Aviation Safety and Security Management

UNIVERSITY OF TOMORROW
Aviation Safety and

Security Management
Unit 1
Introduction to Aviation Safety

and Security Management
Learning Objectives Introduction

By the end of this unit, you will be
able to:
● Describe safety management
● Explain safety statistics
● Discuss economic benefits of

aviation safety and traffic growth
● Know security management
● Explain global aviation and security

plan
In addition to these ICAO also lays down the (NCASP), implemented by BCAS:
guidelines for the SARPs through documents. ICAO
● monitors the implementation of regulations,
is the crux to establish cooperation in all fields of
standards, measures, practices, and procedures
civil aviation among its 193 Member States.
by airports and airlines
IATA which represents the airline industry has inspects

● respective facilities to ensure
published manuals on safety and security compliance
concerning the aviation industry. Along with this,
● conducts training programs & audits
it is also involved in providing training courses
● certifies screeners (hold baggage screening) and
and also takes care of safety/ security audits.
FAA, EASA, and CAA are some of the most noted issues Aerodrome Entry Permits (AEP).
regulators, whose publications, advisory circulars,

With remarkable and relentless aviation traffic
and guidelines are adopted by various States.
growth, more aircraft, busier airports, more airline
In India, DGCA issues advisory circulars, lays down personnel (cockpit crew and cabin crew) & aircraft
guidelines, develops the State Safety Program maintenance teams, etc., are anticipated. Also,
(SSP), and approves/monitors the implementation effective & efficient oversight, monitoring, and
of SMS of aviation organizations. BCAS in India is ensuring thorough implementation of SOPs are
the regulator for civil aviation security. It publishes required.
guidelines, processes, and procedures for the
implementation of Annex 17 / Doc 8973. This unit focuses on the management system for
the States and Service Providers, for sustained
The National Civil Aviation Security Programme safety enhancement and improved safety
2
performance. The safety measures related to the implementing State Safety Programme (SSP),
transportation of dangerous goods, Aerodrome which systematically addresses the safety risks.
emergency planning, and ARFF services (for For the SSP implementation, ICAO supports the
preparedness and reducing the impact due to States through deliverables with specific timelines
accidents), and safety audits by ICAO, IATA is also (from the year 2016 to 2022), for each deliverable.
covered in this unit. The deliverables are:
1. Issuance of SARPs including amendment 1 to

The course content on the security management
Annex 19.
aspect is prepared based on ICAO SARPs, ICAO
manuals, DGCA circulars, IATA / ICAO reports & 2. Providing Guidance and Training such as Safety
publications. Management Training Programs / Courses, SMS
manual Doc 9859 (4th Edition), SMS workshops,
Some of the contents are ‘as described in these online courses on Safety Management, SSP
documents so that the intent of the guidelines is foundation tool, SMS implementation tool, the
maintained but the description is condensed for launch of SMS website, Symposium & Seminars.
initiation into the safety and security management
3. Universal Safety Oversight Audit Programme
aspects. Some practices as it happens in the
(USOAP), Continuous Monitoring Approach
industry have been included to explain the context
(CMA), Revision to Safety Oversight Manual
for better understanding.
(Doc 9734), SSP implementation assessment
on selected States, and SSP Protocol Questions
Safety Management (PQs) for States.
The best way to manage safety is by improving 4. Global Aviation Safety Plan (GASP) – GASP tries to
safety performance. This can be done by establish a continuous safety strategic plan. The
3
4
5
● Ground movement related such as the collision
of a vehicle with aircraft, foreign object debris
(damage), aircraft refueling operations related.
● Airport infrastructure related such as failure of

runway/taxiway lights, poor surface friction of
runway, inadequate airfield signs, airfield layout
with hotspots, inadequate clearances, obscured
airfield pavement marking, and non-compliance
to SARPs in design/operations/maintenance.
● Obstacles in or around the airport resulting in

operational restrictions or impact.
Economic Benefits of Aviation Safety

and Traffic Growth
In the year 2018, globally 4.3 billion passengers
used the air mode of transport and 58 million tons
of air freight were handled during the year. There
were 38 million scheduled commercial flights
and airlines covered 48,500 routes, 54 billion KM
and 85 million hours were flown. During this year,
6
7
8
9
Talking about India, it is the responsibility of the
Bureau of Civil Aviation Security (BCAS) to take care
of Aviation Security Standards in accordance with
Annex 17. BCAS also monitors and implements
security rules and regulations. Further, it also
ensures that the security personnel is well-trained
and competent enough to take care of all security
matters.
An effective security system can be implemented

only if the authorities engage right from the
conceptual stage including designing the airport
facilities, designing the security systems, laying
down operational processes, and hiring competent
staff. The planners must develop a holistic approach
to address security concerns.
It must be taken care that the security measures

do not hinder the comfort of the passengers. There
must be a balance to attain passenger facilitation,
operational efficiency, and security requirements.
It is assumed that the traffic growth will get double

in the next few years. Therefore, this will enhance
the need for more security at airports and flights.
One should not underestimate the concern for
safety and security especially when aviation traffic
is bound to increase.
10
11
Unit 2
Overview of Safety
Management
Introduction
The aviation industry is highly susceptible to risks and
threats. Hence safety concern is a big issue. Since air travel
is prone to accidents and other unfavorable incidents,
proactive measures need to be taken to ensure safety
management. Safety management practices will enable the
State to prioritize activities that can help in attaining security
and safety. Efforts should be made to manage steps for
safety and security in a disciplined, organized, and focused
manner.
Safety Management
A formal and integrated effort towards safety management
activities helps to strengthen the entire program. A State’s Safety Program (SSP) is a broad concept.
States can strengthen safety management It is regulated and managed by the State so that the
activities through: desired level of safety performance level is achieved
and maintained in the aviation sector. State safety
● State Safety Program (SSP).
oversights the system’s Critical Elements (CEs) and
● Safety Management Systems (SMSs) for its
constitutes the foundation of an SSP.
service providers.
2 Overview of Safety Management

Airport Operator’s responsibilities/functions
(Example- Airport Operations including
airside, Security, Engineering maintenance,
Infrastructure improvement)
Safety Policy
Safety Targets
Activities for the functions
External Organisations-ATS,
Hazard Analysis & Acceptable Level of Safety
Airlines, Ground Handlers
Implementation
Monitor and Measure
Management Review

Benefits of Safety Management
The following are the benefits of implementing
safety management:
● It strengthens the safety culture.
● It assures safety with a documented, and

process-based approach.
● It helps to understand safety-related interfaces

and relationships
● It can help in the early detection of safety hazards.
● It ensures that safety is the prime
● Possible financial savings through reduced

insurance premiums.
● Improved efficiencies.
● Cost avoidance due to reduced accidents and

incidents.
Summary
SSP is a program that helps to manage the
responsibilities of the State when it comes to safety.
The Safety Management System provides a

systematic approach to the service providers.
This helps them to manage safety in an effective
manner. With respect to SSP, SARPs require States
to establish the 8 CEs mentioned under SSP and
safety management responsibilities. Gap analysis
is essential before implementing SSP/SMS. This is
done to identify any gap or deviation between the
existing organizational structures & processes and
that are required for the effective implementation
of SSP/SMS.

Unit 3
State Safety
Program (SSP)
Introduction
2 State Safety Program (SSP)
Component 1: State Safety Policy, requirements requires implementing the regulations
Objectives, and Resources without any deviations. The service provider or the
authority can in no case justify oneself. Following
Primary aviation legislation: In order to facilitate
SARPs from Annex 14 is an example of prescriptive
the State authorities to perform their respective
regulation. Non-compliance to this regulation
roles, legal compliance is necessary.
requires an exemption from the Civil Aviation
Authority and a deviation to be filed with ICAO
Examples of aviation authorities are the Civil Aviation
Authority and Accident Investigation Agency. It is
“A runway end safety area shall be provided at each
imperative for the State to demonstrate and prove
end of a runway strip where:
its commitment when it comes to handling safety
management responsibilities. ● the code number is 3 or 4; and
● the code number is 1 or 2 and the runway is an

Specific operating regulations: To control safety instrument one.”
risks, safety regulations are an important tool. These
operating regulations can be either prescriptive or At the same time, the standards which enable
performance-based or a combination of these two. performance-based regulations are expressed in
Regulations that clearly state what must be done terms of the desired outcome without specifying
and how it must be done are prescriptive types. It how this will be achieved. In such a scenario, the
is expected that sincere observance and practice service provider justifies the proposed approach in
of these regulations can help to achieve the desired attaining the desired outcome.
level of safety. It has been observed that after any
unforeseen event, many prescriptive regulations are An example of the performance-based regulation
developed so that such an event can be prevented from Annex 14 is as below:
in the future. If we see things from the point of “For a runway meant for use in runway visual range
view of the service providers, meeting prescriptive

NASP for India is as below: and respective targets will be applicable to all the
Aviation organizations/service providers in the
India has prepared NASP for the years 2018-2022,
State, as appropriate.
which is based on the activities defined in the State
Safety Program (SSP). NASP is derived from State
The flow chart of NASP for India looks like the
Safety Policy and State Safety Objectives. SPIs
following:

India has identified 8 key safety priorities (as per The Safety Performance Indicators for this safety
National Aviation Safety Plan India 2018-22). priority are:
For each of the safety priorities, the number of ● Unstabilized approach.
performance indicators will be identified and
● Unstabilized approach that continues to land.
for these performance indicators targets will be
determined year-wise. The performance indicator ● Unstabilized approach while precision approach.
chosen should be such that these truly reflect the ● Unstabilized approach while non-precision
safety priority status. approach.
● Unstabilized approach while visual approach.

