CAP 3098: New Guidance on Cyber Safety Objectives for Specific Category Operations

The Civil Aviation Authority (CAA) has published CAP 3098, a new guidance document on cyber safety objectives for Remote Piloted Air Systems (RPAS) operations in the specific category.  

This guidance is part of the Specific Operation Risk Assessment (SORA) framework and incorporates the Cyber Safety Extension from JARUS SORA 2.5.  

CAP 3098 provides operators with essential information on:

• Cybersecurity concepts and threats  
• Applying reasonable and proportionate cyber safety measures  
• Operational Safety Objectives (OSOs) with assurance levels  

The guidance emphasizes the importance of integrating cybersecurity into safety processes to mitigate vulnerabilities in RPAS technology.  

Key points of CAP 3098 include:

• Defining cyber threats and safety  
• Establishing a strong cyber safety culture  
• Conducting thorough threat analysis and risk assessments  
• Implementing specific OSOs for various aspects of RPAS operations  

This guidance is essential for RPAS operators, equipment OEMs, maintainers, and service providers to ensure the safety and security of specific category operations.