UAS traffic management (UTM) — Part 12: Requirements for UTM service providers

This document includes compliance monitoring, safety, security, privacy and other organisational requirements for providers in the context of UAS traffic management services.

Gestion du trafic d'UAS (UTM) — Partie 12: Exigences pour les fournisseurs de services UTM

General Information

Status
Published
Publication Date
28-Jul-2022
Current Stage
6060 - International Standard published
Start Date
29-Jul-2022
Due Date
05-Feb-2023
Completion Date
29-Jul-2022
Ref Project

Buy Standard

Standard
ISO 23629-12:2022 - UAS traffic management (UTM) — Part 12: Requirements for UTM service providers Released:29. 07. 2022
English language
25 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)

INTERNATIONAL ISO
STANDARD 23629-12
First edition
2022-07
UAS traffic management (UTM) —
Part 12:
Requirements for UTM service
providers
Gestion du trafic d'UAS (UTM) —
Partie 12: Exigences pour les fournisseurs de services UTM
Reference number
ISO 23629-12:2022(E)
© ISO 2022

---------------------- Page: 1 ----------------------
ISO 23629-12:2022(E)
COPYRIGHT PROTECTED DOCUMENT
© ISO 2022
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii
  © ISO 2022 – All rights reserved

---------------------- Page: 2 ----------------------
ISO 23629-12:2022(E)
Contents Page
Foreword .v
Introduction . vi
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Abbreviated terms . 3
5 Service provision . 4
5.1 SP key tasks . 4
5.2 Geographical scope . 4
5.3 Technical requirements . 4
5.4 Interoperability and electromagnetic compatibility . 5
5.5 Subcontracts . 5
6 Safety . 5
6.1 Requirements for all SPs . 5
6.2 Additional requirements for safety-related UTM SPs . 6
6.3 Additional requirements for safety-critical UTM SPs . 7
6.4 Tasks of the COMO . 8
6.5 Tasks of the SAFO . 8
7 Security . 9
7.1 Requirements for all SPs . 9
7.2 Additional requirements for safety-related UTM SPs . 10
7.3 Additional requirements for safety-critical UTM SPs . 10
7.4 Tasks of the SECO . 11
8 Software safety assurance .12
8.1 Requirements for all SPs . 12
8.2 Additional requirements for safety-related UTM SPs .12
8.3 Additional requirements for safety-critical UTM SPs .12
9 Contingencies .13
9.1 Requirements for all SPs . 13
9.2 Additional requirements for safety-related UTM SPs . 13
9.3 Additional requirements for safety-critical UTM SPs .13
10 Maintenance .14
10.1 Requirements for all SPs . 14
10.2 Additional requirements for safety-related UTM SPs . 14
10.3 Additional requirements for safety-critical UTM SPs . 15
11 Privacy and data protection .15
11.1 Requirements for all SPs .15
11.2 Additional requirements for UTM SPs . 15
11.3 Tasks of the DPO . 16
12 Personnel competency .16
12.1 Requirements for all SPs . 16
12.2 Additional requirements for safety-related UTM SPs . 17
12.3 Additional requirements for safety-critical UTM SPs . 18
13 Manuals, procedures and records .18
13.1 Requirements for all SPs . 18
13.2 Additional requirements for safety-related UTM SPs . 19
13.3 Additional requirements for safety-critical UTM SPs . 19
14 Insurance .19
iii
© ISO 2022 – All rights reserved

---------------------- Page: 3 ----------------------
ISO 23629-12:2022(E)
Annex A (normative) Safety-critical UTM services .20
Annex B (normative) Safety-related UTM services .22
Annex C (normative) Operation support services .24
Bibliography .25
iv
  © ISO 2022 – All rights reserved

---------------------- Page: 4 ----------------------
ISO 23629-12:2022(E)
Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out
through ISO technical committees. Each member body interested in a subject for which a technical
committee has been established has the right to be represented on that committee. International
organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.
ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of
electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the
different types of ISO documents should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of
any patent rights identified during the development of the document will be in the Introduction and/or
on the ISO list of patent declarations received (see www.iso.org/patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO's adherence to the
World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT), see www.iso.org/
iso/foreword.html.
This document was prepared by Technical Committee ISO/TC 20 Aircraft and space vehicles,
Subcommittee SC 16, Unmanned aircraft systems (UAS).
A list of all published or planned parts in the ISO 23629 series can be found on the ISO website.
Any feedback or questions on this document should be directed to the user’s national standards body. A
complete listing of these bodies can be found at www.iso.org/members.html.
v
© ISO 2022 – All rights reserved

