS
companies that have more extensive resources to respond);
2. Provide incentives for ``Buy USA'' alternatives, such as those
companies bidding for a recent U.S. Army opportunity worth
$11M. The U.S. companies are Skydio, Altavian, Teal Drones,
Vantage Robotics, and Lumenier.
3. Promote synergies between Federal government development,
procurement and use of UAS and US-based and operated UAS
companies, as well as with related big tech (or defense
industry) companies like Amazon, Microsoft, Lockheed, Uber,
FedEx and others.
4. Draw lessons from the experience of National Security related UAS
efforts conducted, in a manner that appropriately protects
security and information, but that eliminates ``stovepipes''
between Federal technology stakeholders defending the Nation
and those seeking to use drones in State or Local Government,
in Academia, or in private industry.
5. Fast-track the use of Buy-USA drones in ``Smart City'' pilot or
demonstration projects, particularly those that require special
authorization to test new concepts or approaches (e.g., Real
ID, night-flight drones, indoor-flight for public safety,
package delivery, passenger drones, etc.).
6. Consider providing tax breaks for UAS companies, or those who
would partner with them (e.g., Walmart, FedEx, UPS, Amazon).
Question 2. Additionally, what policies would you suggest to
effectively protect data of consumers or related to national security
that could be stored by foreign vendors or third parties?
Answer. Policies to protect consumers' data, or that related to
national security might include,
1. Requesting that regulators assess ``light touch'' regulatory
approaches to assess the risk to U.S. consumers' privacy by
Chinese UAS companies, even those that claim to base their
manufacturing within the U.S.
2. Directing Federal agencies like the Dept. of Commerce's National
Institute of Standards and Technology (NIST) to hold workshops
on the risk from offshore data flows, or otherwise explore the
issues surrounding Chinese UAS supply chains, and in the case
of national security, to encourage (or direct) DHS, FAA, DoD
and other stakeholders to explore these issues on a more
focused and accelerated basis--and provide the funding and
personnel authorizations to do so.
______
Response to Written Question Submitted by Hon. Tammy Duckworth to Harry
Wingo
Question. What is the FAA safety standard or procedure for ``lost
link'' drones that are unable to receive a navigation signal from its
operator? Are you aware of efforts at the FAA to develop a standard? If
not, should the FAA should develop such a standard or should this issue
be left to individual manufacturers?
Answer.
Yes, FAA ``lost link'' procedures exist for large drones.
FAA Safety standards or procedures for ``lost link'' drones, at
least those over 55 lbs (e.g., Global Hawk, RQ-4) in FAA JO 7110.65X
CHG 1. FAA, Air Traffic Organization Policy. Effective Date: March 29,
2018. https://www.faa.gov/document
Library/media/Order/JO_7110.65X_Air_Traffic_Control_CHG_1.pdf. See also
FAA Notice JO 7110.724, UNMANNED AIRCRAFT SYSTEMS (UAS) LOST LINK
(effective, Nov. 11, 2016; cancellation, Apr. 27, 2017). https://
www.faa.gov/document
Library/media/Notice/N_JO_7110.724_5-2-9_UAS_Lost_Link_2.pdf; https://
www
.faa.gov/regulations_policies/orders_notices/index.cfm/go/
document.information/documentID/1030088).
Small commercial drones of less than 55 lbs., which were the focus
of the June 18, 2019 hearing before this Subcommittee, would be
addressed by Part 107 rule waivers and authorizations.
Also under development: Control, Non-Payload Communications (CNPC)
links (FAA, NASA, industry).
Also, I am aware of the development of drone industry consensus
standards for Control, Non-Payload Communications (CNPC) links. (See,
e.g., Kerczewski, Robert J. & Griner, James H. (2012). Control and Non-
Payload Communications Links for Integrated Unmanned Aircraft
Operations. NASA Glenn Research Center. Accessed 8/9/2019. https://
ntrs.nasa.gov/archive/nasa/casi.ntrs.nasa.gov/20120016398.pdf). How
critical CNPC links are depends on the nature of UA operations, and the
level of automation--for example, highly automated, low-risk operations
would rely less on the CNPC link, but more complex operations dependent
on ``human in the loop'' pilots would demand a more continuous and
reliable CNPC link. Such factors are being considered as CNPC standards
are being developed.
The industry is rapidly evolving and market demands are shaping
lost link protocols such as requiring pre-programmed commands that
will, short of malfunction (unintentional or otherwise), direct the UA
to return to base or one of several pre-set locations; land immediately
(likely using obstacle avoidance in doing so); or to hover in place
until returning to waypoints or landing becomes necessary.
The industry is also exploring whether the UA might be programmed
to continue on its predetermined course despite a ``lost link''
situation--again, this possibility will weigh the operational risk and
level and trust-worthiness of automation on the airframe. The
artificial intelligence (AI) that enables such automation raises
another kind of drone security supply chain risk issue--the provenance
of the AI guiding such ``lost link'' continue-on-course operations (as
well as the options of return to base/waypoints, or landing safely).