Let us take one example of safety priority. That
is “Runway Excursions and Overruns”. The safety ● Near runway excursion.
objective for this safety priority is “reduce the ● Runway excursion.

number of runway excursions/overruns”. To meet
this safety objective, safety performance indicators The next step is to determine the target for the next
(SPIs) and targets (Safety Performance Targets – few years based on the current value for each of the
SPTs) for the SPIs are to be determined. targets. The targets are set as listed in table below:

Unit 4
State Safety Program

(SSP) (Contd)
Introduction
2 State Safety Program (SSP) (Contd)
Unit 5
Safety Management
System (SMS)

By the end of this unit, you will be
able to:
● Decribe components and elements

of the ICAO and SMS framework
● Discuss SMS Gap analysis, and

implementation
The SMS tries to minimize aviation accidents and ability in this direction.
other unforeseen and unfavorable incidents. It
helps service providers to manage their activities Components and Elements of the ICAO SMS
and resources to achieve safety standards. An Framework
effective SMS effectively contributes to safety
The table below shows the components and
management and enhances service providers'
elements of the ICAO SMS Framework:
2 Safety Management System (SMS)

important. This promotes a culture of participation and communicating to all personnel so that they
and shared responsibility. understand and perform their functions according
to the safety policy.
The policy also includes a safety reporting system
and specifies the disciplinary policy in case safety An Example of Safety Policy of an Airport
events or issues are reported.
“Airport will proactively act for prevention of
accidents and incidents, injuries through compliance
Safety objectives specify the aim of the organization
of all legal and regulatory requirements, voluntary
for achieving safety outcomes. These are high levels
hazard reporting and safety risk assessment and
statements of the organization’s safety priorities
management by allocating appropriate resources
based on the history of safety performance and its
and ensure continuous safety performance
most significant safety risks. To monitor whether
improvement.”
these objectives are achieved, Safety Performance
Indicators (SPI) and targets for these indicators i.e.,
Safety Performance Targets (SPT) are defined. It is
advisable to review safety policies periodically to
ensure their relevance over a period.
Management Commitment is the core of SMS and

this should be made visible to the entire organization
by endorsing the policy by the Senior Management

Signature / Name of the CEO / Airport Name Typically, Chief Executive Officer is designated as
Accountable Executive. All the personnel working
An Accountable Executive owns decisive authority
in the safety-related functions of the operations
over safe operations in the organization. The
will also have clearly defined accountability and
Accountable Executive:
responsibility. These must be clearly communicated
● Is responsible for establishing and promoting across the organization and get reflected in the
safety policy and objectives. SMS document. It is important that every senior
● Has the authority to make decisions, and have manager actively participates in the operation of
control of financial aspects and human resources SMS since safety is the most important element.
● Chairs the safety review meetings to reinforce

SMS of one service provider may have an interface
his visibility and commitment to the process.
with another service provider when they together
● Cannot delegate certain functions. These include perform an activity. This is required to be considered
laying down acceptable safety risk limits, budget while defining the accountability and responsibility
allocation and other resources, training activities, of the personnel.
and so on.
● Has clearly identified accountability and The Safety manager is appointed to facilitate the
responsibility. effective implementation and functioning of SMS.

Unit 6
Safety Risk Management

By the end of this unit, you will be The aviation system is dynamic and extensively prone to
able to: changes. Thus, SRM tends to be a continuous activity. Due
● Describe safety risk management to significant changes, new hazards may come to know.
Also, existing hazards change with time. Thus, the safety
● Discuss meaning of hazard
risk mitigation strategies have to be monitored so that
● Learn hazard identification and these prove appropriate with types of hazards and also to
prioritization determine if further action is required.
● Explain hazard identification

methodologies Safety Risk Management (SRM)
SRM is an essential component of safety management and
includes:
What is Hazard? of aircraft or interrupts aviation safety-related
equipment, products, and services.
Hazard is defined as “A condition or an object with
the potential to cause or contribute to an aircraft
A consequence is an outcome that can be triggered
incident or accident”: (ICAO)
by a hazard. If a hazard is clearly identified, the
consequences can also be easily identified.
In aviation, a hazard is a potential for harm that
can exist in various forms. For example, it may be a
An immediate outcome of the hazard while landing
natural condition like terrain or can be manmade like
with a large crosswind during a storm could be loss
a communication tower. Since hazards are certain,
of lateral control first followed by a consequent
it is important to identify these so that steps can be
runway excursion and the ultimate consequence
taken to lessen their impact. The adverse effects
could be an accident.
can be handled to some extent through mitigation
strategies. Therefore, the identification of hazards A hazard can lead to more than a single
is the first step in the SRM process. consequence. Therefore, it is important to identify
all possible and probable consequences. This
Understanding Hazards and their Consequences
will help in risk assessment and taking steps to
Identification of hazards means figuring out those minimize the adverse effects.
conditions that can impact the safe operation
2
3
4
5
6
7
Unit 7
Safety Risk Severity
Introduction
The aviation system is dynamic and extensively prone to
changes. Thus, SRM tends to be a continuous activity. Due
to significant changes, new hazards may come to know.
Also, existing hazards change with time. Thus, the safety
risk mitigation strategies have to be monitored so that
these prove appropriate with types of hazards and also to
determine if further action is required.
It is essential to assess the severity of risks with respect to

potential consequences related to hazards. The given unit
gives comprehensive learning about safety risk severity in
the aviation sector.
Safety Risk Severity performance of the flight characteristics and
requires a major repair of the damaged part or
After assessing the probability of risks, the next
its replacement. The damage could impact the
step is to evaluate the severity. Severity can be
normal functioning of flight operations.
classified based on two factors:
● Fatalities or serious injuries which would occur Assessing the severity of the damage should
as a result of personnel being in the aircraft or consider all possible aftereffects till the worst that
having direct contact with any part of the aircraft could have happened.
or jet blast.
Given below is a table to depict the level of severity.
● Damage or structural failure of the aircraft
Note that, the table is an example only:
or ATC or aerodrome equipment affects the
2 Safety Risk Severity

Given below is another example of a hazard severity aircrew, and air traffic services:
that describes the effect on operations, occupants,

Safety Risk Tolerability Rating particular matrix.
To get the safety risk index rating, the results of

An example is given below to explain the same:
probability and severity scores are combined. This
is an alphanumeric designator. The respective
Consider a situation where the safety risk probability
combinations related to probability and severity
has been assessed as Frequent (5), the safety risk
are presented in the safety risk assessment matrix.
severity has been assessed as Major (C), the safety
The safety risk of hazard can be obtained from this
risk index of the hazard is (5C)
pose extremely adverse effects and therefore it is

advisable to stop activities or take severe mitigation
actions.

Assessing Human Factors Related Safety Risk Mitigation Strategies
Risks Safety risk mitigation can also be referred to as
Human factors hold prime importance in safety risk control. Safety risks can be managed
SRM. Human beings have limitations and their through mitigation strategies. These risks need to
performance can vary. Thus, they can contribute be balanced against time and cost and by taking
to accidents or other incidents. At the same time, steps to reduce their impact. The level of risks can
they can contribute to taking corrective actions to be minimized by reducing the severity of potential
prevent accidents. Thus, it is important to identify, aftereffects, reducing the frequency of occurrences,
assess and mitigate risks that involve human and reducing risk exposure to risks. Reducing
beings. SRM assesses all aspects of safety risks, severity is a bit difficult, therefore it is advisable to
and assessing the performance of human factors minimize the chances of occurrences.
is quite complex compared to assessing those risk
factors that could occur due to technology and The categories of safety risk mitigation strategies
environmental issues. can be described as:
A mitigation strategy can involve either of the

above-mentioned strategies or a combination of
these.
It is highly essential to consider human factors

while identifying effective mitigations. Human
beings have the responsibility for corrective
actions. They provide inputs for use of processes
for mitigation. In the absence of human expertise,
the procedures developed might not work in the
correct and required direction.
At the same time, human beings have certain

performance limitations. These have to be to implement a mitigation strategy and how
considered as part of any safety risk mitigation. The appropriate is it with respect to the real-world
human factor perspective results in comprehensive conditions
and effective mitigations.
● Enforceability: The extent to which new rules
and regulations can be enforced
The effectiveness of mitigation strategies needs to
● Durability: The extent to which the strategy would
be evaluated. The given perspectives can be kept
prove effective and sustainable
in mind:
● Residual safety risks: The extent of risks that are
● Effectiveness: The degree to which the
subsequent to the implementation of mitigation
alternatives minimize or eliminate the risks judge
strategy initially, and the need for additional
the effectiveness. Effectiveness is determined
safety measures
in terms of technical, training, and regulatory
defenses. ● Unintended consequences: Any new hazard that
arises as a consequence of the implementation
● Cost/benefit: The extent to which acquired
of the strategy
benefit exceeds the cost involved
● Time: Time required for the implementation of
● Practicality: The extent to which it is feasible
the safety risk mitigation alternative
Effectiveness Durability
Cost/benefit Residual safety risks

The effectiveness of mitigation
strategies needs to be evaluated.
The given perspectives can be kept
Unintended
Practicality in mind:
consequences
Enforceability Time
Corrective measures should consider current effectiveness of mitigations is through the use of
defenses and the ability or inability to attain an Safety Performance Indicators.
acceptable level of safety risks. It is advisable to
assess the impact of any corrective action/s that Safety Risk Management Documentation Using
has been taken previously. Verification of safety Hazard Register
risk mitigation strategies has to be done to ensure
It is important to clearly document the safety risk
their effectiveness. Another way to monitor the
management activities, including any assumptions

Unit 8
High-Risk Categories of
Safety Occurrence and
Mitigating Measures
Introduction
2 High-Risk Categories of Safety Occurrence and Mitigating Measures
suspended for three months by the DGCA since the
respective officer misheard the clearance given by
ATC. As a result, incorrect directions were given to
the pilot-in-command (PIC) which caused a runway
incursion at Mumbai airport. The two aircraft
involved in the incident had similar call signs.
DGCA suspended two pilots for not paying

attention to the instructions given by ATC which
led to an accident. Flight A320 had to take off and
did not adhere to the instructions given by Surface
Movement Control (SMC) to wait at holding point
This is a signal that it is unsafe to enter or cross the “A” at RWY. However, the pilot did not hold and an
runway. incursion took place.
● When an aircraft is aligned on the runway for
take-off and any other aircraft or vehicle enters or
Runway Excursion
crosses the runway, the illumination of red lights
is an indication that it is not safe to start the take- ICAO defines a runway incursion as: “A veer off or
off roll. overrun off the runway surface”.
● When ARIWS lights trigger, it is a globally

An aircraft may not stay on the runway payment
accepted indication for pilots and drivers to
during take-off or landing. It might move to the side
“STOP IMMEDIATELY”.
of the runway or beyond the runway end. This leads
to a runway excursion which might be intentional or
Surface Indications and Alert System (SURF) is
unintentional on the part of the pilot.
designed so that pilots can avoid collisions. The
credit for developing SURF goes to Honeywell
Aerospace under a Single European Sky ATM
Research (SESAR) research program in partnership
with Airbus, Dassault, and Euro-control. The
software uses a combination of ADS-B, algorithms,
and flight data analysis. This helps pilots to get
visual as well as audio warnings about any hazard
on the runway. However, it is just an alert, the
ultimate decision has to be taken by the pilot as to
how to deal with the situation. SURF covers both
runways and cross-runways.
Runway Incursion Example
The first officer of an airline company was

