Home' RTCA Documents for Review : C2 Link Systems MASPS_Draft Contents Appendix D
© 2018 RTCA, Inc.
Step 2. The probability that the C2 Link System is “needed” is calculated by dividing
the total time during which the C2 Link System could be used by the total time of actual
use. The numerator is the sum of both the time of actual use and the idle time between
uses. This value is then multiplied by the result from Step 1 because interruptions that
occur during the idle time will not affect information exchange.
Step 3. The result from Step 2 is converted to an “availability” using the formula:
availability = 1 – unavailability and then represented as a percentage. This results in
the probability that the C2 Link System between the two parties is in service when
Continuity - The probability that the transaction will be completed before the
Transaction Expiration Time assuming the communications system is
available when the transaction is initiated.
Note D-4: In the subsequent Subsections of this Appendix, Continuity is related to the
Allowable Quantitative Probability (see Table E-1) since that probability is
based on the Allowable Qualitative Probability (assessed in the OSA, C.4.3)
that the transaction is not completed before the time delay reaches the
Transaction Expiration Time.
Integrity – The acceptable probability of transactions completed with
Note D-5: In the subsequent Subsections of this Appendix, Integrity is related to the
Allowable Quantitative Probability (Table E-1) since that probability is based
on the allowable probability that the transaction is completed with undetected
The Allowable Qualitative Probabilities, also known as Safety Objectives, of these TET
being exceeded, were derived in the OSA (see the Hazard Analysis Worksheet (HAW) in
Annex A to APPENDIX C and Section C.4.3) and are based on the worst cased severity of
the potential ensuing hazard. Table E-2 for FR-1 and FR-3.1 and Table E-3 for FR-2 list
these severities and their corresponding Safety Objectives, i.e ., their Allowable Qualitative
Probabilities and have been copied from the OSA APPENDIX C.
These Allowable Qualitative Probabilities were then converted to Allowable Quantitative
Probabilities using the Risk Matrix shown in Table E-1. The aircraft used in this MASPS
scenarios were Risk Class 3 UAS and the associated Allowable Quantitative Probabilities
listed in Table E-1 were used to derive the example RLTPs.
Note D-6: Every UAS certification program conducted will have to establish its own
Allowable Quantitative Probabilities (in part based on the Risk Class of the
UAS) during the process of determining the certification criteria as required
by 14 CFR Part 21 §21.17(b). This regulation should be used for all UAS
certifications until specific certification rules are promulgated by the FAA.
Users of this document should NOT assume that their aircraft will be allowed
to use the Risk Class categories selected in this document based strictly on
kinetic energy as given in Table E-1.
The Risk Matrix (Table E-1) is proposed as a means of determining the appropriate
quantitative risk for a UAS based on the kinetic energy of the aircraft. This approach is
consistent with the FAA’s risk-based certification methodology that governs their
regulations and policy established for traditional aviation [reference “The FAA and
Industry Guide to Product Certification” Third Edition, May 2017]. However, the use of
Allowable Quantitative Probabilities below Risk Class 6 has not been agreed where the C2
Link System is supporting DAA related remote pilot activities. Consequently, in the case
of support of the Integrate and Aviate pilot tasks following a DAA Warning Alert, this
Links Archive DO-XYZ_ED-ABC_FRAC_SC236_MASPS Navigation Previous Page Next Page