[Federal Register Volume 78, Number 239 (Thursday, December 12, 2013)]
[Rules and Regulations]
[Pages 75451-75452]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2013-29684]


=======================================================================
-----------------------------------------------------------------------

DEPARTMENT OF TRANSPORTATION

Federal Aviation Administration

14 CFR Part 25

[Docket No. FAA-2013-1036; Special Conditions No. 25-510-SC]


Special Conditions: Cessna Model 750 Series Airplanes; Aircraft 
Electronic System Security Protection From Unauthorized External Access

AGENCY: Federal Aviation Administration (FAA), DOT.

ACTION: Final special condition; request for comments.

-----------------------------------------------------------------------

SUMMARY: These special conditions are issued for the Cessna Model 750 
Series airplanes. These airplanes will have a novel or unusual design 
feature associated with the architecture and connectivity capabilities 
of the airplanes' computer systems and networks. Connectivity to, or 
access by, external systems and networks may result in security 
vulnerabilities to the airplanes' systems.

DATES: The effective date of these special conditions is December 12, 
2013. We must receive your comments by January 27, 2014.

ADDRESSES: Send comments identified by docket number [FAA-2013-XXXX] 
using any of the following methods:
     Federal eRegulations Portal: Go to http://www.regulations.gov/ and follow the online instructions for sending 
your comments electronically.
    Mail: Send comments to Docket Operations, M-30, U.S. Department of 
Transportation (DOT), 1200 New Jersey Avenue SE., Room W12-140, West 
Building Ground Floor, Washington, DC, 20590-0001.
    Hand Delivery or Courier: Take comments to Docket Operations in 
Room W12-140 of the West Building Ground Floor at 1200 New Jersey 
Avenue SE., Washington, DC, between 8 a.m. and 5 p.m., Monday through 
Friday, except federal holidays.
    Fax: Fax comments to Docket Operations at 202-493-2251.
    Privacy: The FAA will post all comments it receives, without 
change, to http://www.regulations.gov/, including any personal 
information the commenter provides. Using the search function of the 
docket Web site, anyone can find and read the electronic form of all 
comments received into any FAA docket, including the name of the 
individual sending the comment (or signing the comment for an 
association, business, labor union, etc.). DOT's complete Privacy Act 
Statement can be found in the Federal Register published on April 11, 
2000 (65 FR 19477-19478), as well as at http://DocketsInfo.dot.gov/.
    Docket: Background documents or comments received may be read at 
http://www.regulations.gov/ at any time. Follow the online instructions 
for accessing the docket or go to the Docket Operations in Room W12-140 
of the West Building Ground Floor at 1200 New Jersey Avenue SE., 
Washington, DC, between 9 a.m. and 5 p.m., Monday through Friday, 
except federal holidays.

FOR FURTHER INFORMATION CONTACT: Varun Khanna, FAA, Airplane and Flight 
Crew Interface Branch, ANM-111, Transport Airplane Directorate, 
Aircraft Certification Service, 1601 Lind Avenue SW., Renton, 
Washington 98057-3356; telephone 425-227-1298; facsimile 425-227-1149.

SUPPLEMENTARY INFORMATION: The proposed network architecture includes 
the following connectivity between systems:
    1. Airplane control, communication, display, monitoring and 
navigation systems,
    2. Operator business and administrative support systems, and
    3. Passenger entertainment systems, and access by systems external 
to the airplane.
    The applicable airworthiness regulations do not contain adequate or 
appropriate safety standards for this design feature. These special 
conditions contain the additional safety standards that the 
Administrator considers necessary to establish a level of safety 
equivalent to that established by the existing airworthiness standards.
    The FAA has determined that notice of, and opportunity for prior 
public comment on, these special conditions are impracticable because 
these procedures would significantly delay issuance of the design 
approval and thus delivery of the affected aircraft. The FAA has also 
determined that notice of these special conditions is unnecessary 
because the substance of these special conditions has been subject to 
the public comment process in several prior instances with no 
substantive comments received. The FAA therefore finds that good cause 
exists for making these special conditions effective upon publication 
in the Federal Register.

Comments Invited

    We invite interested people to take part in this rulemaking by 
sending written comments, data, or views. The most helpful comments 
reference a specific portion of the special conditions, explain the 
reason for any recommended change, and include supporting data.
    We will consider all comments we receive by the closing date for 
comments. We may change these special conditions based on the comments 
we receive.

Background

    On September 10, 2010, Cessna Aircraft Company applied for an 
amendment to the Model 750 Type Certificate No. T00007WI.
    The Model 750 is a twin-engine pressurized executive jet airplane 
with standard seating provisions for 14 passenger/crew. This airplane 
will have a maximum takeoff weight of 36,600 pounds with a wingspan of 
69.2 feet, a maximum operating altitude of 51,000 feet, and will have 
two aft-mounted Rolls-Royce AE3007C2 engines.
    The proposed Cessna Model 750 avionics architecture is novel or 
unusual for executive jet airplanes by allowing connection to airplane 
electronic systems and networks, and access from aircraft external 
sources (e.g., wireless devices, Internet connectivity) to the 
previously isolated airplane electronic assets. Cessna's proposed 
design is considered by the FAA to be an architecture which introduces 
potential security risks and vulnerabilities not addressed in current 
regulations and aircraft-level or system-level safety assessment 
methods. Consequently, this special condition has been produced to 
address security and safety issues arising from the use of this type of 
architecture, and foreseeable flight and maintenance applications 
impacted by these interconnected data networks and the addition of 
external access points.