● Damage to the aircraft, which had runway unstable approach condition regardless of runway
excursion, and may also damage other aircraft or length allowing them to address instability before
vehicles. a go-around becomes necessary. It also alerts the
● Damage to the airfield, for example, damage to crew with possible landing beyond the Touch Down
runway lights. Zone (TDZ) regardless of available runway length,

when crews have little or no visual reference to
● Airport operation may get affected by either total
identifying the end of TDZ.
closure for airports with a single runway or partial
or affects capacity if there are multiple runways
Unstable approaches and go-arounds can be
in the airport. Such impact will continue till the
avoided thus improving schedule integrity and
aircraft is removed from that location to the bay,
blocking time variability with the following solutions,
as the aircraft, which had runway excursion may
using runway information from the EPGWS:
obstruct the use of that runway. Removal of such
● Runway Awareness and Advisory System (RAAS)
aircraft may take several hours.
from Airbus, Boeing, or Honeywell.
Approach and Landing Accident Risks are attributed ● Honeywell SmartRunway/SmartLanding-

to Unstable approaches, undesired airplane state, includes stabilized approach monitor.
failure to go around, weather, runway conditions,
● Airbus Runway Overrun Prevention System
and late runway changes. IATA Risk Mitigation
(ROPS).
publications, Enhanced Training, Landing distance
● Boeing Runway Situational Awareness Tools
assessment, Go- Around training, and alerting
(RSAT).
systems are some of the mitigating measures.
Software upgrade to Enhanced Ground Proximity
Airbus/NAVBLUE Landing Surveillance (A is a
Warning System (EGPWS) alerts crews to an

serious issue. The reasons for such incidents ACAS is found to be very useful equipment for the
could be either due to air traffic controllers pilot as it immediately issues alert warnings for the
(attributable to workload or other reasons) or pilots avoidance of collision. ACAS provides avoidance
misunderstanding or not following strictly ATCO protection & air space situational awareness for
instructions. ICAO has included MIC as High-risk the aircraft.
Category in 2019 since such incidents are serious
and may result in an accident and if that happens ACAS advises pilots to avoid potential collisions.
the fatality would be very high. This is done through resolution advisories (RAs),
which recommend actions, and through traffic
Airborne Collision Avoidance System (ACAS) advisories (TAs). The intention is to prompt visual
or Traffic collision avoidance system (TCAS) is acquisition and act as a precursor to Ras. ACAS
an air-to-air communication system that gives provides a backup collision avoidance service to
audio-visual warnings in the cockpit in the event the existing ATC system. ACAS does not depend
of a potential danger being faced in the form of a upon any ground-based systems.
conflicting aircraft dangerously coming in proximity.

There are three types of ACAS:
ACAS I issues warning known as traffic advisories

01 (TA) but does not provide Resolution Advisories
(RA).
ACAS II provides vertical Resolution Advisories

(RA) in addition to TA, but not the horizontal 02
resolution advisory.
ACAS III provides vertical as well as horizontal

03 Resolution Advisories in addition to Traffic
Advisories.
A real example: these to safe distances thus preventing a serious

accident.
Two planes in X airspace were only 250 meters
apart. This depicts a very high chance of collision.
However, TCAS acted well on time and diverted

worldwide terrain/obstacle/airport database which
the equipment manufacturer regularly updates.
A comprehensive set of alerts can be generated
using a radio altimeter and relative position.
Loss of Control-In-flight (LOC-I)

IATA’s definition is ‘Loss of control in-flight that is
not recoverable. During the last few years, the LOC-I
category marked 8% of all accidents. However,
it represented the highest percentage of fatal
accidents. LOC-I happens due to the lack of airplane
energy state awareness and or airplane system
state, and also airplane system malfunctioning.
Mitigations for LOC-I are IATA Training guidance,
enhanced CRM training and Go-Around Training.
IATA’s Six-Point Strategy

It presents a complete view of identifying
operational and organizational safety issues. The
key pillars of the strategy include:
● Improved technology
● Regulatory harmonization
● Training
● Awareness

Unit 9
Aviation Safety and Human

Factors
Introduction
Safety is defined as “The state in which risks associated
with aviation activities, related to, or in direct support of
the operation of aircraft, are reduced and controlled to an
acceptable level”. It is important to note that acceptable
safety performance is often defined and influenced by
domestic and international norms and culture.
Aviation Safety
As we know, hazards in the aviation sector are unavoidable
and continuously emerge. This makes this sector dynamic.
The aviation sector can be kept safe if hazards can be
identified well on time and necessary corrective measures
can be adopted. It is important to keep safety risks under
control at an appropriate level.
Progress in aviation safety is described by four Technical approach: As per this approach, the
approaches: focus is on the improvement of technical factors.

If technological improvements are made, the
frequency of accidents will reduce. This approach
Technical
and focus on technical aspects were of prime
importance till 1960.
Human Factor Approach: As per this approach,

Human factors
the focus shifted toward human beings involved
in the aviation sector contributing to safety risks
and mitigations. With advancements in technology,
the risks involved due to technical aspects were
Organizational
reduced. The focus on human factors includes the
man/machine interface. It was seen that frequent
human errors for example pilot errors contributed
as a recurring factor in accidents.
Total system
Organizational Approach: In this approach, the

focus is on organizational factors as well apart
2 Aviation Safety and Human Factors

and SMS which have contributed to a higher level
of safety maturity. Yet, the prime focus still rests
on safety performance and control within the
organization.
A lack of interfaces between service providers/

organizations leads to negative outcomes. This
can be seen from the investigation of accidents
and unfavorable incidents.
The need for safety has led to an interaction

between service providers and other components
of the system. It has also been realized that an
effective collaboration between service providers
and States helps in the generation of favorable
outcomes.
Human Factor and Safety Management

If senior management and other people in the
organization depict active involvement toward
achieving safety parameters, safety performance
can be enhanced. It is important to understand
the capabilities and limitations of people working
in a system and how they interact with each other.
The human factor is a crucial component of the

safety management system and it is necessary to processes
understand, identify and mitigate risks as well as to
● Establishment of policies and procedures to
optimize the human contributions to organizational
encourage safety reporting
safety.
● Analysis of safety data and safety information
Few of the ways through which the safety ● Clearly defined policies and procedures need to
management processes consider human factors be developed. The aim should be to optimize
are: human performance, minimize unwanted
outcomes and prevent unintentional errors
● There has to be a common understanding
between staff members and they must be
Ongoing monitoring of normal operations helps in
clear about their responsibilities to the safety
evaluating if procedures are being followed or not
management
and if not then identifying the reasons for the same.
Commitment
● and willingness of senior
management to encourage staff members to At the same time, imparting training to the staff
actively participate in the safety management makes them competent to perform their duties.
processes When these training programs are evaluated, it
● Awareness of organizational processes and helps to understand the changing needs. The
procedures management has to create an organizational culture
that addresses the right working environment and
● Availability of sufficient manpower to meet
safety culture. This will also influence the attitudes
the operational requirement to adhere to the
and behaviors of everyone in the organization.

The humans are depicted at the core of the model.
They are responsible for front-line operations.
Among all other components, the human factor
is the most unpredictable and most susceptible
to various external and internal factors such as
fatigue, temperature, noise, motivation levels, etc.
There is no doubt that humans are remarkably

adaptable, they are prone to variations in
performance. The degree of performance is not
standardized as in the case of hardware. Therefore,
other components of the SHELL model must be
adapted to be in conformity with the human factor.
Components of the SHELL Model

Software (S)
● Non-physical and intangible aspects of the

aviation system. It is the operating software of
the system which governs the operations of the
system and also how the information within the

Baseline Performance
Practical drift
Operational
deployment
Op
era
tio
na
lp
erf
orm
an
ce Accident
Figure: The Baseline (or Ideal) System Performance

Unit 10
Preparedness to Deal with

Safety/ Security Occurrences
Introduction
An emergency can be efficiently dealt only with the
cooperation and coordination with not only all the aviation
stakeholders but also local administration, surrounding
community, law and order agency, local fire services, etc.
AEP or Aerodrome Emergency Planning helps to achieve

cooperation and coordination with a set of instructions.
This ensures quick response to rescue and firefighting, law
enforcement, medical aid, security, and police services, etc.
Emergency mutual aid agreements are signed to define the
responsibilities of the contributing parties.
The given unit explains the need to prepare and where such planning will ensure the saving of
deal with various safety/security occurrences. lives and the extent of damage to aircraft. If the
aircraft has only declared an emergency, for
example, while landing due to some technical
Aerodrome Emergency Planning
glitch, if there is an emergency planning in place
In order to cope with the emergency, if it occurs and precautions taken, it can minimize the impact
at the airport or in the vicinity of the airport, the when the aircraft lands on the runway by keeping
airport operator should be prepared to meet with the Fire Vehicles ready to extinguish in case of
such a situation. The planning for such a situation an aircraft fire. Also, through emergency planning
is termed Aerodrome Emergency Planning (AEP). procedures and processes, the airport can be
put into normal operation at the earliest and
If the airport has emergency planning already in smoothly once the emergency is dealt with
place, it will enable the operator to act quickly to safely.
minimize the impact of the emergency. This is
particularly most specific to the aircraft emergency AEP ensures:
Delegation of authority
to deal with airport
emergency
Defining roles and

Transition from normal
assigning responsibilities
to emergency operations
during an emergency
in an orderly manner
Safe continuation of
Actions as per plan to be
aircraft operations
authorized by key personnel
or return to normal
operations
Promoting coordination to
handle emergencies
ICAO Annex 14 specifies the Standard and ICAO Annex 14 mandates aerodromes to establish
Recommended Practices for AEP and for the an aerodrome emergency plan at an aerodrome.
implementation guidelines refer to Airport Services
Manual (Doc 9137), Part 7. The following are the SARPS:
2 Preparedness to Deal with Safety/ Security Occurrences

The figure given here gives an overview of overall length and fuselage width of an aircraft:
The aircraft shown in the given figure is A 320/200 For the aerodrome, consider the most demanding
and the aerodrome category for the purpose of aircraft for the purpose of the aerodrome category.
level of protection is 6 for this aircraft. However, if the most demanding aircraft has less
than 900 movements in a year, you can choose one
Assume an aircraft whose length is 75m and category less than what is arrived with the most
fuselage width is 7.1m. The aerodrome category for demanding aircraft. Taking the above example, if
the length of the aircraft is Cat 9 but the fuselage the most demanding aircraft requires category 10
width for Cat 7 has to be less than 7. Whereas, for but if its movements in a year are less than 900
this aircraft, it is more than 7 and hence, for this numbers, we can go ahead with category 9 instead
aircraft, the category will be 10. of 10.

