[Federal Register Volume 78, Number 229 (Wednesday, November 27, 2013)]
[Rules and Regulations]
[Pages 70848-70849]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2013-28407]


=======================================================================
-----------------------------------------------------------------------

DEPARTMENT OF TRANSPORTATION

Federal Aviation Administration

14 CFR Part 25

[Docket No. FAA-2013-1000; Special Conditions No. 25-505-SC]


Special Conditions: Boeing Model 777-200, -300, and -300ER Series 
Airplanes; Aircraft Electronic System Security Protection From 
Unauthorized External Access.

AGENCY: Federal Aviation Administration (FAA), DOT.

ACTION: Final special conditions.

-----------------------------------------------------------------------

SUMMARY: These special conditions are issued for the Boeing Model 777-
200, -300, and -300ER series airplanes. These airplanes, as modified by 
ARINC Aerospace Company, will have novel or unusual design features 
associated with Class 3 Electronic Flight Bags (EFB) and wireless local 
area data networks (LAN) associated with the EFB architecture and 
existing airplane network systems. The applicable airworthiness 
regulations do not contain adequate or appropriate safety standards for 
this design feature. These special conditions contain the additional 
safety standards that the Administrator considers necessary to 
establish a level of safety equivalent to that established by the 
existing airworthiness standards.

DATES: Effective Date: The effective date of these special conditions 
is November 27, 2013.

FOR FURTHER INFORMATION CONTACT: Varun Khanna, FAA, Airplane and Flight 
Crew Interface Branch, ANM-111, Transport Airplane Directorate, 
Aircraft Certification Service, 1601 Lind Avenue SW., Renton, 
Washington 98057-3356; telephone 425-227-1298; facsimile 425-227-1149.

SUPPLEMENTARY INFORMATION:

Background

    On August 21, 2012, ARINC Aerospace Company applied for a change to 
Type Certificate No. T00001SE Rev. 30 dated June 6, 2012 for 
installation of Class 3 EFBs and related LANs in the Boeing Model 777-
200, -300, and -300ER Series Airplanes. The Boeing Model 777-200 
airplanes are long-range, wide-body, twin-engine jet airplanes with a 
maximum capacity of 440 passengers. The Boeing Model 777-300 and 777-
300ER series airplanes have a maximum capacity of 550 passengers. The 
Model 777-200, -300, and -300ER series airplanes have fly-by-wire 
controls, software-configurable avionics, and fiber-optic avionics 
networks.
    The proposed Class 3 EFB architecture is novel or unusual for 
commercial transport airplanes by allowing connection to previously 
isolated data networks connected to systems that perform functions 
required for the safe operation of the airplane. This proposed data 
network and design integration may result in security vulnerabilities 
from intentional or unintentional corruption of data and systems 
critical to the safety and maintenance of the airplane. The existing 
regulations and guidance material did not anticipate this type of 
system architecture or electronic access to aircraft systems. 
Furthermore, regulations and current system safety assessment policy 
and techniques do not address potential security vulnerabilities, which 
could be caused by unauthorized access to aircraft data buses and 
servers.

Type Certification Basis

    Under Title 14, Code of Federal Regulations (14 CFR) 21.17, ARINC 
Aerospace Company must show that the Boeing Model 777-200, -300, and -
300ER series airplanes meet the applicable provisions of 14 CFR part 
25, as amended by the following for each model airplane:
    For Model 777-200 airplanes--Title 14 CFR part 25, as amended by 
Amendment 25-1 through Amendment 25-82.
    For Model 777-300 airplanes--Title 14 CFR part 25, as amended by 
Amendment 25-1 through Amendment 25-86.
    For Model 777-300ER airplanes--Title 14 CFR part 25, as amended by 
Amendment 25-1 through Amendment 25-98.
    In addition, the certification basis includes certain special 
conditions, exemptions, or later amended sections of the applicable 
part that are not relevant to these special conditions. Special 
conditions, as defined in Sec. 11.19, are issued in accordance with 
Sec. 11.38 and become part of the type certification basis in 
accordance with Sec. 21.101.
    If the Administrator finds that the applicable airworthiness 
regulations (i.e., 14 CFR part 25) do not contain adequate or 
appropriate safety standards for the Boeing Model 777-200, -300, and -
300ER series airplanes because of a novel or unusual design feature, 
special conditions are prescribed under Sec.  21.16.
    Special conditions are initially applicable to the model for which 
they are issued. Should the type certificate for that model be amended 
later to include any other model that incorporates the same novel or 
unusual design feature, the proposed special conditions would also 
apply to the other model under Sec.  21.101.
    In addition to the applicable airworthiness regulations and 
proposed special conditions, the Boeing Model 777-200, -300, and -300ER 
series airplanes must comply with the fuel vent and exhaust emission 
requirements of 14 CFR part 34 and the noise certification requirements 
of 14 CFR part 36 and the FAA must issue a finding of regulatory 
adequacy under Sec.  611 of Public Law 92-574, the ``Noise Control Act 
of 1972.''
    The FAA issues special conditions, as defined in 14 CFR 11.19, 
under Sec.  11.38, and they become part of the type-certification basis 
under Sec.  21.17(a)(2).

