UAS traffic management (UTM) — Part 12: Requirements for UTM service providers

This document includes compliance monitoring, safety, security, privacy and other organisational requirements for providers in the context of UAS traffic management services.

Gestion du trafic d'UAS (UTM) — Partie 12: Exigences pour les fournisseurs de services UTM

General Information

Status
Published
Publication Date
28-Jul-2022
Current Stage
6060 - International Standard published
Due Date
05-Feb-2023
Completion Date
29-Jul-2022
Ref Project

Buy Standard

Standard
ISO 23629-12:2022 - UAS traffic management (UTM) — Part 12: Requirements for UTM service providers Released:29. 07. 2022
English language
25 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (sample)

INTERNATIONAL ISO
STANDARD 23629-12
First edition
2022-07
UAS traffic management (UTM) —
Part 12:
Requirements for UTM service
providers
Gestion du trafic d'UAS (UTM) —
Partie 12: Exigences pour les fournisseurs de services UTM
Reference number
ISO 23629-12:2022(E)
© ISO 2022
---------------------- Page: 1 ----------------------
ISO 23629-12:2022(E)
COPYRIGHT PROTECTED DOCUMENT
© ISO 2022

All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may

be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on

the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below

or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
© ISO 2022 – All rights reserved
---------------------- Page: 2 ----------------------
ISO 23629-12:2022(E)
Contents Page

Foreword ..........................................................................................................................................................................................................................................v

Introduction .............................................................................................................................................................................................................................. vi

1 Scope ................................................................................................................................................................................................................................. 1

2 Normative references ..................................................................................................................................................................................... 1

3 Terms and definitions .................................................................................................................................................................................... 1

4 Abbreviated terms ............................................................................................................................................................................................. 3

5 Service provision ................................................................................................................................................................................................. 4

5.1 SP key tasks ............................................................................................................................................................................................... 4

5.2 Geographical scope ............................................................................................................................................................................. 4

5.3 Technical requirements .................................................................................................................................................................. 4

5.4 Interoperability and electromagnetic compatibility ............................................................................................ 5

5.5 Subcontracts ............................................................................................................................................................................................. 5

6 Safety ................................................................................................................................................................................................................................ 5

6.1 Requirements for all SPs ................................................................................................................................................................ 5

6.2 Additional requirements for safety-related UTM SPs ......................................................................................... 6

6.3 Additional requirements for safety-critical UTM SPs ......................................................................................... 7

6.4 Tasks of the COMO ............................................................................................................................................................................... 8

6.5 Tasks of the SAFO ................................................................................................................................................................................. 8

7 Security .......................................................................................................................................................................................................................... 9

7.1 Requirements for all SPs ................................................................................................................................................................ 9

7.2 Additional requirements for safety-related UTM SPs ...................................................................................... 10

7.3 Additional requirements for safety-critical UTM SPs ...................................................................................... 10

7.4 Tasks of the SECO .............................................................................................................................................................................. 11

8 Software safety assurance .....................................................................................................................................................................12

8.1 Requirements for all SPs ............................................................................................................................................................. 12

8.2 Additional requirements for safety-related UTM SPs ......................................................................................12

8.3 Additional requirements for safety-critical UTM SPs ......................................................................................12

9 Contingencies .......................................................................................................................................................................................................13

9.1 Requirements for all SPs ............................................................................................................................................................. 13

9.2 Additional requirements for safety-related UTM SPs ...................................................................................... 13

9.3 Additional requirements for safety-critical UTM SPs ......................................................................................13

10 Maintenance ..........................................................................................................................................................................................................14

10.1 Requirements for all SPs ............................................................................................................................................................. 14

10.2 Additional requirements for safety-related UTM SPs ...................................................................................... 14

10.3 Additional requirements for safety-critical UTM SPs ...................................................................................... 15

11 Privacy and data protection .................................................................................................................................................................15

11.1 Requirements for all SPs .............................................................................................................................................................15

11.2 Additional requirements for UTM SPs ........................................................................................................................... 15