Table: Aerodrome categories – number of RFF
vehicles
Number of RFF
Aerodrome Category
Vehicles
1 1
2 1
3 1
4 1
5 1
After determining the aerodrome category for the
6 2
purpose of ARFF, we need to find out the number
7 2
of RFF vehicles and the quantity of extinguishing
8 3
agents required. These are tabulated in table 8.2.
9 3
The number of vehicles mentioned are the minimum
10 3
to be maintained for operations.

apply water from a safe distance as application of
water to Class D fire can lead to small explosions.
Response Time for ARFF Services

For the effectiveness of the firefighting operation,
the fire vehicles must reach the accident /incident
site within a reasonable time period, which should
be as quickly as possible, after receiving calls from
the ATC controller. This minimum reasonable time
has been worded as response time in ICAO SARPs.
Response time can be understood as: “the time

between the initial call to the rescue and firefighting
service, and the time when the first responding
vehicle(s) is (are) in position to apply foam at a rate
of at least 50 percent of the specified discharge
rate”.
RFF vehicles must reach the accident location at

the earliest in order to reduce the spread of fire and/
or to contain the fire and rescue the occupants of
the aircraft. The required response time is specified
in ICAO- SARPs.

The response time should not exceed three minutes access for rescue and firefighting vehicles into
to any point of each operational runway, in optimum the runway area is direct and with a minimum
visibility and surface conditions. It is advisable that number of turns
the fire stations where vehicles are stationed are
● More than one fire station may be required if
located near the most appropriate location on the
response time cannot be achieved with one fire
airside.
station (generally, due to the longer length of the
runway). When there are two fire stations one is
Some principles of SARPs are:
designated as the Main and the 2nd one as the
● All rescue and firefighting vehicles should Satellite fire station
normally be housed in a fire station
● Fire station will have a watch tower and there
● Location of a fire station should be such that the should be a direct view of the runway and

movement area without any obstructions devices. The minimum required tools, protective
clothing and respiratory equipment are also
● If there are two fire stations, the main fire station
specified in Airport Services Manual.
will have a watch tower. The satellite fire station
will have one fire vehicle and remaining vehicles
Protective clothing is required to protect the
parked in main station
firefighters from radiated heat and from injuries
arising from impact or abrasion during RFF
The emergency exits in an aircraft are of prime
operations. These are used not only during
importance. If the emergency door is to be opened
RFF operations but also during training. The
from outside the aircraft, the RFF vehicles and
specifications of these are as per the guidelines
rescue teams should have appropriate tools and
provided in ASM. Protective clothing includes:
Helmets Protective Suits
Proximity Suits Boots Gloves

Respiratory equipment is required to protect the Essentials of an effective communication system:
firefighters against gases that may be produced
● Ensure direct communication between fire
due to the burning of cabin interior materials.
stations and RFF vehicles and between the
Firefighters need to enter the cabin filled with gases
vehicles
and smoke and they require equipment of approved
● Ensure direct communication between ATC and
design.
fire stations
The firefighters are also to be competent enough, ● Ensure a direct communication system through
through training and mock drills, to wear this dedicated lines between the ATC tower and fire
equipment/clothing as quickly as possible. Effective stations as the call to the fire station originates
rescue in a survivable accident can be achieved from the ATC tower
with properly and adequately trained and retrained
● An effective alarm system to alert the fire brigade
personnel, the effectiveness of the equipment,
● PA system in fire stations in direct connection to
which is tested and trials carried out, and the speed
the ATC tower to convey details of the emergency,
with which the firefighters and equipment can be
location, type of aircraft involved, and preferential
put into action.
routing for RFF vehicles
The most important guide for the RFF vehicle drivers

It has been noticed that most of the accidents occur
is the detailed airport grid map and map to reach
on or close to the runways or in the area beyond the
the immediate vicinity of the airport. Information
runway. Therefore, emergency access roads need
that is required is topography, access roads, and
to be provided to facilitate minimum response
location of water sources. Such a map is required
time. Such a road is constructed from the runway
to be pasted in the ATC tower, fire watch tower, fire
threshold to the approach area up to 1 km distance.
station, RFF vehicles, and other supporting vehicles
To reach outside the airport from this point, a crash
like ambulances. The vehicle drivers should be
gate is provided on the fence. Adequate water
familiar with the map to identify crucial details
storage should be available at the fire stations and
and be able to drive to the location with the least
near the airport boundary at the runway ends.
difficulty.
Preventive Maintenance- ICAO SARPs require that

Guidance to the drivers includes GPS installed in
the vehicles, radio communication with ATC, and
collision avoidance facility installed in the vehicle.
Copies of the map can also be with the city fire

brigade, designated hospitals, and police for this
purpose. Coordination between the airport and
city fire brigades, hospitals, and police would also
be required and they should be part of aerodrome
emergency planning.

Unit 11
Overview of Aviation Security
Introduction
ICAO mandates that the States apply the standards as per
SARPs and make all attempts to apply the recommended
practices of SARPs. Security and facilitation go hand-in-
hand. ICAO requires States to arrange for security control
measures wherever possible with the least interference
with the activities of civil aviation to avoid any delays and
obstruct the effectiveness of security concerns. It must be
ensured that an aircraft’s turnaround time is not affected
due to security reasons and that the passengers do not get
disturbed by security precautions being taken.
The given unit gives an insight into various programs being

run to ensure proper airport security.
Aviation Security ○ Unlawful seizure of aircraft
Aviation security is implemented and managed by ○ Destruction of an aircraft in service
ICAO SARPs specified in Annex 17 and detailed ○ Hostage-taking on aerodromes or onboard

guidelines specified in Aviation Security Manual- aircraft
ICAO Doc 8973. This Doc 8973 is restricted and
○ Forceful intrusion
is not a public document. Hence, the description
○ Introduction of a hazardous weapon or any
is based on the ICAO SARPs of Annex 17 and
such device that can cause harm at the airport
practiced by the industry.
or an aircraft
Given below are the State’s objectives as per ICAO/ Misleading information to endanger the
○
Annex 17: safety of an aircraft, passengers, crew, staff
● Safety concern is the prime objective. It includes members, and others at the airport or on civil
the safety of not only the passengers but also aviation premises
the crew members, ground staff, and the general ● Develop and implement rules and regulations to
public in all matters related to safeguarding protect civil aviation against unlawful activities
against unlawful interference with civil aviation. that hamper security
The acts of unlawful interference include ● Ensure policies and procedures comply with
attempts such as: security concerns
2 Overview of Aviation Security

arrangements must be made to enhance the
sustainability of the aviation security system, Efforts
must be taken to reduce and remove duplicity. States
must also promote innovation and development
activities with respect to new security equipment,
processes, and procedures. The ultimate aim
should be directed toward the achievement of civil
aviation objectives in cooperation with each other.
National Civil Aviation Security Program

(NCASP)
ICAO mandates State:
● To establish and implement a written NCASP to

protect civil aviation operations against unlawful
interference
● Employ safety equipment where appropriate
● To designate and specify to ICAO an appropriate
and also ensure effective functionality of the
authority within its administration that holds
equipment
responsibility for the development and
maintenance of the national civil aviation security
As a part of international cooperation, which is very
program. In India, the Bureau of Civil Aviation
much required for effective security management,
Security (BCAS) is the organization (regulator)
ICAO mandates that if a State requires additional
for aviation security.
security measures in respect of specific flights
this shall comply with the State in which the airline
of the requested State is operating. For example,
secondary check requirement at the boarding gates
before boarding the passengers for specific airlines,
in addition to the primary security check.
Cooperation between the States is required so that

the exchange of information and development of
security measures concerned with the aviation
sector can be feasible. ICAO requires States to
share the audit results and corrective measures
that have been taken if any. ● To review the level of threat to civil aviation within
its scope and airspace above it. Policies should
States should also include a clause concerning be established to facilitate the assessment of
aviation security in bilateral agreements on security risks carried out by the relevant national
air transport. At the same time, collaborative authorities.

stakeholders of aviation - airports, airlines, police,
customs, and even the concessionaires at the
airport, etc. all the stakeholders are part of this
program for implementation, monitoring, and
improvement. They should be consulted, and their
cooperation is ensured. NCASP will also specify the
role and responsibility of each of the stakeholders
including appropriate authority. The program
specifies security measures planned at the aviation
facilities based on the threat evaluation. It provides
for sufficient resources and training of personnel
involved in security. The program should also specify
ICAO Doc 8973 (Restricted Doc) presents a model a process to monitor the implementation, review,
national program that is simple in structure and and evaluate its effectiveness for improvement.
content, containing national policy directives rather The program also enables communication with
than specific operational details. Implementation ICAO with reports on security-related incidents
of national policy is contained in other documents, periodically.
such as airport security programs and contingency
plans, which are attached to the national program In respect of facilities design to cater for security
as appendices. This way the national program is measures to be implemented including structural
shared with many organizations both within and capability etc., such specific guidelines and
outside the State but the sensitive implementation approval processes will be part of the program. The
guidelines are made available only to the respective exchange of information and cooperation between
organizations. States is an important aspect of security programs
that can help States while dealing with unlawful
For the development of an NCASP, a team is required interference. The above is only a brief on NCASP
to be identified with personnel having adequate and more details can be seen while working on
experience in aviation security matters. NCASP is NCASP.
developed based on Annex 17, Manual 8973, and
other ICAO docs relevant to security & facilitation Appropriate sections of NCASP are shared with
and States’ Legislations, Aviation Acts, Relevant relevant stakeholders- airports, ANS providers,
Laws (criminal, civil, etc.), Treaties between States, aircraft operators, etc. NCASP is periodically
Regulations, Memorandum of Understanding if any, reviewed in order to ensure that it is relevant with
etc. The first step of NCASP development can be respect to the security threat environment at the
writing an objective of the program. Designation time.
of an appropriate authority is essential with
an organization chart for the implementation/
National Aviation Security Committee
monitoring/ updating of the NCASP
It is mandatory as specified by ICAO that States
As the NCASP caters to the State and to all the should establish national aviation security Air-

coordinate and conduct quality control measures
utilizing Annex 17 and ICAO methodology in
accordance with approved programs.
Utilizing the principles of the ICAO TRAINAIR

methodology, the course documentation for each
ASTP contains all the material required for the
conduct of a particular course, including instructor
guides, student handout material, exercises, tests,
and training aids, the aim being that the quality
and integrity of each course remains constant
regardless of the instructor and that any instructor
competent in the aviation security discipline will
require a minimum of preparation time to deliver
the course.
There are 27 Aviation Security Training Institutes in

India established by airports and airline operators
mainly. There are eight courses conducted by these
ASTIs. The list of courses along with the number of

days of training, target group, etc. can be seen on an annual program of Regional Aviation Security
the BCAS website. Courses adapted to regional needs. ASTC for India
is the ‘Indian Aviation Academy, New Delhi. 10
BCAS also publishes a yearly training calendar for Training programs are sponsored by BCAS at ASTC
the following India.
● Testing and certification of screeners
● AvSEC basic course Airport Security Program

