TOP 11 IMPACTS ON CRITICAL INFRASTRUCTURE UAS OPERATIONS - PART 108 NPRM
- nernst03
- Sep 8
- 11 min read
The FAA’s Part 108 Notice of Proposed Rulemaking (NPRM) introduces a sweeping new framework for Beyond Visual Line of Sight (BVLOS) drone operations. While it creates opportunities for all sectors, this article focuses on the raises major questions raised from the perspective of operating such aircraft on critical infrastructure —powerlines, pipelines, and railways, etc.
Now that was are in the NPRM phase, it is our collective chance to speak up and influence how these new requirements look and function in real-world scenarios. Our experience gives us a unique/qualified perspective, and it’s our responsibility to help shape the final regulations to ensure they work—not just in theory, but in the daily reality of future UAS operations.
After reviewing the proposed rule in detail, I’ve put together my top ten “gotchyas”—the key issues that every infrastructure operator needs to add to their list of things to think about, consider commenting on, and keeping top of mind. These points reflect both the opportunities and the challenges ahead, and I believe they’ll significantly impact how we do business under Part 108, for better or for worse. Your feedback to the regulators is paramount, and together, we can help ensure these rules truly serve our industry’s needs.
Below are what I consider some of the most impactful provisions, what they mean, and my thoughts on their implications.
1. Declarative Compliance Approach
Reference: §108.715 (Declaration of Compliance). Pages 687–690
What it says: Manufacturers declare compliance with standards for design, test, noise, cybersecurity, etc.
Impact: This is aimed at streamlining compliance approvals.
Concern: This is a “trust but verify” problem. To what standard is an aircraft compliant? However, this specific point says that if an OEM “declares” compliance with the standard, it is at liability of the OEM to stand behind such declaration. Is there a means of third-party validation here? If so, what compliance standard is the declaration compared to? See next point.
2. Airworthiness Acceptance vs. Type Certification
Reference: §108.710–§108.715 (Declaration of Compliance). Pages 685–688
What it says: Instead of requiring full type certification, manufacturers can seek airworthiness acceptance by submitting a declaration of compliance (Subparts G & H). Consensus standards (e.g., lighting, speed, cybersecurity) will define compliance pathways.
Impact: This (in theory) lowers barriers for OEMs to bring UAS into service faster, especially for niche infrastructure inspection aircraft.
Opinion: What is the definition of “consensus standards”? I feel that this was put in place to speed up the compliance process for aircraft operations (good). However, this shifts safety validation onto industry standards and self-declarations (bad). Not only is that concerning in terms of standardization and who sets such precedent, but also in terms of timeliness. If there are not clear-cut standards, at what point is the declaration considered good enough?
The utility industry is notoriously slow to adopt new technology. We are now asking utilities to adopt larger aircraft with presumably riskier CONOPS to fly their assets, on the basis that the aircraft could have been certified to standards built in-part by the same OEM. Is that not a conflict of interest?
3. Permits vs. Certificates
Reference: §108.500–§108.585 (Operating Certificates and Permits). Pages 607–608
What it says: BVLOS ops will either fall under a Permit (low risk/weight, limited scale) or a Certificate (higher risk/scale). Permits require minimal oversight, while Certificates demand SMS, hazmat procedures, duty/rest programs, etc.
Impact: This dual structure will fragment operations based on risk. The more complex the operation, the better chance of a certificate requirements versus a permit.
Opinion: This dual structure will streamline lower-risk (permit) operations and hold higher-risk (certificate) operations accountable. Considering Part 108’s aircraft class capacity of up to 1,320 pounds, I feel that this is essential.
In general terms, industry has become very proficient at operating lower class (<55 pound) aircraft. UAS operations with heavier aircraft are almost incomparable in terms of complexity, competency requirements, and required technical aptitude. Certificates will be held only for those competent enough to be trusted with such aircraft, while most operations (to start) will be on the permit level.
4. Shift from Pilot-Centric to Corporate-Centric Model
Reference: §108.310 (Flight Coordinator) and §108.315 (Personnel Knowledge & Training). Pages 642–643
What it says: No airman certificates. Instead, operators designate an Operations Supervisor and Flight Coordinators. Training requirements are internal to the company, instead of a universal FAA standard.
Impact: Companies, not individuals, carry compliance burden. This aligns with corporate aviation models.
Opinion: The shift to corporate-centric alone is not a negative one. However, if training requirements are internal to a company, I have serious concerns for standardized safety across the industry. Not only are they saying, “you can fly larger, more complex aircraft, further,” they are also saying “it’s up to you (company) to figure out and standardize your own safety training.”
The UAS industry at large is already in a financial race to the bottom. OEMs, providers, and service contractors are constantly looking for ways to cut costs on the narrative of “drones always being the cheaper method.”
If I oversee my company’s safety training requirements, does this not mean I will find ways to be “just good enough” from a compliance perspective? If not, my competitors certainly will, making them a cheaper solution (beating me in competition).