11.3 Tasks of the DPO ................................................................................................................................................................................. 16

12 Personnel competency ................................................................................................................................................................................16

12.1 Requirements for all SPs ............................................................................................................................................................. 16

12.2 Additional requirements for safety-related UTM SPs ...................................................................................... 17

12.3 Additional requirements for safety-critical UTM SPs ...................................................................................... 18

13 Manuals, procedures and records ..................................................................................................................................................18

13.1 Requirements for all SPs ............................................................................................................................................................. 18

13.2 Additional requirements for safety-related UTM SPs ...................................................................................... 19

13.3 Additional requirements for safety-critical UTM SPs ...................................................................................... 19

14 Insurance ..................................................................................................................................................................................................................19

iii
© ISO 2022 – All rights reserved
---------------------- Page: 3 ----------------------
ISO 23629-12:2022(E)

Annex A (normative) Safety-critical UTM services ...........................................................................................................................20

Annex B (normative) Safety-related UTM services ...........................................................................................................................22

Annex C (normative) Operation support services ..............................................................................................................................24

Bibliography .............................................................................................................................................................................................................................25

© ISO 2022 – All rights reserved
---------------------- Page: 4 ----------------------
ISO 23629-12:2022(E)
Foreword

ISO (the International Organization for Standardization) is a worldwide federation of national standards

bodies (ISO member bodies). The work of preparing International Standards is normally carried out

through ISO technical committees. Each member body interested in a subject for which a technical

committee has been established has the right to be represented on that committee. International

organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.

ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of

electrotechnical standardization.

The procedures used to develop this document and those intended for its further maintenance are

described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the

different types of ISO documents should be noted. This document was drafted in accordance with the

editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives).

Attention is drawn to the possibility that some of the elements of this document may be the subject of

patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of

any patent rights identified during the development of the document will be in the Introduction and/or

on the ISO list of patent declarations received (see www.iso.org/patents).

Any trade name used in this document is information given for the convenience of users and does not

constitute an endorsement.

For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and

expressions related to conformity assessment, as well as information about ISO's adherence to the

World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT), see www.iso.org/

iso/foreword.html.

This document was prepared by Technical Committee ISO/TC 20 Aircraft and space vehicles,

Subcommittee SC 16, Unmanned aircraft systems (UAS).

A list of all published or planned parts in the ISO 23629 series can be found on the ISO website.

Any feedback or questions on this document should be directed to the user’s national standards body. A

complete listing of these bodies can be found at www.iso.org/members.html.
© ISO 2022 – All rights reserved
---------------------- Page: 5 ----------------------
ISO 23629-12:2022(E)
Introduction
0.1 Background

The functional structure of the UAS traffic management (UTM) services, including respective role of

[1]
possible services, is standardized in ISO/DIS 23629-5 .

Conversely, this document focuses on the responsibilities of the UTM service providers (UTM SPs) for

the safety, security and compliance monitoring of the provided services, as well as protection of related

data and information. A UTM SP contributes to the safety, security and compliance of operations of

unmanned aircraft systems (UAS), supporting the fulfilment of the responsibilities of the UAS operator.

[2]

Operational procedures and requirements for the UAS operator are specified in ISO 21384-3 .

Although UTM services are established considering the needs of UAS operators, these services also

support operations of properly equipped manned air traffic in the respective designated operational

coverage (DOC).

One organization may provide several UTM services; and each may have a specific DOC. The DOC may

be established by the regulatory authorities, depending on applicable legislation.

0.2 Purpose of the UTM SP integrated management system
[3]

The adoption of a management system according to ISO 9001 by the UTM SP can enable an

organization to provide high quality services. This document provides more specific guidance for safe,

secure and efficient air traffic management and air navigation services within the respective DOC.

The purpose of the organisation of the UTM SP is to provide a framework for ensuring safety and security

controlling related risks and opportunities. The aim and intended outcomes of the UTM services are to

prevent aviation accidents and incidents through the provision of UTM digital information planned in a

safe, secure and efficient way conforming to planned ISO 23629-3, while also ensuring sufficient quality

and protection of data and information; consequently, it is extremely important for the organization

of the UTM SP to identify hazards and minimize safety, security and privacy risks by taking effective

prescriptive, reactive, proactive, predictive and inter-organizational measures.