● ASTC course For the States, the NCASP is the document based
on which security management is performed which
includes the State’s and Service Providers’ roles,
responsibilities, and security measures among
others. The NCASP is an airport security program
for a particular airport is developed. ICAO mandates
each airport serving civil aviation to establish,
implement and maintain a written airport security
program appropriate to meet the requirements of
the national civil aviation security program. Airport
Security Program is required to be approved by the
State’s appropriate authority. The program shall
also specify the roles and responsibilities of the

airport, aircraft operator personnel, and security as per the security program.
personnel in response to unlawful interference.
In order to ensure the security measures and
The program includes procedures with dos procedures as per NCASP are implementable,
and don’ts in such events including evacuation the airport’s design shall be coordinated, and
procedures of buildings. requirements incorporated into the design in
respect of structural, architectural, and spatial
As mandated by ICAO each airport shall have requirements including new and expansion to
an authority, designated as an airport security existing airport facilities.
officer, for coordinating and implementing
security controls. The officer directly reports to
the Chief of the airport and should have adequate
knowledge and experience in aviation security
procedures, and measures as specified in the
security program and technology. The officer
conducts regular inspections, periodic audits, etc.
to ensure the security measures as per the airport
security program are implemented and whether
modifications or improvements are required. He
also shares such inspection /audit reports with
relevant organizations. He is also responsible to
initiate action in the event of unlawful interference

Aircraft Operators Security Program The chief security officer of the aircraft operator
will direct report to the corporate level officer
Similar to the airport operator, maintaining an
like the COO and will have adequate knowledge
airport security program in line with NCASP, ICAO
and experience in security management and
mandates aircraft operators to establish, implement
familiarity with aircraft and airline operations, as
and maintain a written operator security program
he is responsible for the implementation of the
that meets NCASP of that State. The aircraft
operator’s security program.
operator’s security program details the measures
for ensuring compliance to ICAO- Annex 17 SARPs
The suggested outline of the operator security
in respect of security measures for holding bags,
program is described in Doc 8973
cargo, unauthorized access to aircraft, a response
by crew/aircraft operator personnel in the event of Air Traffic Service Providers Security Program
unlawful interference, etc.
It is mandatory for air traffic service providers to
Annex 6 – Operation of Aircraft also prescribes establish and implement adequate and appropriate
that: security provisions as per the requirements of the
Operators will implement

training programs to
Pilots-in-command should
train employees to act
submit reports on acts of
in the most appropriate
unlawful interference
manner so that unlawful
interference is reduced
The flight crew

compartment door on
Availability of a checklist to passenger-carrying aircraft
describe the procedures for should be such that it can
a bomb search be locked from within the
flight deck compartment

● Those who carry out security audits, tests, Routine checks and other unpredictable security
surveys, and inspections must also be thoroughly measures are taken to keep a check on the bearing
trained as well as must possess the authority to of prohibited items. At the same time, training is
seek information and enforce corrective actions given to identify any suspicious behavior and detect
the carriage of restricted items.
● A confidential reporting system to supplement
the national civil aviation security quality control
Measures Related to Secured Areas Access in
program so that security information can be
Airport
generated and assessed
● A process to record and assess the results of States implement controlled access to the airside
the national civil aviation security quality control areas at the airport to ensure only authorized
program should be established. This will help personnel are allowed to enter. For implementing
in developing and implementing the program this preventive measure, there shall be an
effectively. identification system like an Airport Entry Permit for
the staff and other personnel who must be in these
ICAO also mandates the appropriate authorities of areas as part of their duties and responsibilities.
the State to re-evaluate controls and procedures in Such AEP will specifically mention permission to
due time and take corrective measures to prevent access the airside and other areas. The issue of
any reoccurrence of deviations and also report the AEP does not mean that it is for all airport areas,
same to the ICAO. AEP will specify permits to enter specific areas
where the holder of the permit is allowed to enter.
Carriage of Prohibited Items For the vehicles entering the airside, an entry permit
called an ‘airside vehicle permit is issued by the
The passengers and crew members are prohibited
airports for the vehicle with the registration number
to carry certain items as prescribed by the Security
of the vehicle, validity, and other details. Entry
Regulator. These include weapons, explosives, or
to such vehicles is subject to security checks for
any other dangerous devices, articles, or substances
items carried through the vehicle.
which can be used to commit any unlawful activity.
The State issues measures to prohibit the carrying
At airport security, restricted areas are to be
of such items.
established for the buildings to exercise more
control to access these areas. For example, the
passenger terminal building after the security check
will normally be designated as security restricted
area since it has direct access to the airside and
aircraft. Identification of persons entering this area
is implemented for example boarding passes of
passengers entering the gate hold area.
For staff working at the airport, i.e., other than

passengers, access to the security restricted area

is through the ‘Airport Entry Permit’ issued by BCAS Entry to the passenger terminal building is only for
specifically mentioning the areas allowed to visit for genuine passengers and the security personnel will
duty purposes. For such personnel, it is mandated check the valid boarding pass or flight ticket with
to carry out background checks before the AEP is the identity of the passengers ensured through one
issued. of the prescribed identity cards. This is the process
followed in India as per BCAS guidelines. Also,
ICAO mandates that the movement of persons randomly the baggage of the passengers can also
and vehicles to and from the aircraft shall be be screened as required. Staff on duty shall have an
supervised in security-restricted areas in order to airport entry permit issued by BCAS with areas of
prevent unauthorized access to aircraft. The items permit clearly specified.
like tools and equipment or materials carried out
into the airside or security-restricted areas will have There are some States which do not have any
to be checked either manually or through screening access restrictions for non-passengers till the
machines. The personnel will also be checked check-in area.
with metal detectors to ensure they don’t carry any
unauthorized objects into the airside or security- For the issuance of airport entry permit for the staff,
restricted areas. BCAS has specific guidelines and the permit is
issued only after the staff undergo security training
At the airside- landside interface gates with security so that they are aware of the security requirement.
equipment will be provided and such a number of Similarly, the process for issuing a temporary permit
gates will be minimized to have limited access to for the contractor’s personnel is also specified by
the airside. Security personnel will be positioned at BCAS.
such gates to ensure controlled access.
Preventive Measures Related to Aircraft
ICAO recommends the issue of identity documents
It is mandatory to implement aircraft security
to crew members. This will facilitate a valid and
checks. The concern if it is a security check
reliable basis for recognition globally, and permit
or a search will depend upon the security risk
authorized access to airside and security-restricted
assessment carried out by the relevant national
areas in accordance with the specifications set forth
authorities. A security check makes sure that any
in Doc 9303, Machine Readable Travel Documents.
item left by any of the passengers is removed from
the aircraft or otherwise dealt with appropriately
before the aircraft departure. The security checks
ensure that there are no issues and the aircraft
shall be protected from unauthorized interference
till departure.
ICAO also mandates that States will make sure that

appropriate measures and operational procedures
have been taken to lessen possible attacks using

The integrity of the screened passengers and their
cabin baggage are protected without mixing of the
passengers and cabin baggage with others not
screened. If the passenger flow is such that there is
a chance of mixing, in such cases the passengers
and their cabin baggage are to be rechecked before
boarding the aircraft.
What is the difference between transfer and transit

passengers? Transfer passenger changes to
another aircraft while traveling from airport A to C
via airport B. Whereas transit passenger takes the
same aircraft but travels from A to C via B
Man-Portable Air Defense Systems (MANPADS)

Ensure that practices are established at airports
and other weapons representing a similar threat to
and onboard aircraft to assist in the identification
aircraft at or near an airport.
and resolution of suspicious activity that may pose
a threat to civil aviation.
Preventive Measures Relating to Passengers and
their Cabin (Hand) Baggage
Preventive Measures Related to Hold (Check-in)
Ensure those originating passengers of commercial Baggage
air transport operations and their cabin baggage
Establish measures to make sure that hand
are screened prior to boarding an aircraft departing
baggage is screened before getting loaded onto an
from a security-restricted area. ICAO does not
aircraft. Just like cabin baggage, the performance
specify any particular technology for the screening
specifications of the screening equipment are
equipment. BCAS provides the specifications of the
specified by BCAS. Prohibited items are specified
screening equipment in terms of their performance
for check-in baggage, for example, power banks
in identifying prohibited items being carried into
and electronic gadgets with lithium-ion batteries
the aircraft or into the security-restricted area. The
are not allowed in check-in luggage. These are to
list of prohibited items is published by BCAS and
be kept in cabin luggage. The check-in baggage,
this undergoes change depending on the threat
like cabin luggage, is also screened and cleared
perception at the airports or some guidelines/
for loading and shall be taken care of by the carrier
practices from other states.
after getting clearance from screening. In the case
of any suspicion, the baggage shall be re-screened
Also, ensure those transfer passengers of
before being boarded on an aircraft.
commercial air transport operations and their cabin
baggage are screened prior to boarding an aircraft.
Any baggage for which no passenger is identified is
This is the practice in India and several other States
offloaded from the aircraft. In case of any luggage
but ICAO provides some conditions to exempt this
is found without a passenger detail, reconciliation
process.

is carried out either manually or through technology of these are maintained by ensuring no interference
before the flight is cleared for departure. to these, till loaded into the aircraft and departure
from the aircraft. It is important to ensure that
Generally, all the airports screen the transfer security measures are thoroughly implemented to
baggage before loading it into the aircraft even mitigate any risk involved.
though such baggage is checked in the previous
airport. Commercial air transport operators carry The operators will not accept any cargo or mail
only check-in baggage that has met the required for carriage unless screening and other security
criterion. In the case of unidentified baggage, the requirements have been duly met. Cargo and mail
relevant national authorities indulge in security risk which cannot be confirmed and accounted for
assessment. by a regulated agent or an entity that is approved
by an appropriate authority shall be subjected to
Preventive Measures Related to Cargo, Mail, and screening.
Other Goods
Merchandise and supplies are also subject to
Ensure that desired and necessary security controls
screening before loading. The same holds true
have been taken care of in case of cargo and mail
for mail to be carried. ICAO recommends and
before these are loaded onto a commercial aircraft.
establishes appropriate mechanisms for screening
Similar to check-in baggage and cabin baggage
and other security measures taking into account
once the cargo and mail are screened the integrity

the nature of the consignment.
Preventive Measures Related to Special Categories

of Passengers
A special category of passengers is a potentially

disruptive passenger who is to travel by aircraft
from one airport to another airport/country
because of judicial or administrative proceedings.
security officers must ensure that they are trained
States to develop requirements for such travel. The
personnel and specially selected government
operator’s security program shall include measures
officials. The deployment will be in accordance with
and procedures to ensure safety on board their
the concerned States and not to be disclosed. The
aircraft. The aircraft operator and pilot in command
state shall also ensure that the pilot-in-command
are informed of such passengers to be on board
is notified as to the number of armed persons and
the aircraft.
their seat location.
In the case of the carriage of weapons on board

Preventive Measures Related to the Landside
aircraft, by law enforcement officers and other
authorized persons, acting in the performance The landside areas need to be identified and security
of their duties, special authorization has to be measures must be taken care of to lessen the risks
obtained in accordance with the laws of the States and prevent possible acts of unlawful interference.
involved. The permission to allow armed personnel The Standards must be specified between relevant
to travel on board is given after the involved States departments, agencies, other organizations of the
permit to do so. In other cases, the carriage of State, and other entities to ensure compliance with
weapons is allowed only when a duly authorized landside security measures.
person confirms that the weapon is not loaded and
is stored in a place that cannot be accessed by any Doc 8973 provides guidelines for:
person during flight time.
● Surveillance of the airport- both landside and
airside, terminal buildings, and vulnerable
In-flight Security Officer: The deployment of in-flight
installations. Surveillance is through patrolling
and or using CCTV coverage for live monitoring
remotely.
● Protection of the Baggage handling system
● Parking of vehicles with minimum distance for

short-term and long-term parking
● Airport perimeter protection particularly on the

airside. Patrolling, watch towers, CCTV coverage
for remote monitoring, and automatic intrusion
detection systems.