5. Automated Data Service Providers (ADSPs) – Part 146
Reference: Part 146 is cross-referenced in multiple sections of Part 108 (§108.190, §108.195 for integration). It also appears in discussion around UTM services (Part E + Part F references). Pages ~606–610
What it says: Operators must integrate with ADSPs for traffic management, deconfliction, and conformance monitoring. These can be third-party or self-provided but must be certificated.
Impact: Infrastructure operators may be required to pay for third-party services for Part 108 operations.
Opinion: I do not disagree with this requirement, so long as it remains a requirement for the ADSP to be FAA certificated. While this will add another financial cost to Part 108 operations, I feel that the financial impact is inconsequential relative to level of complexity Part 108 operations aim to allow.
6. Right-of-Way and Electronic Conspicuity (EC)
Reference: §108.190–§108.195; amendment to §91.113(h). Pages 132-135
What it says: Adds §91.113(h): UAS get right-of-way over manned aircraft—except in dense areas, Class B/C, near airports, or if the manned aircraft broadcasts via ADS-B. UAS also get right-of-way in “shielded areas” (within 50 ft of powerlines, railways, pipelines), but only with infrastructure owner permission.
Impact: This is seismic. For the first time, crewed aircraft may be required to yield to drones in many environments.
Opinion: I feel that this is an incredibly poor decision. For example – consider one of the most task-saturated helicopter operations in the world – powerline construction. The pilot is tasked with not only flying his/her helicopter safely, but they are also doing so within inches of live powerlines, often carrying external cargo or humans. Whether that pilot is broadcasting ADS-B or not, under this rule, we are putting another task on top of that pilot’s workload – avoiding UAS in the same airspace.
Furthermore, consider what this will do to the insurance premiums of manned operations that are victim to this. I suspect insurance carriers will have major heartburn knowing that pilots under their insurance policy would now be liable for an incursion for any manned operation that takes places in the same area as a “shielded” UAS operation.
Lastly, there is verbiage stating that UAS right-of-way over a manned aircraft would be granted “only with infrastructure owner” approval. Is it wise to give aviation policy discretion to an individual infrastructure asset owner? Infrastructure owners should not have authority to modify such policy at their discretion.
7. Maintenance & Airworthiness Lifecycle
Reference: §108.600–§108.630 (Maintenance & Alterations). Page 680-683
What it says: Maintenance under Part 108 will not require certificated mechanics. Instead, maintenance is based on manufacturer-defined standards and performed by personnel deemed “competent” by the operator. Records must be kept, but there’s no FAA-issued certificate for maintainers.
Impact: This lowers barriers for operators, since they won’t need FAA-certified A&P mechanics. It could also accelerate repair/return-to-service for UAS fleets in the field.
Opinion: In the same vein as Airworthiness Acceptance vs. Type Certification, I have deep concerns on how infrastructure operators can feel a sense of robust standardization (safety) with this proposal. One operator’s “competent mechanic” could differ wildly from another’s, leading to uneven reliability and probably downstream operational/safety risks.
8. Noise & Environmental Standards
Reference: §108.910 (Noise). Page 400
What it says: FAA is exercising its statutory authority to impose noise requirements as part of UAS airworthiness acceptance. These standards will apply even though drones don’t undergo type certification like manned aircraft.
Impact: Communities along powerlines, rail corridors, and pipelines—many of which already push back on helicopter noise—may welcome this. It also signals FAA intends to normalize UAS as part of aviation’s broader environmental framework.
Opinion: While utilities and O&G companies aren’t typically noise-sensitive customers, community pushback around Rights-of-Way (ROW) is real. While sUAS have historically been a non-issue in the noise abatement arena, that will certainly change with larger aircraft. I agree with this section
9. Population Density Categories
What it says: §108.185(c) - FAA creates five population-density categories using Oak Ridge’s LandScan USA data. Higher categories (3–5) require strategic deconfliction. Pages 115–118
Impact: Suburban assets inspections could trigger higher-cost mitigations.
Opinion: This is a step in the right direction in terms of standardization, held accountable by a specific standard as outlined by the FAA. This forces operators into GIS-intensive flight planning from a risk mitigation perspective. Fun fact – Population Density analysis is widely used in the Public Aircraft Operations (PAO) COA, Special Airworthiness, Experimental, and 44807 approval processes. I agree with this section.
10. Cybersecurity Requirements
What it says: §108.535, §108.875 - Operators must develop and implement cybersecurity policies and processes to protect UAS systems, networks, and operations from unauthorized access or malicious interference. Requirements include protecting hardware/software, managing employee access, mitigating cyber-attacks, and using standards like the NIST Cybersecurity Framework. Pages 275–276, pages 393–394
Impact: Protects critical infrastructure missions from potential cyber threats (e.g., hijacking a UAS near a power plant).
Opinion: I feel that this requirement is influenced by, and in direct relation to, the Blue-UAS initiative (non-foreign drones). I am concerned that the historical ambiguity surrounding the Blue UAS initiative and the headaches that has caused for industry may translate as well. