Air traffic management (ATM)

Regulations concerning ATM can always be found at EASA Website under the following link: 

https://www.easa.europa.eu/regulations#regulations-atmans----air-traffic-managementair-navigation-services

Yes. The consolidated version (Easy Access Rules for Air Traffic Management/Air Navigation Services (ATM/ANS)) can be found under the following link:

https://www.easa.europa.eu/document-library/general-publications/easy-access-rules-air-traffic-managementair-navigation

NPAs and CRDs are part of the Agency's rulemaking process to inform and consult stakeholders about possible rule changes or newly developed rules. The proposed rules, (provided in an NPA), are obviously not binding and still subject to change, either during the EASA rulemaking process or the Commission's comitology process. While a NPA and CRD may give a broad indication on how the future rule could look like, the Agency generally does not recommend using them before the final rules are published.

Reference: Regulation (EU) No 2017/373
The Cover Regulation includes the first 10 articles of the referenced Regulation, which:

• explain the principles and considerations of the legislator when adopting the regulation (the 'whereas' clauses);
• define the regulation's objective and scope including to whom/what the regulation and its annexes apply;
• establish the applicability and enter into force dates, including any grandfathering and transition measures for the adaptation to the new rules.

Reference: Regulation (EU) No 2017/373

When Regulations are published in the Official Journal of the European Union they invariably include several dates. The date of entry into force is usually expressed as the 20th day following publication of the Regulation in the Official Journal of the European Union. It means that the EU rules have been adopted and published - thus producing legal effects - but are not necessarily mandatory on the date of entry into force. The date when they become mandatory is the date of applicability.

The Regulation (EU) No 2017/373 entered into force on 21 March 2017 and the dates of applicability are specified in Article 10.

The services included in the definition of ATM/ANS are schematically represented in the picture below.

The main regulations governing ATM/ANS are the Basic Regulation 2018/1139 and the Single European Sky framework package, consisting of:

• Regulation (EC) No 549/2004 of the European Parliament and of the Council of 10 March 2004 laying down the framework for the creation of the single European sky (the framework Regulation);
• Regulation (EC) No 550/2004 of the European Parliament and of the Council of 10 March 2004 on the provision of air navigation services in the single European sky (the service provision Regulation);
• Regulation (EC) No 551/2004 of the European Parliament and of the Council of 10 March 2004 on the organisation and use of the airspace in the single European sky (the airspace Regulation); and
• Regulation (EC) No 552/2004 of the European Parliament and of the Council of 10 March 2004 on the interoperability of the European Air Traffic Management network (the interoperability Regulation).
  • Amended by Regulation (EC) No 1070/2009 of the European Parliament and of the Council of 21 October 2009 amending Regulations (EC) No 549/2004, (EC) No 550/2004, (EC) No 551/2004 and (EC) No 552/2004 in order to improve the performance and sustainability of the European aviation system.

It shall be noted that COMMISSION IMPLEMENTING REGULATION (EU) 2017/373 of 1 March 2017 laying down common requirements for providers of air traffic management/air navigation services and other air traffic management network functions and their oversight is an implementing rule to both SES Regulations and EASA Basic Regulation.

COMMISSION IMPLEMENTING REGULATION (EU) No 1035/2011 of 17 October 2011 laying down common requirements for the provision of air navigation services; and 

COMMISSION IMPLEMENTING REGULATION (EU) No 1034/2011 of 17 October 2011 on safety oversight in air traffic management and air navigation services;

Note: Implementing Regulations (EU) No 1034/2011 and (EU) No 1035/2011 will be repealed as from 2nd January 2020 (Applicability Date of Regulation (EU) 2017/373).

According to Definitions in Article 2(1) and (10) of Regulation (EC) No 549/2004 of the European Parliament and of the Council of 10 March 2004 laying down the framework for the creation of the single European sky.