● Procedures for the handling of unclaimed
baggage and unattended baggage.
● Vulnerable points at the airport

Unit 12
Other Security Threats
Introduction
Security threats are common in the aviation sector.
Therefore, it is imperative to undertake risk assessment
activities to mitigate risks and threats. This is to be done
in accordance with the State and airport authorities. Proper
measures have to be taken to avoid and minimize risks. With
emerging technologies, one of the risks is concerned with
cyber threats.
The given unit gives an idea about measures related to cyber

threats and how can unlawful interference can be avoided.
Measures Related to Cyber Threats

It is essential to safeguard the confidentiality, integrity, and
availability of critical information. Risk assessment activities
make sure that the data system used for the safety to prevent and minimize these unlawful activities.
of the aviation sector is protected so that the safety Mostly, efforts are taken to prevent these unlawful
of civil aviation does not suffer. interferences.
States encourage all those bodies who are involved As per Annex 17, Chicago Convention, member
with the implementation of national civil aviation states of ICAO must report to ICAO once the issue
security programs to identify critical information gets resolved.
and systems as well as understand risks and threats
that can happen and take protective measures
Prevention of Acts of Unlawful Inter
to mitigate these. The entities should design
reference
protective measures like supply chain security,
network separation, and remote access control. ICAO mandates States:
● Shall establish measures to protect an aircraft

Management of Response to Acts of when it is informed that an aircraft is subject to
Unlawful Interference unlawful interference while still on the ground,
or effectively notify the concerned airport
Acts of unlawful interference mean hampering
authorities and air traffic services before the
the safety and security of civil aviation and air
arrival of an aircraft if it has already departed.
transport. For instance, unlawful seizure of an
● Shall ensure that proper search action is
aircraft on the ground, forcible intrusion on board
implemented if it is informed that an aircraft
an aircraft, hijacking, etc. Measures must be taken
2 Other Security Threats

Unit 13
Aviation Cyber Security
Introduction
Like other industries, the aviation industry is also going
towards a high degree of digitalization for ease of working,
improved efficiency, reliability, faster processing, and quicker
& easier retrieval of data when required. A high degree of
digitalization is adding hazards as there is an interface of
the system with people and this makes the risk harder to
predict. Thus, the benefit of cyber technologies comes
with increased insecurities and may affect all systems and
infrastructures. The impact of cyber threats and cyber-attack
is not restricted to the home country as the systems are
interconnected globally. This aspect adds to the complexity
and such attacks have wide implications for various industry
players across the globe.
Aviation Cyber Security ● Border control system
As per IATA, aviation cyber security is defined

It is known that the aviation industry is an attractive
as cyber security relating to aircraft and airport target to create wide publicity if impacted and this
operations. The aviation industry uses information is true for cyber-attack also. When the industry is
technology and communication (ITC) systems impacted by such attacks, it affects the confidence
extensively and the systems of the various and trust of the public and stakeholders.
stakeholders are interconnected for information
sharing and control & coordination. An example could be given stating the incident
which occurred at Ataturk Airport and Sabiha
Some examples of the systems are: Gokcen International Airport in Istanbul, Turkey, in
● Communication system used by airlines, airports, the year 2013 when the passport control process
air traffic controllers, and ground handlers. got affected and resulted in massive queues and
delays for passengers.
● Passenger-related systems like check-in system,
baggage handling system, reconciliation of
ICAO has initiated steps to develop a solid
pax and baggage, flight information system,
cybersecurity framework. The purpose is to protect
passenger manifesto, and biometrics data.
the critical infrastructure of civil aviation, safeguard
● Air navigation system IT and communication systems and prevent
operational data against cyber threats. The 40th
● Airport systems
Session of the ICAO Assembly adopted Assembly
● Operational & financial database
Resolution A40-10 – Addressing Cybersecurity in
● Security screening, aircraft docking system Civil Aviation.
2 Aviation Cyber Security

respect to data transfers, system architectures, surveillance, and other crucial disciplines.
confidentiality of data, system monitoring, etc.
ICAO’s Aviation Cyber Security Strategy aligns with
Develop ICAO’s cybersecurity framework.
○
ICAO activities concerned with cyber security. The
Establish coordination and cooperation
strategy is supported by IATA and adopts a series
between various areas. Develop a horizontal,
of principles and actions. These measures and
cross-cutting and functional approach
actions are contained in a framework built on seven
involving air navigation, communication,
pillars:
Civil Aviation Cyber Security Plan has been For example, if a commitment is to develop a
signed by ACI, ICAO, Civil Air Navigation Services common understanding of cyber threats and risks,
Organization (CANSO) and IATA. It can be said to it can be described as:
be a blueprint to describe commitments with time
horizon, task and deliverables.

Short Term (0–6 Mid Term (6–12 Long Term (12–18
Commitment
months) months) months)
Develop a common Task- Develop and Deliverable- 2015 Task- Continue to review
understanding of cyber provide input to common Aviation Security Panel and communicate
threats and risks risk and threat matrices Paper threats, update threat
and risk analysis
Deliverable- First draft Deliverable- Input to
input to threat and risk ICAO working group on
analysis threat and risk and ECAC
risk assessments
Similarly, other commitments could be: defensive systems, as appropriate
● Share assessment of risks

Contribution of IATA to the same can be explained
● Agree common language and terminology
as:
● Develop joint positions and recommendations
● In the 40th ICAO Assembly, IATA presented
● Present to the public a joint, consistent and the Information Paper- Aviation Cyber Security
coherent approach to management of cyber Moving Forward to explain the need for a
threats and risks. proactive and coordinated approach to manage
aviation cyber security risks
● Promote cooperation among state-level
appropriate authorities and industry to establish ● IATA participated in the Second High- Level
coordinated aviation cyber security strategies, Conference on Aviation Security in November,
policies and plans. 2018.
● Promote a robust cyber security culture in all ● IATA is a signatory to ICAO Civil Aviation Cyber
organizations in civil aviation. Security Plan
● Promote the use of existing information security, ● IATA has a well-established Aircraft Cyber
cyber protection standards and design principles, Security Task Force (ACSTF). ACSTF contributes
and establish new ones where necessary. in establishing dialogues and develop
understanding among the stakeholders in
Establish the mechanisms and means to
●
aviation sector.
share and communicate information including
identification of threats, reporting of incidents ● IATA Security Advisory Council (SAC) advises
and developments in defenses. and guides IATA to deal with cyber challenges.
● Communicate threat-related information and

An aviation cybersecurity roundtable took place
assure situational awareness
in Singapore in April 2019 to allow stakeholders
● Refine best practices, operational principles and

explore the challenges and discuss the measures
that need to be taken.
An Aviation Cyber Security Training Program also

takes place for a duration of 3 days to impart
knowledge and training to aviation personnel to
understand and manage cyber risks.
Thus, IATA always participates actively against

cyber threats and engages with members, industry
leaders and stakeholders to clearly communicate
its role and vision in global aviation cyber security.
Summary
As per IATA, aviation cyber security is defined
as cyber security relating to aircraft and airport
operations. The aviation industry uses information
technology and communication (ITC) systems
extensively and the systems of the various
stakeholders are interconnected for information
sharing and control & coordination.
The Civil Aviation Cyber Security Plan has been

signed by ACI, ICAO, Civil Air Navigation Services
Organization (CANSO) and IATA. The plan serves
as a road map to describe commitments with
time horizon, task and deliverables. It needs to
be understood, that like other prime sectors, the
aviation sector too faces severe cyber threats and
thus adequate measures must be taken to fight
against cyber threats and risks.

Unit 14
Transportation of
Dangerous Goods
Introduction
Dangerous Goods
The goods or items that can hamper safety and
pose a risk to life, health, or property are dangerous
goods.
Annex 18 deals with the Safe Transport of Dangerous

Goods by Air and sets down broad principles (as
per Annex 18) that States are required to abide by. It
is the responsibility of States and concerned airport
authorities to make sure that the goods specified
as dangerous as per ICAO have to be carried in
compliance with the stated requirements.
Annex 18 includes the following:
● Definitions of terms More than fifty percent of cargo being carried by

all modes of transport comprises of dangerous
● Applicability
goods. These include explosives, flammable goods,
● Classification
radioactive goods, toxic items, etc. These goods
2 Transportation of Dangerous Goods

Hazard Classes nine hazard classes. These are used for all modes
of transport. The classes can be specified as:
The United Nations Committee of Experts defines
Technical Instructions improved by the detailed specifications of the

Technical Instructions for the Safe Transport of
It is expected of the contracting states to ICAO
Dangerous Goods by Air (Doc 9284).
to abide by the ICAO requirements and legally
recognize these. The provisions of Annex 18 are

Annex 18 mandates that “Each Contracting State
shall take the necessary measures to achieve
compliance with the detailed provisions contained
in the Technical Instructions. Each Contracting
State shall also take the necessary measures to
achieve compliance with any amendment to the
Technical Instructions, which may be published
during the specified period of applicability of an
edition of the Technical Instructions”.

of any mishappening, they must quickly inform
the State in which the accident occurred about
the type of goods and where were these located.
The operators must also inform the concerned
authorities about any accident or unpleasant
incident. States at the same time have specified
procedures to investigate such occurrences.
The technical instructions also specify the training

requirements for all those who are involved in
consigning, handling and carrying dangerous
goods, and cargo and passenger baggage. It is
essential to maintain training records and refresh
training activities at two-year intervals.
The shippers and airline operators have specific

responsibilities. The shippers have to ensure that
all those responsible for preparing consignments
of dangerous goods must be thoroughly trained
to do so, else any other organization with trained

Likewise, the commodity mentioned as Acetone
cyanohydrin, stabilized is prohibited in both
passenger aircraft and cargo aircraft.
Talking about India, DGCA / India is the regulatory

authority for the transportation of dangerous goods
by air. The Aircraft (Carriage of Dangerous Goods)
Rules, 2003 is very specific to India. DGCA has
published CARs for approval of dangerous goods
training program, Guidelines and Procedure for
Dangerous Goods Inspections, Grant of approval to
carry dangerous goods by air and Secondment of
Dangerous Goods Inspectors.

