Regulatory Brief

Regulatory Brief: TSA NPRM Aircraft Repair station security

The issue

The Transportation Security Administration (TSA) has issued a notice of proposed rulemaking (NPRM) affecting security at both foreign and domestic Federal Aviation Administration (FAA) Part 145 certificated repair stations. 

Why is this important?

According to the FAA, there are 4,227 domestic repair stations and 694 repair stations outside of the United States. Approximately 3,000 U.S. repair stations are not located on an airport. 

This NPRM, as proposed, would create regulations requiring all FAA-certificated repair stations to implement certain security policies and infrastructure. TSA would require these repair stations to adopt and carry out a security program, verify repair station employees, and establish a security coordinator to serve as point of contact.  The TSA would have the authority to conduct inspections and require the FAA to suspend or revoke the certificate of any non-compliant repair station.

Summary

TSA is proposing regulations to:

  • Codify TSA’s inspection authority
  • Allow TSA and DHS officials to enter, inspect, audit, and test property, facilities, and records of the repair station.
  • Require each repair station to comply with TSA Security Directives.
  • Establish a notification procedure to the FAA, so that a certificate can be suspended or revoked if a deficiency is found or an immediate risk to security exists.
  • Add a new Part 1554, entitled, “Aircraft Repair Station Security”.  The new part would require both foreign and domestic repair stations to establish and carry out a standard security program (SSP).  The SSP would be required to describe:
    • Access control methods for the repair station, aircraft, and/or aircraft components
    • Measures implemented for identifying individuals with access to repair station, aircraft and/or aircraft components.
    • Challenge procedures for unauthorized individuals
    • Method for providing security awareness training (intial and recurrent)
    • Means used to verify employee background information
    • The name of the designated security coordinator for the repair station
    • A contingency plan
  • Require repair stations to submit a profile to the TSA to aid in determining the appropriate security requirements for the facility. The information required in the profile would include:
    • Identification of the repair stations, such as FAA certificate number, repair station name as it appears on the FAA certificate, and repair station address.
    • Description of location (on or adjacent to an airport, off airport in a business location, off airport private residence).
    • Security coordinator who will serve as the TSA point of contact.
    • If on an airport, the name and three letter designator of the airport.
    • Total number of employees.
    • Number of employees authorized unescorted access to aircraft over 12,500 MTOW.

The TSA recognizes that “a one size fits all” approach would not appropriately address the diversity in repair station characteristics.  The NPRM acknowledges that security measures and requirements would vary depending on the differences in repair station location (on/adjacent or off an airport), the size of aircraft repaired, the type of repair work, and number of employees at the repair station.  TSA believes, “ that repair stations should have some flexibility regarding the particular equipment, facilities, and measures that would be listed in the standard security program and used to comply with the proposed regulations.”

Additionally, the TSA determined that repair stations located on airports that only serve aircraft with a maximum takeoff weight (MTOW)  of  12,500 lbs or less would pose less of a security risk and, therefore, would not be required to meet the same security requirements as repair stations on airports serving larger aircraft.  The TSA is also proposing to exempt FAA-certificated repair stations located on active military installations.

TSA states, “If the repair station is already incorporated within an airport’s security program and uses the airport’s access control measures, TSA will consider the repair station to be in compliance with the security measures proposed…”

Background

This NPRM is proposing to issue regulations to improve the security of repair stations as required by the Vision 100-Century of Aviation Reauthorization Act.  TSA had previously released a request for comments for repair station security in early 2004.  AOPA provided comments requesting that General Aviation repair stations be exempt.  These comments can be viewed online.

While this new NPRM does not exempt general aviation repair stations, it does acknowledge that a “one size fits all” approach will not work. 

AOPA’s position

The 415,000 members of AOPA are committed to taking appropriate steps to enhance GA security when reasonable measures are proposed. General aviation repair stations certificated under Part 145 would be affected by this proposed rule. AOPA is currently reviewing the NPRM and seeking member input as we formulate our position and formal comments. We are glad that TSA has recognized that a "one size fits all" approach will not work for all repair stations, but remain firm that TSA should not extend regulatory oversight to those airports not currently governed. Additionally, we want to ensure that these mandates are justified and address actual security threats.   

For additional information and guidance on how to submit your own comments, view this Subject Report or contact the AOPA Pilot Information Center at 1-800-USA-AOPA or pilotassist@aopa.org.

Status

NPRM Released on November 17, 2009, Dock No. TSA-2004-17131. 60 day comment period.