‘Air traffic control (ATC) service’ means a service provided for the purpose of:

(a) preventing collisions: — between aircraft, and — in the manoeuvring area between aircraft and obstructions; and

(b) expediting and maintaining an orderly flow of air traffic;

‘Air traffic management (ATM)’ means the aggregation of the airborne and ground-based functions (air traffic services, airspace management and air traffic flow management) required to ensure the safe and efficient movement of aircraft during all phases of operations;

ATSEP – Air Traffic Safety Electronics Personnel are covered. Those can be found in Annex XIII – Part – PERS of Regulation (EU) 2017/373.

https://www.easa.europa.eu/regulations#regulations–atmans––––air–traffic–managementair–navigation–services
 

However, there is a general requirement in Annex III of Regulation (EU) 2017/373:

ATM/ANS.OR.B.005 Management system

A service provider shall implement and maintain a management system that includes:
(…)
(a)(6) a process to ensure that the personnel of the service provider are trained and competent to perform their duties in a safe, efficient, continuous and sustainable manner. In this context, the service provider shall establish policies for the recruitments and training of its personnel;

The competent authority responsible for the issuing of certificates to service providers, for the acknowledgment of receipts of declarations made by providers of flight information services where relevant, and for the oversight and enforcement in respect of service providers shall be the national supervisory authority. 

According to Article 2 (Definitions) of Regulation (EU) 2017/373:

‘Pan-European service’ means an activity which is designed and established for users within most or all Member States and which may also extend beyond the airspace of the territory to which the Treaty applies.

The competent authority with regard to Pan-European services (e.g. DAT providers, the Network Manager, etc.) shall be the Agency (EASA) as defined in Article 4(1) of Regulation (EU) 2017/373.

"Air Navigation Services" means air traffic services; communication, navigation and surveillance services; meteorological services for air navigation; and aeronautical information services. (Article 2(4) of Regulation (EC) No 549/2004 of the European Parliament and of the Council of 10 March 2004 laying down the framework for the creation of the single European sky.) 

An organisation (= a legal entity) is certified, while the scope of services, for which that organisation/legal entity is entitled to provide services, are listed in the attachment to the service provider’s certificate and there can be multiple offices/locations per organisation. On the other hand, the principle location of the company will be printed onto the EASA certificate, while any additional locations will be listed into the application form as well as in the company’s exposition.

An ISO 9001 or EN 9100 certificate, issued by an appropriately accredited organisation, could be used as acceptable means of compliance (AMC) for the relevant management system requirements (i.e. quality management elements). In this context, it should be noted that the subject organisation should accept the disclosure of the documentation related to the certification to EASA as the competent authority. On the other hand, the ISO 9001/EN 9100 certificate covers only the quality management elements of the management system, while the other elements as stipulated in the rule that are not covered by ISO/EN certificate should be subject to oversight by the competent authority, such as e.g. adequacy of the processes and procedures. 

DAT provider that processes aeronautical data and provides an aeronautical database for use on certified aircraft application/equipment having a safety effect should be certified. Systems permanently installed, especially in the cockpit, would fall in general into the scope of the regulation.
In another words, databases for which the DAT provider is not required to be certified in accordance with the referenced Regulation include but are not limited to databases provided and/or used by the operator of the aircraft that are monitored under the operator’s responsibility and not loaded into certified aircraft applications (e.g. airport moving map used in electronic flight bags (EFBs), take-off and landing performance used in EFBs). Databases that are approved as part of the type design of the aircraft or engine (e.g. engine power settings (take-off, climb, maximum continuous thrust (MCT), and cruise) and aircraft performance data (e.g. take-off distance, V speeds)) do not fall under the scope of certification.

For further details refer to AMC1 DAT.OR.100 Aeronautical data and information and GM1 DAT.OR.100 Aeronautical data and information.

The application process is defined by following steps:

• Future DAT provider makes an application, using the available DAT provider application forms 
• The application should include some company documentation (Organisation Exposition and a copy of the national Companies register / Certificate of Incorporation) 
• An eligibility check will be done by EASA before proceeding with the next steps.
• Charges will differ between the organisations (depending on the organisation scope of work, number of location etc.) as the fee is calculated based on hours spent on certification. The application form for certification includes the possibility for the organisation to request a quote. If this is option is selected, EASA will send the corresponding quote after assessing the information delivered together with the documentation. No certification activity is started until the organisation accepts the quote.
• Once the quote is accepted, a Kick-Off Meeting between EASA and the organisation is organised in order to launch formally the activity. Certification tasks will start at that meeting.
• The duration of the assessment depends on the type of services and the compliance status of the organisation. Typically, as a minimum, an on-site audit is organised although it can be extended depending on the organisation structure (e.g. number of operational sites).