Unit 15
Safety and
Security Audits
Introduction
USOAP assesses the capabilities of the states in As of Dec 2017, ICAO has audited 185 Member
providing safety and analyzing if the states are States, from both the Comprehensive Approach
managing and effectively implementing the critical (CSA) and the Continuous Monitoring Approach
elements (CEs) of a safety oversight system or not. (CMA) cycles representing 96% of all Member
States responsible for the safety oversight for 99%
Safety performance can be effective only when the of all international air traffic.
concerned personnel is competent enough and
adequately trained to ensure SARPs compliance. USOAP Comprehensive Systems Approach (CSA)
Thus, USOAP by ICAO is to audit the safety oversight includes safety-related provisions contained in all
capabilities of the State. safety-related Annexes to the Chicago Convention.
These audits help ICAO to assess Member

Continuous Monitoring Approach
States’ safety oversight capabilities. Further,
(CMA)
the result of these audits helps to generate a
more comprehensive analysis of aviation safety CMA uses a web-based platform to monitor the
concerning effectiveness and development. safety oversight systems of states. The “Online
Framework” (OLF) validates States’ progress
These audits are tailored to the level of complexity through various on-site and off-site validation
of aviation activities in the State to be audited. activities. The platform also assesses the
Timings, the duration of audits, and the size and effectiveness and sustainability of States’ safety
composition of the audit teams are determined oversight systems through audits. CMA proves
through a review of the information submitted by cost-effective, dynamic, and flexible system for
the State. assessment.
2 Safety and Security Audits

resources.
● The State's appropriate authority must have

aviation security regulatory functions, objectives,
and policies. It must develop and maintain an
effective National Civil Aviation Security Program,
National Civil Aviation Security Training Program,
and National Civil Aviation Security Quality Control
Program. It must also ensure the declaration and
application of relevant regulations, the allocation
of tasks, and the coordination of responsibilities
between government agencies.
CE-4: Personnel Qualifications and Training
● To provide measures to meet the minimum

knowledge and experience requirements for
technical personnel performing State aviation
security oversight and regulatory functions.
● Provision of appropriate training to the concerned

staff members to maintain and enhance their

competence. the relevant activities like certification of
screeners and the approval of security programs.
● Requirements for and provision of training to
the aviation industry on the implementation of
CE-7: Quality Control Obligations
applicable aviation security requirements.
● Processes like audits, inspections, surveys,
CE-5: Provision of Technical Guidance, Tools, and and tests make sure that aviation security
Security Critical Information entities meet the established requirements
and work efficiently to comply with the set
● Provision of necessary technical guidance, tools,
levels. Continuous monitoring of the concerned
and security-critical information to technical
personnel performing security oversight
personnel so that they can perform security
functions is also covered under audits and
oversight functions as desired.
inspections.
Provision
● of technical guidance on the
implementation of applicable regulations by the
CE-8: Resolution of Security Concerns
appropriate authority.
● Implementation of processes and procedures
to deal with identified deficiencies, including the
CE-6: Certification and Approval Obligations
ability to:
● Implementation of processes and procedures
○ Analyze security deficiencies.
so that personnel and organizations engaged in
aviation security activity meet the established Provide
○ recommendations to prevent
requirements before they are allowed to conduct reoccurrence.

○ Track rectification. and define remedial strategies. However, in terms
of human performance, accidents yield data that
○ Respond to acts of unlawful interference.
depicts actions and decisions that failed to achieve
● Ensure the effective implementation of corrective
a successful compromise between production and
actions and take enforcement action when
protection.
appropriate.
Accident investigation concentrates on failures.

Line Operations Safety Audit (LOSA) LOSA advocates a better understanding of the
success stories to check their implication as a part
LOSA is a program to manage human error. It is
of remedial strategies. However, the contribution of
a critical organizational strategy that develops
accident investigation is in no way less. It remains
countermeasures to operational errors. LOSA is an
the base point to uncover unanticipated failures
organizational tool that not only identifies threats to
in technology or rare but strange events. Accident
aviation safety but also lessens the risks incurred
investigation also provides a framework: if only
by such threats. It also manages human error in
normal operations were monitored, defining unsafe
operational contexts. LOSA provides a principled,
behaviors would be a task without a frame of
data-driven approach to prioritize and implement
reference. Therefore, a proper investigation helps
actions to enhance safety.
to know how specific behaviors can combine with
specific circumstances to generate unstable and
Let us compare the incident investigation/accident
likely catastrophic scenarios.
investigation with LOSA. Investigation of an accident
to understand human performance is a reactive
One of the reactive /proactive strategies is the
strategy. It helps to understand human performance
incident investigation apart from training, safety

audits, and Flight Data Recording. An incident underlying human error rather than taking errors at
investigation is a tool that gives information on face value.
operational human performance with the help of
incident reporting. Incidents tell a more complete To understand the mechanisms underlying errors
story about system safety than accidents do in operational environments, defects in system
because they signal weaknesses within the overall performance taken through incident reporting
system before the system breaks down. should be considered as symptoms of mismatches
at deeper layers of the system. These could be
It is believed that incidents precede accidents. A shortages in training systems, flawed person/
common understanding is that numerous incidents technology interfaces, poorly designed procedures,
of one kind take place before an accident, and corporate pressures, poor safety culture, etc. The
eventually an accident of the same kind occurs. value of the data generated by incident reporting
Incident reporting cannot completely reveal the systems lies in the early warning about areas of
human contribution to successes or failures in concern, but such data do not capture the concerns
aviation and how remedial strategies can be themselves.
improved to enhance human performance, but it
is certainly better than accident investigations to LOSA is a proactive strategy. It focuses on
understand system performance. However, the proposing countermeasures against human
challenge is about understanding the processes error, and monitoring of normal line operations.

Periodic monitoring of routine flights is, essential errors. If the negative consequences of an error
as a proactive measure and indirectly involves are caught before they produce damage, then the
measurement of all aspects of the system, allowing error is inconsequential. In operational contexts,
the identification of areas of strength and areas errors that are caught in time do not produce
of potential risks. On the other hand, an incident negative consequences and therefore, for practical
investigation tries to fix the symptoms of problems, purposes, do not exist. Countermeasures to error,
possibly serious, possibly not. training activities should try to make these errors
visible before they produce negative consequences.
Accident investigations are conducted after an This is the essence of error management “human
unfortunate happening has occurred. However, error is unavoidable but manageable”. Thus, Error
there is a need to adopt a positive measure to Management is at the heart of LOSA.
protect against accidents rather than simply regret.
LOSA takes the help of an expert and highly trained
Error is a normal component of human behavior observers to collect data about flight crew behavior
and cannot be completely avoided, but can be and situational factors on “normal” flights. The
minimized. The same holds for technology. There audits are conducted under no-risk conditions;
might be events when technical errors occur therefore, flight crews are not held accountable
either due to malfunctioning or mishandling. Thus, for their actions and the errors that are observed.
errors will continue to be a factor in operational During flights that are being audited, observers
environments because it simply is the downside identify the probable safety threats and reasons for
of human cognition. However, the issue arises the same. They also observe how these threats are
due to negative consequences as a result of these addressed and the errors being generated. Further,

observations are made about the role of crew human error in aviation operations and developed
members in managing these errors; and specific an operational partnership with The University of
behaviors that have been known to be associated Texas at Austin and Continental Airlines.
with accidents and incidents.
ICAO acts as an enabling partner in the LOSA
LOSA is closely linked with Crew Resource program and promotes LOSA internationally.
Management (CRM) training. Since CRM is
essentially error management training for The full LOSA process, from planning and observer
operational personnel, data from LOSA form the selection and training to data collection, analyses,
basis for contemporary CRM training refocus and/ and final report, can take between 6 and 12 months.
or design, known as Threat and Error Management LOSA is recommended every 3 years.
(TEM) training.
LOSA searches for system safety performance, its
Data obtained from LOSA gives a clear picture of strengths, and weaknesses.
system operations. This picture acts as a guideline ● Strengths (+): Thick, no-hole cheese slices/
to plan strategies concerning safety, training, sections.
and operations. LOSA uses examples of superior
● Weaknesses (-): Location and hole sizes in the
performance as models for training so that training
cheese.
interventions can be reshaped and reinforced based
on successful performance positive feedback. This Measure:
● Flight crew Threat and Error
is essentially required to prevent accidents and Management (TEM) performance.
adverse incidents. ● Method: Jump seat observations in regular,
normal flight operations.
The initial research/project definition was a joint
attempt between The University of Texas at Austin
Human Factors Research Project and Continental Safety and Production
Airlines, with funding provided by the Federal Aviation The compromise between production and safety
Administration (FAA). In 1999, ICAO endorsed LOSA is quite complex. Humans can however effectively
as the primary tool to develop countermeasures to apply the right mechanisms to successfully achieve
this balance, hence, the extraordinary safety record
of aviation.
However, there might be times and situations when

humans Humans mismanage or do not assess
tasks correctly. This can disrupt the balance which
can further lead to safety breakdowns.
Understanding the human contribution to

successes and failures in aviation can be better

achieved by monitoring normal operations, rather integrity of LOSA within an airline and the industry
than accidents and incidents. as a whole. This can be done by collecting all
observations with voluntary crew participation.
The Line Operations Safety Audit (LOSA) is the The quality of LOSA data depends upon on pilot’s
vehicle endorsed by ICAO to monitor normal trust in the methodology and acceptance of the
operations. observer.
Before conducting LOSA observations, an

Operating Characteristics of LOSA observer must take the permission of the crew
members being observed. The crew has the
LOSA is defined by ten operating characteristics:
option to decline, and no questions can be raised
● Jump-seat observations during normal flight for the same. The observer simply approaches
operations: LOSA observations are limited to another flight crew on another flight and asks
regularly scheduled flights. for their permission to be observed. If an airline
● Joint management/pilot sponsorship: LOSA can receives an unreasonably high number of
be implemented effectively if both management refusals by crews for LOSA to be conducted, it is
and pilots (through their professional an indication that the airline is facing trust issues
association, if it exists) support the project. The and these are to be dealt with first.
joint sponsorship will not only keep a check but ● Targeted observation instrument: The current
also balance the project. data collection tool to conduct a LOSA is the
● Voluntary crew participation: If long-term LOSA Observation Form. It is not critical that an
success is desired, it is important to maintain the airline use this form, but whatever data collection
Jump-seat observations during Trusted, trained and calibrated

01 06
normal flight operations observers
Joint management/ Trusted data collection