Type Certification Basis

    Under Title 14, Code of Federal Regulations (14 CFR) 21.17, Cessna 
must show that the Model 750 series meets the applicable provisions of 
14 CFR part 25, as amended by Amendments 25-1 through 25-128. The

[[Page 75452]]

certification basis for the 750 (S/N -000501 and on) is documented and 
agreed to within the Cessna Aircraft Company Model 750 Block Point 
Change G-1 Issue Paper.
    If the Administrator finds that the applicable airworthiness 
regulations (i.e., 14 CFR part 25) do not contain adequate or 
appropriate safety standards for the Model 750 series because of a 
novel or unusual design feature, special conditions are prescribed 
under Sec.  21.16.
    Special conditions are initially applicable to the model for which 
they are issued. Should the type certificate for that model be amended 
later to include any other model that incorporates the same novel or 
unusual design feature, the proposed special conditions would also 
apply to the other model under Sec.  21.101.
    In addition to the applicable airworthiness regulations and 
proposed special conditions, the Cessna Model 750 series airplane must 
comply with the fuel vent and exhaust emission requirements of 14 CFR 
part 34 and the noise certification requirements of 14 CFR part 36 and 
the FAA must issue a finding of regulatory adequacy under Sec.  611 of 
Public Law 92-574, the ``Noise Control Act of 1972.''
    The FAA issues special conditions, as defined in 14 CFR 11.19, 
under Sec.  11.38, and they become part of the type-certification basis 
under Sec.  21.17(a)(2).

Novel or Unusual Design Features

    The Cessna Model 750 will incorporate the following novel or 
unusual design features: digital systems architecture composed of 
several connected networks. The proposed architecture and network 
configuration may be used for, or interfaced with, a diverse set of 
functions, including:
    1. Flight-safety related control, communication, display, 
monitoring, and navigation systems (aircraft control functions);
    2. Operator business and administrative support (operator 
information services);
    3. Passenger information and entertainment systems (passenger 
entertainment services); and,
    4. The capability to allow access to or by systems external to the 
airplane.

Discussion

    The architecture and network configuration in the Cessna Model 750 
Series airplanes may allow increased connectivity to, or access by, 
external airplane sources, airline operations, and maintenance systems 
to the aircraft control functions and airline information services. The 
aircraft control functions and airline information services perform 
functions required for the safe operation and maintenance of the 
airplane. Previously these functions and services had very limited 
connectivity with external sources. The architecture and network 
configuration may allow the exploitation of network security 
vulnerabilities resulting in intentional or unintentional destruction, 
disruption, degradation, or exploitation of data, systems, and networks 
critical to the safety and maintenance of the airplane. This 
configuration may also include the electronic transmission of field-
loadable software (and hardware) applications and databases to the 
airplane, which would subsequently be loaded into the safety-related 
equipment and systems. The existing regulations and guidance material 
did not anticipate these types of airplane system architectures. 
Furthermore, 14 CFR regulations and current system safety assessment 
policy and techniques do not address potential security 
vulnerabilities, which could be exploited by unauthorized access to 
airplane systems, data buses, and servers. Therefore, these special 
conditions are issued to ensure that the security (i.e., 
confidentiality, integrity, and availability) of airplane systems is 
not compromised by unauthorized wired or wireless electronic 
connections.
    For the reasons discussed above, these special conditions contain 
the additional safety standards that the Administrator considers 
necessary to establish a level of safety equivalent to that established 
by the existing airworthiness standards.

Applicability

    As discussed above, these special conditions are applicable to the 
Cessna Model 750 Series airplanes. Should Cessna apply at a later date 
for a change to the type certificate to include another model 
incorporating the same novel or unusual design feature, the special 
conditions would apply to that model as well.

Conclusion

    This action affects only certain novel or unusual design features 
on one model series of airplanes. It is not a rule of general 
applicability.
    The substance of these special conditions has been subjected to the 
notice and comment period in several prior instances and has been 
derived without substantive change from those previously issued. It is 
unlikely that prior public comment would result in a significant change 
from the substance contained herein. Therefore, the FAA has determined 
that prior public notice and comment are unnecessary, and good cause 
exists for adopting these special conditions upon publication in the 
Federal Register. The FAA is requesting comments to allow interested 
persons to submit views that may not have been submitted in response to 
the prior opportunities for comment described above.

List of Subjects in 14 CFR Part 25

    Aircraft, Aviation safety, Reporting and recordkeeping 
requirements.

    The authority citation for these special conditions is as follows:

    Authority:  49 U.S.C. 106(g), 40113, 44701, 44702, 44704.

The Special Conditions

    Accordingly, pursuant to the authority delegated to me by the 
Administrator, the following special conditions are issued as part of 
the type certification basis for Cessna Model 750 Series airplanes.

System Security Protection for Aircraft Control Domain and Information 
Services Domain From External Access

    1. The applicant must ensure airplane electronic system security 
protection from access by unauthorized sources external to the 
airplane, including those possibly caused by maintenance activity.
    2. The applicant must ensure that electronic system security 
threats are identified and assessed, and that effective electronic 
system security protection strategies are implemented to protect the 
airplane from all adverse impacts on safety, functionality, and 
continued airworthiness.
    3. The applicant must establish appropriate procedures to allow the 
operator to ensure that continued airworthiness of the aircraft is 
maintained, including all post-type-certification modifications that 
may have an impact on the approved electronic system security 
safeguards.

    Issued in Renton, Washington, on December 4, 2013.
John P. Piccola, Jr.,
Manager, Transport Airplane Directorate, Aircraft Certification 
Service.
[FR Doc. 2013-29684 Filed 12-11-13; 8:45 am]
BILLING CODE 4910-13-P