More information can be found on the following links:
ATM/ANS approvals and ATCO training organisation approvals

And here:
Application for ATM/ANS Service Provider Organisation Approval 

It is always possible to extend a Type 1/Type 2 DAT-provider certificate to include other services through an organisation change and the corresponding assessment activities by the certification team.

You can find up-to-date list of certified service providers (including DAT providers) here: List of approved ATM/ANS organisations.

“Equivalent” to an EASA certified Type 1 or Type 2 DAT provider are defined in any Aviation Safety Agreement between the European Union (EU) and a third country, including any Technical Implementation Procedures (TIP), or any Working Arrangements (WA) between EASA and the competent authority of a third country.  Up to date information regarding the status of such agreements can be found on our website 'International Cooperation Overview'.

It should be noted that the DAT certification attests that the databases produced by an organisation can be used by aircraft operators and that they have put in place an appropriate system for the control of the processing of data. In this context, it should be clearly pointed out that the DAT provider that we are addressing, processes aeronautical data and provides an aeronautical database for use on certified aircraft application/equipment (e.g. FMS) having a safety effect. Furthermore, it is important to be noted that the data as such is not subject to certification, but the organisation is subject to certification that demonstrates its capability to produce the subject databases.

More concretely, EUROCAE ED-76(A)/RTCA DO-200A(B) is only one of the means to demonstrate compliance to some of the requirements laid down in the binding act, i.e. Regulation (EU) 2017/373. For the rest of the requirements, the DAT provider needs to demonstrate compliance with the applicable requirements resulting in the issuance of a certificate attesting such compliance.

Terrain and obstacles databases are not subject to major/planned changes, therefore, the principles and criteria applied in the maintenance of terrain and obstacle database should be specified in the DQR, including the frequency with which data products are updated. Depending on the intended use, the data/databases may be derived from the States published data (e.g. AIP) or from other sources (e.g. data services (DAT) providers). The data/databases may be updated based on the availability thereof, new sources that allow to improve their quality (e.g. accuracy or resolution), correction of detected errors, etc. 
Please note that DAT providers are subject to Regulation (EU) 2017/373 (refer DAT.OR.100 and associated AMC/GM). In this context, when the databases (including terrain and obstacles) are used on certified aircraft application/equipment, (that support the flight operation where incorrect data leads to failures having at least minor or higher failure effect, excluding those databases approved as part of the type design of the aircraft) they should be produced and released by certified DAT providers. 
In conclusion, the EU law does not address the frequency of terrain and obstacle database updates.

Regulation (EU) 2017/373 that requires DAT provider’s certification from 1 January 2019.
This regulation is accessible here: Regulation (EU) 2017/373

To support the implementation of said Regulation, please note the associated AMC/GM issued with EASA ED Decision 2017/001/R.

The listed regulatory materials are consolidated in Easy Access Rules for Air Traffic Management/Air Navigation Services: Easy Access Rules for ATM/ANS. These consolidated, up-to-date rules are displayed in an easy-to-read format with advanced navigation features through links and bookmarks and are for free download from the EASA website. The document contains the applicable rules for the providers of Air Traffic Management/Air Navigation Services and other Air Traffic Management network functions, incl. DAT providers. It covers Regulation (EU) 2017/373 and all its annexes (together with the related AMC and GM).

Furthermore, in order to assist stakeholders to prepare for the implementation, EASA organised a workshop focusing on the new requirements and aiming to familiarise with the use of Acceptable Means of Compliance and Guidance Material, being established by the Agency. The presentations provided during this Workshop can be found on the page for the event: '1^st EASA Workshop for DAT providers'. 

Usually an organisation (= a legal entity) is certified, while the scope of services, for which that organisation/legal entity is entitled to provide services are listed in the attachment to the service provider’s certificate. However, it is up to the organisation in question to organise its application(s) and the demonstration of compliance for the various services. It should be noted that the potential parallel applications would result in parallel certification and subsequently continuous oversight processes.