02 07
pilot sponsorship site
LOSA is defined
Voluntary crew Data verification
03 by ten operating 08
participation roundtables
characteristics:
Targeted observation Data-derived targets

04 09
instrument for enhancement
De-identified, confidential, and Feedback of results to the line

05 10
safety-minded data collection pilots

instrument is used needs to target issues pilots, safety pilots, management pilots, members
that affect flight crew performance in normal of Human Factors groups, and representatives of
operations. the safety committee of the pilots’ organization.
● De-identified, confidential, and safety-minded There can be external observers also who are
data collection: LOSA observers are asked not not affiliated with the airline. These observers
to record names, flight numbers, dates, or any can serve as an anchor point for the rest of the
other information that can identify a crew. In observers.
case this level of secrecy is not performed,
The observers have to be trained and regulated
disciplinary actions can be taken. LOSA has to
to conduct They must be aware of the use of the
collect safety data, and not punish pilots or other
LOSA rating forms and, particularly, the concepts
crew members. Airlines cannot lose a unique
of threat and error management.
opportunity to get an insight into their operations
● Trusted data collection site: Airlines must
by having pilots fearful that a LOSA observation
maintain confidentiality. Therefore, airlines must
could be used against them for disciplinary
have a trusted data collection site. Currently,
reasons.
all observations are sent off-site directly to
● Trusted, trained and calibrated observers:
The University of Texas at Austin Human
Primarily, pilots conduct LOSAs. Observation
Factors Research Project, which manages the
teams will typically include line pilots, instructor
LOSA archives. This ensures that no individual
observations will be misplaced or improperly know the results as well as the plan of action and
circulated through the airline. improvements as suggested. It has been seen
that pilots usually welcome suggestions and
● Data verification roundtables: Data-driven
implement the same if results are fed back in an
programs like LOSA require quality data
appropriate manner.
management procedures and consistency
checks. For LOSA, these checks are done at
Take Away from LOSA
data verification roundtables. A roundtable
consists of three or four department and pilots’
LOSA observations indicated that 85 percent of
association representatives who scan the raw
errors committed were inconsequential. This
data for inaccuracies.
depicts:
● Data-derived targets for enhancement: The
● The aviation system possesses very strong and
final product of a LOSA is the data-derived
effective defenses. LOSA data allows a principled
LOSA targets for enhancement. As the data are
and data-driven judgment of which defenses
collected and analyzed, patterns emerge.
work and which do not, and how well defenses
Certain errors are quite frequent. Likewise, fulfill their role.
certain airports or events create more issues
Pilots
● intuitively develop Adhoc error
than others, certain SOPs are routinely ignored
management skills. So it is important to
or modified, and certain exercises can be more
understand what pilots do well to promote safety
difficult than others.
through organizational interventions, such as
LOSA identifies such patterns, and it is then up improved training, procedures, or design, based
to the airline to develop strategies to implement on this “positive” data.
necessary changes. After two or three years,
the airline can re-conduct LOSA to check if the
changes and other necessary adjustments have SUMMARY
been fruitful or not. Safety auditing is a core safety management activity,
● Feedback of results to the line pilots: After the providing a means of identifying potential problems
completion of LOSA, the airline’s management before they have an impact on safety. It was in the
team and pilots’ association must communicate year 1999 that ICAO’s Universal Safety Oversight
LOSA results to the line pilots. Pilots wish to Audit Programme (USOAP) was launched.
USOAP assesses the capabilities of the states in

providing safety and analyzing if the states are
managing and effectively implementing the critical
elements (CEs) of a safety oversight system or not.
As of Dec 2017, ICAO has audited 185 Member
States, from both the Comprehensive Approach
(CSA) and the Continuous Monitoring Approach
(CMA) cycles representing 96% of all Member

States responsible for the safety oversight for 99%
of all international air traffic.
USOAP Comprehensive Systems Approach (CSA)

includes safety-related provisions contained in all
safety-related Annexes to the Chicago Convention.
CMA uses a web-based platform to monitor the
safety oversight systems of states. The “Online
Framework” (OLF) validates States’ progress
through various on-site and off-site validation
activities.
Another security audit program introduced by ICAO

is called USAP. It is similar to the Safety Audit
program of ICAO.
LOSA is a program to manage human error. It is

a critical organizational strategy that develops
countermeasures to operational errors. LOSA is an
organizational tool that not only identifies threats to
aviation safety but also lessens the risks incurred
by such threats. LOSA is closely linked with Crew
Resource Management (CRM) training. Since
CRM is essentially error management training for
operational personnel, data from LOSA form the
basis for contemporary CRM training refocus and/
or design, known as Threat and Error Management
(TEM) training.

Unit 16
Security Audits

By the end of this unit, you will be IOSA is an evaluation and assessment system that helps
able to: assess an airline's operational management and control
● Examine IATA Operational Safety systems. It is internationally recognized and conducts audits
Audit (IOSA) in a structured and standardized manner.
● Describe sources for IOSA

The given unit gives a brief description of IOSA and ISARPs.
Standards and Recommended
Practices (ISARPs)
IATA Operational Safety Audit (IOSA)
● Discuss management commitment
and auditor actions IOSA is an evaluation system to assess an airline's
operational and control systems. IOSA is approved and
recognized globally. It is a standardized procedure that
is accepted worldwide. The IOSA audit system prevents
redundancy in audits and proves cost-effective for IOSA-
participating airlines. All IATA members are IOSA which is an increase of 7% from the previous year.
registered and have to remain so to continue with
IATA membership. IATA in its safety reports for 2018 mentions that
Airlines on the IATA Operational Safety Audit (IOSA)
IOSA is recognized globally. As per the figures performed better than those that were not on the
obtained for December 2018, there were 432 airlines registry. The IATA Operational Safety Audit (IOSA)
on the IOSA registry, out of which 139 were non- program reduces the burden on the industry by
IATA members. Thus, non-IATA member airlines representing a global standard that is utilized by
also participate in the IOSA. During the year 2018, numerous regulators to complement their oversight
over 1,400 IOSA Audit Reports were exchanged, activities on commercial operators.
Benefits for Airlines and Regulators
Continuous upgradation Reduction in audit

Quality audit program of standards to reflect redundancy, costs,
under IATA regulatory revisions and and audit resource
best practices requirements
Structured audit Qualified training Qualified audit

methodology, organizations with auditor organizations with trained
standardized checklists training courses and qualified auditors
The IOSA Standards Manual (ISM) published by is ISM used as the source of assessment criteria
IOSA provides IOSA standards, recommended to be utilized by auditors when conducting an
practices (ISARPs), associated guidance material, audit against the ISARPs. The ISM also helps an
and other supporting information. This prepares operator to structure its operational management
the organizations for audit purposes. ISM also and control systems in conformity with the latest
facilitates a uniform audit of the airlines since it industry operational practices.
2 Security Audits
The ISM is organized as follows:
SECTION 1 SECTION 2
Organization and Management System

Flight Operations (FLT)
(ORG)
SECTION 3 SECTION 4
Operational Control and Flight Aircraft Engineering and Maintenance

Dispatch (DSP) (MNT)
SECTION 5 SECTION 6
Cabin Operations (CAB) Ground Handling Operations (GRH)
SECTION 7 SECTION 8
Cargo Operations (CGO) Security Management (SEC)
Sources for IOSA Standards and Recommended or indirectly to the air operator.
Practices (ISARPs)
The safety and security requirements published in Management Commitment

the Annexes to the Convention on International Civil
The Operator shall have a corporate safety policy
Aviation (ICAO Annexes) are the primary sources
that:
for specifications contained in the ISARPs. Safety
and security requirements in the ICAO Annexes ● Reflects the organizational commitment
used as the basis for ISARPs are applicable directly regarding safety, including the promotion of a
3 Security Audits
positive safety culture.
● Includes a statement about the provision of the

necessary resources for the implementation of
the safety policy
● Is communicated throughout the organization.
● Is periodically reviewed to ensure continued

relevance to the organization
Auditor Actions
● Identified/Assessed corporate safety policy
● Interviewed SMS manager and/or designated

management representative
● Examined examples of corporate communication:

Coordinated to verify communication of safety
policy in all operational areas.
● Other Actions (Specify).
Summary
IOSA is an evaluation system to assess an airline's
operational and control systems. IOSA is approved
and recognized globally. The IOSA audit system
prevents redundancy in audits and proves cost-
effective for IOSA-participating airlines.
The safety and security requirements published in

the Annexes to the Convention on International Civil
Aviation (ICAO Annexes) are the primary sources
for specifications contained in the ISARPs.
4 Security Audits

Aviation Safety and Security Management

Uploaded by

Copyright:

Available Formats

Aviation Safety and Security Management

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Aviation Safety and Security Management

Uploaded by

Copyright:

Available Formats

What are the main roles and responsibilities of ICAO, IATA and other regulators?

What are the main roles and responsibilities of ICAO, IATA and other regulators?

What are the main components of IOSA?

What are the main components of IOSA?

UNIVERSITY OF TOMORROW

Aviation Safety and

Introduction to Aviation Safety

Learning Objectives Introduction

● Describe safety management

● Explain safety statistics

● Discuss economic benefits of

● Know security management

● Explain global aviation and security

IATA which represents the airline industry has inspects

regulators, whose publications, advisory circulars,

1. Issuance of SARPs including amendment 1 to

● Airport infrastructure related such as failure of

● Obstacles in or around the airport resulting in

Economic Benefits of Aviation Safety

An effective security system can be implemented

It must be taken care that the security measures

It is assumed that the traffic growth will get double

2 Overview of Safety Management

Activities for the functions

Monitor and Measure

6 Overview of Safety Management

● It strengthens the safety culture.

● It assures safety with a documented, and

● It helps to understand safety-related interfaces

● It can help in the early detection of safety hazards.

● It ensures that safety is the prime

● Possible financial savings through reduced

● Cost avoidance due to reduced accidents and

The Safety Management System provides a

7 Overview of Safety Management

● the code number is 1 or 2 and the runway is an

3 State Safety Program (SSP)

8 State Safety Program (SSP)

● Unstabilized approach while visual approach.

objective for this safety priority is “reduce the ● Runway excursion.

9 State Safety Program (SSP)

State Safety Program

Learning Objectives Introduction

● Decribe components and elements

● Discuss SMS Gap analysis, and

2 Safety Management System (SMS)

Management Commitment is the core of SMS and

3 Safety Management System (SMS)

● Chairs the safety review meetings to reinforce

4 Safety Management System (SMS)

Safety Risk Management

Learning Objectives Introduction

● Explain hazard identification

Safety Risk Severity

It is essential to assess the severity of risks with respect to

2 Safety Risk Severity

3 Safety Risk Severity

To get the safety risk index rating, the results of

pose extremely adverse effects and therefore it is

4 Safety Risk Severity