Integration of several functions in the organisation enables reducing the required resources otherwise

necessary to implement separate quality, compliance monitoring, safety, security and privacy systems.

An efficient organisation can also assist an UTM SP to fulfil applicable regulatory requirements.

Demonstration of successful implementation of this document can be used by an organization to:

— assure continuous improvement of its safety, security and privacy performance;

— give assurance to UAS operators and other affected stakeholders that an effective organisation is in

place;
— give evidence to insurance companies;

— provide an acceptable means of compliance (AMC) with regulatory requirements, when accepted by

the competent authority.

Adoption of this document by an UTM SP, however, will not in itself guarantee prevention of aviation-

accidents and incidents, in which performance of the UTM services may be one of the causal factors.

The level of detail, the complexity, the extent of documented information and the resources needed to

ensure the success of an UTM SP organisation depends on several factors, such as:

— the organization’s context (e.g. number of staff, size, geographical scope, culture, legal and regulatory

requirements);
— the scope of the provided UTM services;
© ISO 2022 – All rights reserved
---------------------- Page: 6 ----------------------
ISO 23629-12:2022(E)

— the nature, safety criticality and scope of the provided UTM services and the related safety, security

and privacy risks.
0.3 Content of this document

This document contains requirements that can be used by an organization to provide safe, secure and

efficient UTM services.

This document includes requirements on qualifications and training of personnel, UTM service

provision, maintenance and competence of maintenance staff as well as occurrence reporting, safety,

security and privacy.

Technical requirements for verification, and validation, of UTM constituents, systems and services

(transaction time, availability, continuity, integrity, security, etc.) to comply with safety, security and

quality requirements for UTM services are specified in planned ISO 23629-2 or any suitable standard

published by an authoritative standard development organisation (SDO).

This document does not include requirements specific to other topics, such as those for quality,

occupational health and safety (OH&S), social responsibility, environmental or financial management

or use of the electro-magnetic spectrum, though its elements can be aligned or integrated in the

organisation of the UTM SP.

An organization that wishes to demonstrate conformity to this document can do so by:

— making a self-determination and self-declaration;

— seeking confirmation of its conformity by parties having an interest in the organization, such as

UAS operators using the services provided by the UTM SP;

— seeking confirmation of its self-declaration by an independent, accredited and competent third-

party external to the organization; or

— seeking certification of its organisation by an aviation authority, when required by applicable

regulations.

NOTE The International Accreditation Forum (IAF) is the world association of conformity assessment

accreditation bodies and other bodies interested in conformity assessment in the fields of management systems,

products, services, personnel and other similar programmes of conformity assessment. Its primary function is to

develop a single worldwide program of conformity assessment which reduces risk for business and its customers

by assuring them that accredited certificates can be relied upon. Accreditation assures users of the competence

and impartiality of the body accredited. These bodies are referred under different terms in different states, like,

e.g. “designees”, “notified bodies”, “qualified entities” or else.
vii
© ISO 2022 – All rights reserved
---------------------- Page: 7 ----------------------
INTERNATIONAL STANDARD ISO 23629-12:2022(E)
UAS traffic management (UTM) —
Part 12:
Requirements for UTM service providers
1 Scope

This document includes compliance monitoring, safety, security, privacy and other organisational

requirements for providers in the context of UAS traffic management services.
2 Normative references

The following documents are referred to in the text in such a way that some or all of their content

constitutes requirements of this document. For dated references, only the edition cited applies. For

undated references, the latest edition of the referenced document (including any amendments) applies.

ISO 21384-4, Unmanned aircraft systems — Part 4: Vocabulary
3 Terms and definitions

For the purposes of this document, the terms and definitions given in ISO 21384-4 and the following

apply.