---------------------- Page: 5 ----------------------
ISO 23629-12:2022(E)
Introduction
0.1  Background
The functional structure of the UAS traffic management (UTM) services, including respective role of
[1]
possible services, is standardized in ISO/DIS 23629-5 .
Conversely, this document focuses on the responsibilities of the UTM service providers (UTM SPs) for
the safety, security and compliance monitoring of the provided services, as well as protection of related
data and information. A UTM SP contributes to the safety, security and compliance of operations of
unmanned aircraft systems (UAS), supporting the fulfilment of the responsibilities of the UAS operator.
[2]
Operational procedures and requirements for the UAS operator are specified in ISO 21384-3 .
Although UTM services are established considering the needs of UAS operators, these services also
support operations of properly equipped manned air traffic in the respective designated operational
coverage (DOC).
One organization may provide several UTM services; and each may have a specific DOC. The DOC may
be established by the regulatory authorities, depending on applicable legislation.
0.2  Purpose of the UTM SP integrated management system
[3]
The adoption of a management system according to ISO 9001 by the UTM SP can enable an
organization to provide high quality services. This document provides more specific guidance for safe,
secure and efficient air traffic management and air navigation services within the respective DOC.
The purpose of the organisation of the UTM SP is to provide a framework for ensuring safety and security
controlling related risks and opportunities. The aim and intended outcomes of the UTM services are to
prevent aviation accidents and incidents through the provision of UTM digital information planned in a
safe, secure and efficient way conforming to planned ISO 23629-3, while also ensuring sufficient quality
and protection of data and information; consequently, it is extremely important for the organization
of the UTM SP to identify hazards and minimize safety, security and privacy risks by taking effective
prescriptive, reactive, proactive, predictive and inter-organizational measures.
Integration of several functions in the organisation enables reducing the required resources otherwise
necessary to implement separate quality, compliance monitoring, safety, security and privacy systems.
An efficient organisation can also assist an UTM SP to fulfil applicable regulatory requirements.
Demonstration of successful implementation of this document can be used by an organization to:
— assure continuous improvement of its safety, security and privacy performance;
— give assurance to UAS operators and other affected stakeholders that an effective organisation is in
place;
— give evidence to insurance companies;
— provide an acceptable means of compliance (AMC) with regulatory requirements, when accepted by
the competent authority.
Adoption of this document by an UTM SP, however, will not in itself guarantee prevention of aviation-
accidents and incidents, in which performance of the UTM services may be one of the causal factors.
The level of detail, the complexity, the extent of documented information and the resources needed to
ensure the success of an UTM SP organisation depends on several factors, such as:
— the organization’s context (e.g. number of staff, size, geographical scope, culture, legal and regulatory
requirements);
— the scope of the provided UTM services;
vi
  © ISO 2022 – All rights reserved

---------------------- Page: 6 ----------------------
ISO 23629-12:2022(E)
— the nature, safety criticality and scope of the provided UTM services and the related safety, security
and privacy risks.
0.3  Content of this document
This document contains requirements that can be used by an organization to provide safe, secure and
efficient UTM services.
This document includes requirements on qualifications and training of personnel, UTM service
provision, maintenance and competence of maintenance staff as well as occurrence reporting, safety,
security and privacy.
Technical requirements for verification, and validation, of UTM constituents, systems and services
(transaction time, availability, continuity, integrity, security, etc.) to comply with safety, security and
quality requirements for UTM services are specified in planned ISO 23629-2 or any suitable standard
published by an authoritative standard development organisation (SDO).
This document does not include requirements specific to other topics, such as those for quality,
occupational health and safety (OH&S), social responsibility, environmental or financial management
or use of the electro-magnetic spectrum, though its elements can be aligned or integrated in the
organisation of the UTM SP.
An organization that wishes to demonstrate conformity to this document can do so by:
— making a self-determination and self-declaration;
— seeking confirmation of its conformity by parties having an interest in the organization, such as
UAS operators using the services provided by the UTM SP;
— seeking confirmation of its self-declaration by an independent, accredited and competent third-
party external to the organization; or
— seeking certification of its organisation by an aviation authority, when required by applicable
regulations.
NOTE The International Accreditation Forum (IAF) is the world association of conformity assessment
accreditation bodies and other bodies interested in conformity assessment in the fields of management systems,
products, services, personnel and other similar programmes of conformity assessment. Its primary function is to
develop a single worldwide program of conformity assessment which reduces risk for business and its customers
by assuring them that accredited certificates can be relied upon. Accreditation assures users of the competence
and impartiality of the body accredited. These bodies are referred under different terms in different states, like,
e.g. “designees”, “notified bodies”, “qualified entities” or else.
vii
© ISO 2022 – All rights reserved

