ЕВРО

ru_RU Русский
ru_RU Русский en_GB English (UK) ar العربية ja 日本語 ko_KR 한국어 hu_HU Magyar tr_TR Türkçe es_ES Español cs_CZ Čeština sv_SE Svenska pt_PT Português el Ελληνικά fi Suomi nl_NL Nederlands ro_RO Română it_IT Italiano fr_FR Français pl_PL Polski uk Українська de_DE Deutsch zh_CN 简体中文 sk_SK Slovenčina
Блог
Securing the Skies – Proposed Rule Introduces New Security Requirements for Expanded Commercial Drone DeploymentsSecuring the Skies – Proposed Rule Introduces New Security Requirements for Expanded Commercial Drone Deployments">

Securing the Skies – Proposed Rule Introduces New Security Requirements for Expanded Commercial Drone Deployments

Alexandra Blake
на 
Alexandra Blake
6 минут чтения
Тенденции в области логистики
Октябрь 24, 2025

Immediate step: enforce rigorous screening of operators and require detailed training before growth in unmanned aerial activity.

Standard controls rely on software integrity, with published risk assessments, reliable maps, and near real-time визуальный images to detect anomalies, using integrated sensors. Across страны, training becomes critical as adoption grows; youre teams must carry out routine checks including screening and rescue procedures, enabling a clear view of newer operational risks.

In agriculture, metrics show adoption greatest where fleets integrate with crop scouting, irrigation, and pesticide safety. Published studies show yield gains up to 12% in trials when визуальный maps support crop monitoring, and training modules emphasize data handling and software updates to reduce cybersecurity risks. Know which controls deliver resilience across farm fields and port facilities using practical scenarios.

Screening of payloads and flight plans reduces risk exposure over densely populated zones. Since operators undergo background checks and device verifications, responders can carry out rapid interventions. These methods support interoperability across страны and reduce fragmentation, mitigating risks across systems.

To accelerate uptake, establish a modular training blueprint, including five core domains, and publish a standard software toolkit. Provide rescue drills, create offline capabilities, and carry out joint exercises near critical infrastructure. those steps align with agriculture sector needs and support rapid adoption in small nations and larger economies, with metrics published quarterly to track progress since last assessment.

Scope and Applicability: Which operations trigger the rule and where

Recommendation: Limit scope to operations inside public airspace that raise risks, spanning multiple states, involving c-uas units, and affecting pipelines, known objects, crops, or other critical infrastructure.

Triggering activities include aerial operations during training, data exchange, or photography tasks near sensitive sites such as drug facilities, pipelines, or known objects; operations across borders or near homeland assets require notice to oira and alignment with compliance expectations. Fall risk windows require timely mitigations.

Geography and trigger categories

Coverage applies across public airspace in states where positions of units intersect with populated zones, pipelines, and agricultural areas; including cross-border operations where data sharing occurs. Known objects and crops become metrics used in risk assessment, guiding limiting controls and safeguards that are easy to monitor by units on ground. Evaluation applies to each unit’s operational profile.

Compliance, data exchange, and oversight

Ongoing handling of notices, reports, and training must use standardized methods in data integration; ensure that workflows support secure exchanges between homeland entities, private sector members, and public agencies. This framework supports compliance work, using data quality checks, and preparing for risk assessments which have been recorded and included in annual oira reviews. This approach emphasizes importance of consistent oversight across units.

Data Security Standards: Encryption, data minimization, and secure storage

Data Security Standards: Encryption, data minimization, and secure storage

Recommendation: enforce encryption across data streams from capture to storage, including images and telemetry, using AES-256 at rest and TLS 1.3 in transit; deploy envelope encryption via a centralized key management service and rotate keys on a quarterly schedule while maintaining performance.

Data minimization: collect only what is necessary to complete a mission. Redact personal details in visual data; store only metadata needed to verify sightings; keep raw video during a defined period (e.g., 30 days) before automatic deletion. Aiming to lower exposure risk.

Secure storage governance: house data in multi-region repositories with strict access controls, role-based permissions, and immutable audit trails. Use HSM-protected keys and automatic rekeying. Regularly assess hostile access vectors, near maritime corridors or in agricultural zones; address dangerous access attempts; review data processing controls to minimize risk; implement failover to maintain availability during incidents; increase resilience against disruption, including during fire events.

Implementation Guidance

Policy, technology, and people form a three-part adoption plan. Align with ATSA compliance programs; include third-party assessments; june proposal planning informs next steps.

Metrics and Compliance

Key metrics include breach incidents, time to containment, data minimization adherence, encryption coverage, and performance. Track across activities including delivery, images, and visual data; ensure permits, quality standard alignment, and ongoing improvement; address challenges in complex, diverse missions across agriculture, maritime, and other environments; monitor range of devices and companies, commercially operated fleets.

Remote ID, Traceability, and Compliance Reporting

Implement unified Remote ID and traceability workflow immediately to satisfy national programs and avoid delays in operations.

Key actions include:

  • Adopt uncrewed equipment with a unique Remote ID broadcast, plus position data, to yield reliable traceability across units and services.
  • Require data packaging that includes ownership, model family, firmware version, and flight status; this provides a clear history of flights and ownership trails.
  • In february findings, regulators highlighted a standard data-sharing format that supports input from supervisors and national authorities.
  • Company programs must implement clear instructions for remote validation, including audit trails, to ensure compliance reporting across all uncrewed operations.
  • History-based risk assessment helps identify higher-risk uses, including airport proximity and limited operations near manned units.
  • National pathway must align with right obligations; testimony from supervisors and pilots can validate ongoing compliance.
  • rulemakings momentum tracks past decisions; incorporating rulemakings yields clearer expectations for national programs.

Pre-Deployment Security Assessments: Testing, risk reviews, and certification

Follow a structured pre-deployment process to prevent incidents, ensure risk reviews are completed, and obtain certification before operations.

Testing scope covers hardware, software, and procedural controls; gathered results define risk profiles for tiers of operations, including agriculture, urban, and remote flights.

Risk reviews focus on following protective controls, monitor separation between crews, and impact on enterprise services; according to gathered data, exemptions may apply for low-risk times.

Certification steps include factory acceptance testing, on-site assessments, and pilot training; include a clean list of criteria, and certify that safety, traceability, and incident handling meet needs.

Operational gains: increasing trust across crews, pilots, agriculture services, and enterprise teams; methods enable secure deployments and safer performances.

Implementation actions: monitor times, implement separation controls, conduct both lab and field tests, record findings, and update risk levels; this approach increases confidence and reduces impact.

Worlds of service providers converge on standardized pre-deployment checks; with collected data, greater exemptions can be identified and managed to prevent exposures.

Vendor and Platform Responsibilities: DJI’s role and practical compliance steps

Immediate recommendation: implement centralized risk framework linked to DJI platform updates, enabling adoption according to national standards, pipelines feeding continuous safety notices, and field activities that are tracked with data.

System responsibilities include delivering tuned software package, enabling pilots to access right procedures, and supplying data streams covering urban worlds, forest worlds, and aerial objects, with photography use-cases supporting commercial activities.

National authorities demand standardized data handling; DJI’s role contains a national record of sightings, notices, and sensor readings, stored securely and audit-ready.

Procedures cover sale controls, carry restrictions, and compliance with programs that cover data retention, notice sharing, and hostile events, enabling measurement of compliance across urban and forest campaigns, as part of onboarding.

Practical steps include verifying parts and sale chains, tuning software checks for covered components, implementing programs restricting uploads, maintaining national notice feeds via dashboards, and logging data to support audits.