ISO and IEC maintain terminology databases for use in standardization at the following addresses:

— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at https:// www .electropedia .org/
3.1
constituent

tangible objects such as hardware and intangible objects such as software upon which the provision of

UTM services (3.9) depends
Note 1 to entry: The definition is adapted from Reference [4].
3.2
designated operational coverage
DOC

geographic volume of airspace within which an UTM service (3.9) is available in compliance with

designation by competent authorities if applicable, with sufficient performance including availability,

continuity, integrity and timeliness and, if applicable, with sufficient radio signal quality and protection

from other users of the electromagnetic spectrum
Note 1 to entry: The definition is adapted from Reference [5].
3.3
in-time system-wide safety assurance
ISSA

safety net utilising system-wide information to provide alerting and to trigger mitigation strategies in

time to address emerging risks
Note 1 to entry: It is part of proactive safety management.
© ISO 2022 – All rights reserved
---------------------- Page: 8 ----------------------
ISO 23629-12:2022(E)
Note 2 to entry: The definition is adapted from Reference [6].
3.4
operation support service

web-based tools and information provided by a service provider (SP) to an UAS operator or its staff, to

support safe and efficient planning and execution of a flight mission, as well as post-flight activities

Note 1 to entry: Operation support services cover a time span much wider than UTM services (3.9). Although they

support UAS operations, they are neither traffic management nor air navigation services.

3.5
safety-critical UTM service

UTM service (3.9) providing functions that, if lost or degraded, or as a result of incorrect or inadvertent

operation, could result in catastrophic consequences

[SOURCE: ISO 14620-1:2018, 3.1.17, modified — The term has been changed from "safety critical

function"; "function" has been changed to "UTM service providing functions"; "or critical" has been

removed before "consequences". See Reference [7].]
3.6
safety-related UTM service

UTM service (3.9) providing functions that have the potential to contribute to the violation of or

achievement of a safety goal, but whose loss of degradation would not in itself produce catastrophic

consequences

[SOURCE: ISO 26262-1:2018, 3.1.17, modified — The term has been changed from "safety-related

function"; "function" has been changed to "UTM service providing functions"; "but whose loss of

degradation would not in itself produce catastrophic consequences" has been added at the end. See

Reference [8].]
3.7
UAS traffic management
UTM

set of traffic management and air navigation services (ANS) aiming at safe, secure and efficient

integration of multiple manned and unmanned aircraft flying inside the respective DOC (3.2) of each

service

Note 1 to entry: The definition is adapted from Reference [9] and harmonised with the one in Reference [10].

Note 2 to entry: In accordance with Reference [10], UTM services (3.9) initiate when the UAS operator files a

request for clearance to enter airspace and terminates when the UA reaches the parking position, the primary

propulsion systems are switched off and the operational plan is closed.

[SOURCE: ISO 23629-7:2021, 3.11, modified — Notes 1 and 2 to entry have been added.]

3.8
UTM actor

role played by an UTM user (3.12) or UTM SP (3.10) or provider of operation support (3.4) that interacts

with the UTM subject (3.11)

Note 1 to entry: An actor models a type of role played by an entity that interacts with the subject (e.g., by

exchanging signals and data), but which is external to the subject.
[11]
Note 2 to entry: The definition is adapted from ISO/IEC 19501 .
3.9
UTM service

result of at least one activity necessarily performed at the interface between the UTM SP) (3.10) or

operation support (3.4) provider and the UTM user (3.12), which consist in the provisions of digital data

and information
[11]
Note 1 to entry: The definition is adapted from ISO/IEC 19501 .
© ISO 2022 – All rights reserved
---------------------- Page: 9 ----------------------
ISO 23629-12:2022(E)

Note 2 to entry: To provide the service, the SP uses facilities, trained and qualified staff, organizational

procedures as well as systems and devices executing one or more functions.
3.10
UTM service provider
UTM SP

organization playing the role of an UTM actor (3.8) which provides, normally in exchange of a fee, digital

data and information to UTM users (3.12), which may choose to take advantage from the offered service

[11]
Note 1 to entry: The definition is adapted from ISO/IEC 19501 .
3.11
UTM subject

information technology (IT) entity (including subsystem, component, or even class) representing a

software system residing on a physical system or platform, supporting the exchange of digital data and

information among several UTM users (3.12) and several UTM SPs (3.10) or operation support SPs (3.4),

and to which a set of use cases applies in the UTM (3.7) context
[11]
Note 1 to entry: The definition is adapted from ISO/IEC 19501 .