The change compare to the current LoA scheme is that the tailored data processing (from data origination and/or receiving till its release, incl. signing of the statement of conformity by DAT provider(s)) becomes subject to process verification and oversight by the DAT providers’ competent authority, i.e. by EASA. 
More concretely, if a DAT provider is requested to:

a) Release a tailored Data as part of a Navigation DB, a statement of conformity is required;

b) Release a DB containing tailored Data only, a statement of conformity is required; 

c) Release a tailored Data as part of a test Navigation DB, no statement of conformity is required, only at a discretion of a DAT provider

EASA is the competent authority for the DAT providers. Following the certification process, upon receiving an application for the issuance of a certificate to a DAT provider, EASA needs to verify the DAT provider's compliance with the applicable requirements of Regulation (EU) 2017/373. In this context, EASA may require any audits, inspections or assessments it finds necessary before issuing the certificate. The certificate shall be issued for an unlimited duration. The privileges of the activities that the DAT provider is approved to conduct are specified in the service provision conditions attached to the certificate.

In accordance with ATM/ANS.OR.A.025, DAT provider's certificate shall remain valid subject to:

(1) the DAT provider remaining in compliance with the applicable requirements of Regulation (EU) 2017/373, including those concerning facilitating and cooperating for the purposes of the exercise of the powers of the competent authorities and those concerning the handling of findings as specified in points ATM/ANS.OR.A.050 and ATM/ANS.OR.A.055 respectively;

(2) the certificate not having been surrendered, suspended or revoked.
Having mentioned this, it could be concluded that EASA is the competent authority for the oversight of DAT providers in addition to its duties for the issuing of respective DAT providers’ certificates.

The provision of data services (= production of databases for certified a/c application/equipment by the DAT providers that would be subject to certification) has been extended from navigation databases (i.e. the current LoA holders’ activities) to aeronautical databases’ activities. To better illustrate the meaning of the DAT provider’s scope of activities (DAT.OR.100), GM1 DAT.OR.100   Aeronautical data and information provides examples of databases provided by certified DAT providers. 

In reference to the VFR Databases, GM1 DAT.OR.100(b)(3) is regarding applications/equipment installed on aircraft certified exclusively for VFR operations. In this context, only those databases used for primary navigation to meet the airspace usage requirements (for example, operations in the airspace where Precision Area Navigation (P-RNAV) is required) would be in the scope of the new DAT requirements.

More concretely, any VFR flight-planning software should be out of the scope of the products provided by certified DAT providers. In addition, as illustrated in GM1 DAT.OR.100, paragraph (b), the organisations putting these products in the market would not be required to be certified in accordance with Regulation (EU) 2017/373. However, it should be clarified that if the mentioned databases were to be fed/used on certified a/c application/equipment (exempted VFR cases addressed above), then the DAT providers would be subject to certification. To illustrate with an example, the airport moving map could be used a non-certified EFB application under operator responsibility, or could be fed into a certified aircraft application (covered by TC/STCs). Consequently, the latter case will fall into the regulation’s scope.

Any software applications not loaded into certified aircraft applications, e.g. used inside an EFB do not require to be provided by certified DAT providers.

For specific flight into designated airspace or the use of specific procedures like SID, STAR, LPV approach, RNAV 1, there are minimum equipment requirements where a database is used to describe the flight path. Those need to be provided by a certified DAT provider.

However, there could be another scenario where the GPS is not used as primary navigation, e.g. in a pure VFR environment. Consequently, the database fed into the GPS could be provided by ‘non-certified’ DAT provider. In this latter case, the GPS database is excluded. The intention was to allow the use of tools in support of the VFR only certified aircraft while demanding oversight for databases used for mandatory navigation functions.

Competent authority may grant a privilege to service provider(s) to implement changes to its management system and/or safety management system without prior approval. ATM/ANS.AR.C.025 regulates the competent authority to approve a procedure defining the scope of changes that do not require prior approval and description how such changes will be notified and managed). The mirroring requirements for the service providers are laid down in ATM/ANS.OR.A.040, especially in (b) and for further details please consult AMC2 ATM/ANS.OR.A.040(b) ‘PROCEDURE FOR CHANGES NOT REQUIRING PRIOR APPROVAL’ and GM1 ATM/ANS.OR.A.040(b).The procedure has to be defined by the service provider(s) and approved by the competent authority. The competent authority should evaluate depending on the maturity and reliability of the service provider, what kind of changes could be included this procedure.  Changes that should always require prior approval are e.g. changes to the scope of services, significant change to the operational environment, etc. Changes that the competent authority could allow service provider to implement without prior approval are e.g. nominated personnel/post holders, QMS revisions, etc.