Specifically, if the on-airframe AI used to control small commercial
drones in a lost link situation is easily spoofed, or is trained on
corrupted or otherwise faulty data, safety of operations might be
compromised. The cutting edge of fully-autonomous operation of small
drones is currently in operation by the San Diego-based, Veteran-
founded and operated company, Shield AI (https://www.shield.ai/). This
company has approximately 100 employees based in San Diego, California,
and is led by a Founder and CEO who formerly served as a Navy SEAL.
The development of CNPC, the kind of signal and available spectrum
used will impact the definition of ``lost link''--for example, digital
signals may be considered in the context of packet loss and delay. It
is my understanding that the FAA is currently determining suitable
testing requirements for CNPC to enable development of performance-
based standards for RF-linked UA operations. (See, e.g., Shalkhauser,
Kurt A., Ishac, Joseph A., Iannicca, Dennis C., Bretmersky, Steven C. &
Smith, Albert E. (July 2017). Control and Non-Payload Communications
(CNPC) Prototype Radio Validation Flight Test Report. NASA/TM-2017-
219379. NASA, Glenn Research Center. Accessed 8/9/2019. https://
ntrs.nasa.gov/archive/nasa/casi.ntrs.nasa.gov/20180001192.pdf.).
Thank you for the opportunity to respond to your questions for the
record.
I look forward to any additional follow up that may be helpful.
______
Response to Written Questions Submitted by Hon. Todd Young to
Harold H. Shaw
From a national security perspective, there will always be varying
concerns about the risks associated with the advancement of information
technology products and services in the global supply chain. These
risks are generally associated with the Federal government's limited
visibility into, understanding of, and control over how foreign
technology is developed, integrated, and processed to assure the
integrity and security of the products. Nonetheless, with respect to
the United States economy, it is still important to maintain an open
investment climate in information technology, but there must be balance
between consumer and industry needs, and national security.
Question 1. With Chinese UAS companies clearly focusing on
controlling the drone hardware market, can you elaborate on a national
strategy to focus on supply chain concerns?
Answer. As an airport operator, we do not have the insights or
intelligence to make an informed recommendation on a national strategy.
Further discussion on a national strategy relating to the drone
hardware market, are best directed to other participants on the witness
panel or other Federal intelligence agencies.
Question 2. Additionally, what policies would you suggest to
effectively protect data of consumers or related to national security
that could be stored by foreign vendors or third parties?
Answer. As the operator of Logan International Airport, Worcester
Regional Airport and Hanscom Field, we work with our Federal partners
such as the FAA in protecting these important transportation venues. I
would suggest that this question be referred to our Federal partners,
who might be better positioned to recommend policies relating to the
protection of data.
______
Response to Written Questions Submitted by Hon. Tammy Duckworth to
Harold H. Shaw
Question 1. Do you have the necessary tools and support to protect
your airport's perimeter from interference by an unauthorized drone? If
not, what additional resources or guidance do you need?
Answer. Thank you for the opportunity to respond to these important
questions. The Massachusetts Port Authority and other airport operators
across the Nation lack the authority, legal framework, and technologies
to adequately protect airport perimeters from unauthorized drone
activities. As mentioned in my testimony, the additional resources and
guidance needed can be grouped into improvements in enforcement,
technology, and collaboration/research.
We support several initiatives in the 2018 FAA Reauthorization Act,
such as making it a criminal offense to fly certain UAS near airports,
requiring the FAA to develop a strategy to assist state and local
government response to a UAS threat, and directing the Comptroller
General to study state and local roles in UAS regulations.
Nevertheless, we also strongly appeal to this Committee and to
Congress to take additional steps that will provide state and local
partners additional flexibility to address this issue from a safety
perspective. Under current law, some Federal agencies are authorized to
intercept and neutralize a UAS that poses a threat to safety; however,
those agencies lack the capability to provide robust and persistent
coverage across the Nation. State and local agencies are ready to fill
this void, but we need greater legal authority to do so. We strongly
appeal to this Committee and to our members of Congress to take
additional steps that will empower state and local partners to take
charge of their own safety. Until Federal agencies are better prepared
to provide real-time support.
Additionally, there is no single commercial system available to
airports that can safely and effectively identify, track, and
neutralize rogue UAS's in domestic airspace. At Massport, we are now
reviewing available technology related to situational awareness for
application at our airports and facilities. The FAA has expressed
concerns to airports about deploying technology and potential legal
implications based on current Federal law. This has chilled our efforts
to engage proactively on testing technology.
We commend the FAA's efforts to support research and development
projects to counter the UAS threat, and we encourage the FAA to expand
existing pilot programs to identify solutions to this ever-increasing
challenge as soon as possible. We have offered Logan and our local
resources as a test site for this research.
Finally, we support multi-state and Federal agency collaboration,
information sharing, testing, training, and setting common standards
and operating procedures.
Question 2. What is the FAA safety standard or procedure for ``lost
link'' drones that are unable to receive a navigation signal from its
operator? Are you aware of efforts at the FAA to develop a standard? If
not, should the FAA should develop such a standard or should this issue
be left to individual manufacturers?
Answer. Since FAA has the primary role in ensuring UAS's are
integrated into public airspace in a positive and safe manner that
allows for commercial and recreational use while addressing the risks,
it makes sense that the FAA should develop and set standards for ``lost
link'' procedures.
[all]