Note 2 to entry: Utilisation of at least one UTM subject is a necessary technical enabler for any UTM service (3.9),

but it is not a service in itself.
3.12
UTM user

organization or system, which uses digital data and information offered by an UTM SP (3.10) to fulfil

their mission that is neither an UTM SP nor an operations support SPs (3.4)
[11]
Note 1 to entry: The definition is adapted from ISO/IEC 19501 .
Note 2 to entry: The UTM user is an UTM actor (3.8).

Note 3 to entry: In addition to UAS operators, a non-exhaustive list of UTM users includes public authorities and

civil aviation authorities, law enforcement agencies (for safety, security and privacy), search and rescue, fire

brigades and other emergency services, providers of ATM/ANS to manned aviation, operators of aerodromes,

vertiports or other facilities supporting take-off/launch or landing/recovery of UAS, UAS manufacturers and

owners, insurance companies, ISO certifying bodies and qualified entities, training organizations, general public.

Note 4 to entry: In the digital ecosystem, at least three IT entities are typically under the responsibility of the

UAS operator:
a) the unmanned aircraft which during the flight exchanges digital information;

b) the station of the remote pilot, also exchanging digital data with other IT entities, but only when activated;

and

c) the workstation of the fleet manager (FM) potentially active full time and used in particular for planning the

flight exploiting some of the UTM or operation support services.
4 Abbreviated terms
AIMU aeronautical information management for UAS
AMC acceptable means of compliance
ANS air navigation service(s)
ATM air traffic management
COMO compliance monitoring officer
DAL design assurance level
DPO data protection officer
DSM digital surface model
© ISO 2022 – All rights reserved
---------------------- Page: 10 ----------------------
ISO 23629-12:2022(E)
DTM digital terrain model
FM fleet manager
HT head of training
IAF International Accreditation Forum
IT information technology
IUEI intentional unauthorised electronic interaction
OH&S occupational health and safety
OJT on-the-job training
SAFO safety officer
SDO standard development organisation
SECO security officer
SLA service level agreement
SP service provider
TBO trajectory-based operations
UAS unmanned aircraft system
V&V verification and validation
5 Service provision
5.1 SP key tasks

All providers of the UTM services listed in Annexes A and B and all providers of operation support

services listed in Annex C SPs shall establish and apply policies and procedures to ensure that:

a) a risk assessment is conducted for every type of service;

b) all personnel executing safety-related tasks are professionally competent and qualified in

compliance with Clause 12;

c) all systems necessary to provide UTM are maintained in accordance with the maintenance

programme consistent with the manufacturer’s instructions;
d) all activities are conducted according to appropriate checklists;

e) terms of service provision are clearly communicated to users, through conditions to be accepted by

the UAS operator or other service user, before registering to benefit from a given service; and

f) service level agreements (SLA) with other SPs or relevant organisations are in place when

cooperation has been established.
5.2 Geographical scope

The UTM SP shall define and communicate to potential users the designated operational coverage

within which services are available.
5.3 Technical requirements

The UTM SP shall control the accuracy and currency of information originated by the SPs or obtained

from external providers, in accordance with:

a) applicable industry standards, including in the series ISO 23629 and those developed by ISO/IEC

joint technical committee JTC 1 or those listed in the bibliography to this document;

b) procedures developed by the SP to complement a).
© ISO 2022 – All rights reserved
---------------------- Page: 11 ----------------------
ISO 23629-12:2022(E)
5.4 Interoperability and electromagnetic compatibility
The UTM SP shall implement technical means and procedures with regards to:
a) protocols to exchange information with UTM users and other
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.