---------------------- Page: 7 ----------------------
INTERNATIONAL STANDARD ISO 23629-12:2022(E)
UAS traffic management (UTM) —
Part 12:
Requirements for UTM service providers
1 Scope
This document includes compliance monitoring, safety, security, privacy and other organisational
requirements for providers in the context of UAS traffic management services.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their content
constitutes requirements of this document. For dated references, only the edition cited applies. For
undated references, the latest edition of the referenced document (including any amendments) applies.
ISO 21384-4, Unmanned aircraft systems — Part 4: Vocabulary
3 Terms and definitions
For the purposes of this document, the terms and definitions given in ISO 21384-4 and the following
apply.
ISO and IEC maintain terminology databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at https:// www .electropedia .org/
3.1
constituent
tangible objects such as hardware and intangible objects such as software upon which the provision of
UTM services (3.9) depends
Note 1 to entry: The definition is adapted from Reference [4].
3.2
designated operational coverage
DOC
geographic volume of airspace within which an UTM service (3.9) is available in compliance with
designation by competent authorities if applicable, with sufficient performance including availability,
continuity, integrity and timeliness and, if applicable, with sufficient radio signal quality and protection
from other users of the electromagnetic spectrum
Note 1 to entry: The definition is adapted from Reference [5].
3.3
in-time system-wide safety assurance
ISSA
safety net utilising system-wide information to provide alerting and to trigger mitigation strategies in
time to address emerging risks
Note 1 to entry: It is part of proactive safety management.
1
© ISO 2022 – All rights reserved

---------------------- Page: 8 ----------------------
ISO 23629-12:2022(E)
Note 2 to entry: The definition is adapted from Reference [6].
3.4
operation support service
web-based tools and information provided by a service provider (SP) to an UAS operator or its staff, to
support safe and efficient planning and execution of a flight mission, as well as post-flight activities
Note 1 to entry: Operation support services cover a time span much wider than UTM services (3.9). Although they
support UAS operations, they are neither traffic management nor air navigation services.
3.5
safety-critical UTM service
UTM service (3.9) providing functions that, if lost or degraded, or as a result of incorrect or inadvertent
operation, could result in catastrophic consequences
[SOURCE: ISO 14620-1:2018, 3.1.17, modified — The term has been changed from "safety critical
function"; "function" has been changed to "UTM service providing functions"; "or critical" has been
removed before "consequences". See Reference [7].]
3.6
safety-related UTM service
UTM service (3.9) providing functions that have the potential to contribute to the violation of or
achievement of a safety goal, but whose loss of degradation would not in itself produce catastrophic
consequences
[SOURCE: ISO 26262-1:2018, 3.1.17, modified — The term has been changed from "safety-related
function"; "function" has been changed to "UTM service providing functions"; "but whose loss of
degradation would not in itself produce catastrophic consequences" has been added at the end. See
Reference [8].]
3.7
UAS traffic management
UTM
set of traffic management and air navigation services (ANS) aiming at safe, secure and efficient
integration of multiple manned and unmanned aircraft flying inside the respective DOC (3.2) of each
service
Note 1 to entry: The definition is adapted from Reference [9] and harmonised with the one in Reference [10].
Note 2 to entry: In accordance with Reference [10], UTM services (3.9) initiate when the UAS operator files a
request for clearance to enter airspace and terminates when the UA reaches the parking position, the primary
propulsion systems are switched off and the operational plan is closed.
[SOURCE: ISO 23629-7:2021, 3.11, modified — Notes 1 and 2 to entry have been added.]
3.8
UTM actor
role played by an UTM user (3.12) or UTM SP (3.10) or provider of operation support (3.4) that interacts
with the UTM subject (3.11)
Note 1 to entry: An actor models a type of role played by an entity that interacts with the subject (e.g., by
exchanging signals and data), but which is external to the subject.
[11]
Note 2 to entry: The definition is adapted from ISO/IEC 19501 .
3.9
UTM service
result of at least one activity necessarily performed at the interface between the UTM SP) (3.10) or
operation support (3.4) provider and the UTM user (3.12), which consist in the provisions of digital data
and information
[11]
Note 1 to entry: The definition is adapted from ISO/IEC 19501 .
2
  © ISO 2022 – All rights reserved