Novel or Unusual Design Features

    The Boeing Model 777-200, -300, -300ER series airplanes will 
incorporate the following novel or unusual design features:
    Multiple Electronic Flight Bags (EFBs) and several connected 
networks that will interface to existing aircraft systems. The proposed 
network architecture is used for a diverse set of functions, providing 
data connectivity between systems, including:
    1. Flight-safety related control and navigation systems,
    2. Operator business and administrative support (operator 
information services),
    3. Passenger information systems, and,
    4. Access by systems external to the airplane.

Discussion

    The architecture and network configuration in the Boeing Model 777-
200, -300, and -300ER series airplanes may allow increased connectivity 
to, or access by, external airplane sources, airline operations, and 
maintenance systems to the aircraft control functions and airline 
information services. The aircraft control functions and airline 
information services perform functions required for the safe operation 
and maintenance of the airplane. Previously these functions and 
services had very limited connectivity with external sources. The 
architecture and network

[[Page 70849]]

configuration may allow the exploitation of network security 
vulnerabilities resulting in intentional or unintentional destruction, 
disruption, degradation, or exploitation of data, systems, and networks 
critical to the safety and maintenance of the airplane. The existing 
regulations and guidance material did not anticipate these types of 
airplane system architectures. Furthermore, 14 CFR regulations and 
current system safety assessment policy and techniques do not address 
potential security vulnerabilities, which could be exploited by 
unauthorized access to airplane systems, data buses, and servers. 
Therefore, these special conditions are issued to ensure that the 
security (i.e., confidentiality, integrity, and availability) of 
airplane systems is not compromised by unauthorized wired or wireless 
electronic connections.
    For the reasons discussed above, these special conditions contain 
the additional safety standards that the Administrator considers 
necessary to establish a level of safety equivalent to that established 
by the existing airworthiness standards.

Applicability

    As discussed above, these special conditions are applicable to the 
Boeing Model 777-200, -300, -300ER series airplanes. Should ARINC 
Aerospace Company apply at a later date for a change to the type 
certificate to include another model on the same type certificate 
incorporating the same novel or unusual design feature, the special 
conditions would apply to that model as well.

Conclusion

    This action affects only certain novel or unusual design features 
on Boeing Model 777-200, -300, -300ER series airplanes. It is not a 
rule of general applicability.
    The substance of these special conditions has been subjected to the 
notice and comment period in several prior instances and has been 
derived without substantive change from those previously issued. It is 
unlikely that prior public comment would result in a significant change 
from the substance contained herein. Therefore, the FAA has determined 
that prior public notice and comment are unnecessary, and good cause 
exists for adopting these special conditions upon publication in the 
Federal Register.

List of Subjects in 14 CFR Part 25

    Aircraft, Aviation safety, Reporting and recordkeeping 
requirements.
    The authority citation for these special conditions is as follows:

    Authority: 49 U.S.C. 106(g), 40113, 44701, 44702, 44704.

The Special Conditions

    Accordingly, pursuant to the authority delegated to me by the 
Administrator, the following special conditions are issued as part of 
the type certification basis for Boeing Model 777-200, -300, -300ER 
series airplanes modified by ARINC Aerospace Company.

Aircraft Electronic System Security Protection from Unauthorized 
External Access

    1. The applicant must ensure airplane electronic system security 
protection from access by unauthorized sources external to the 
airplane, including those possibly caused by maintenance activity.
    2. The applicant must ensure that electronic system security 
threats are identified and assessed, and that effective electronic 
system security protection strategies are implemented to protect the 
airplane from all adverse impacts on safety, functionality, and 
continued airworthiness.
    3. The applicant must establish appropriate procedures to allow the 
operator to ensure that continued airworthiness of the aircraft is 
maintained, including all post Type Certification modifications that 
may have an impact on the approved electronic system security 
safeguards.

    Issued in Renton, Washington, on November 15, 2013
John Piccola,
Acting Manager, Transport Airplane Directorate, Aircraft Certification 
Service.
[FR Doc. 2013-28407 Filed 11-26-13; 8:45 am]
BILLING CODE 4910-13-P