---------------------- Page: 9 ----------------------
ISO 23629-12:2022(E)
Note 2 to entry: To provide the service, the SP uses facilities, trained and qualified staff, organizational
procedures as well as systems and devices executing one or more functions.
3.10
UTM service provider
UTM SP
organization playing the role of an UTM actor (3.8) which provides, normally in exchange of a fee, digital
data and information to UTM users (3.12), which may choose to take advantage from the offered service
[11]
Note 1 to entry: The definition is adapted from ISO/IEC 19501 .
3.11
UTM subject
information technology (IT) entity (including subsystem, component, or even class) representing a
software system residing on a physical system or platform, supporting the exchange of digital data and
information among several UTM users (3.12) and several UTM SPs (3.10) or operation support SPs (3.4),
and to which a set of use cases applies in the UTM (3.7) context
[11]
Note 1 to entry: The definition is adapted from ISO/IEC 19501 .
Note 2 to entry: Utilisation of at least one UTM subject is a necessary technical enabler for any UTM service (3.9),
but it is not a service in itself.
3.12
UTM user
organization or system, which uses digital data and information offered by an UTM SP (3.10) to fulfil
their mission that is neither an UTM SP nor an operations support SPs (3.4)
[11]
Note 1 to entry: The definition is adapted from ISO/IEC 19501 .
Note 2 to entry: The UTM user is an UTM actor (3.8).
Note 3 to entry: In addition to UAS operators, a non-exhaustive list of UTM users includes public authorities and
civil aviation authorities, law enforcement agencies (for safety, security and privacy), search and rescue, fire
brigades and other emergency services, providers of ATM/ANS to manned aviation, operators of aerodromes,
vertiports or other facilities supporting take-off/launch or landing/recovery of UAS, UAS manufacturers and
owners, insurance companies, ISO certifying bodies and qualified entities, training organizations, general public.
Note 4 to entry: In the digital ecosystem, at least three IT entities are typically under the responsibility of the
UAS operator:
a) the unmanned aircraft which during the flight exchanges digital information;
b) the station of the remote pilot, also exchanging digital data with other IT entities, but only when activated;
and
c) the workstation of the fleet manager (FM) potentially active full time and used in particular for planning the
flight exploiting some of the UTM or operation support services.
4 Abbreviated terms
AIMU aeronautical information management for UAS
AMC acceptable means of compliance
ANS air navigation service(s)
ATM air traffic management
COMO compliance monitoring officer
DAL design assurance level
DPO data protection officer
DSM digital surface model
3
© ISO 2022 – All rights reserved

---------------------- Page: 10 ----------------------
ISO 23629-12:2022(E)
DTM digital terrain model
FM fleet manager
HT head of training
IAF International Accreditation Forum
IT information technology
IUEI intentional unauthorised electronic interaction
OH&S occupational health and safety
OJT on-the-job training
SAFO safety officer
SDO standard development organisation
SECO security officer
SLA service level agreement
SP service provider
TBO trajectory-based operations
UAS unmanned aircraft system
V&V verification and validation
5 Service provision
5.1 SP key tasks
All providers of the UTM services listed in Annexes A and B and all providers of operation support
services listed in Annex C SPs shall establish and apply policies and procedures to ensure that:
a) a risk assessment is conducted for every type of service;
b) all personnel executing safety-related tasks are professionally competent and qualified in
compliance with Clause 12;
c) all systems necessary to provide UTM are maintained in accordance with the maintenance
programme consistent with the manufacturer’s instructions;
d) all activities are conducted according to appropriate checklists;
e) terms of service provision are clearly communicated to users, through conditions to be accepted by
the UAS operator or other service user, before registering to benefit from a given service; and
f) service level agreements (SLA) with other SPs or relevant organisations are in place when
cooperation has been established.
5.2 Geographical scope
The UTM SP shall define and communicate to potential users the designated operational coverage
within which services are available.
5.3 Technical requirements
The UTM SP shall control the accuracy and currency of information originated by the SPs or obtained
from external providers, in accordance with:
a) applicable industry standards, including in the series ISO 23629 and those developed by ISO/IEC
joint technical committee JTC 1 or those listed in the bibliography to this document;
b) procedures developed by the SP to complement a).
4
  © ISO 2022 – All rights reserved

---------------------- Page: 11 ----------------------
ISO 23629-12:2022(E)
5.4 Interoperability and electromagnetic compatibility
The UTM SP shall implement technical means and procedures with regards to:
a) protocols to exchange information with UTM users and other
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.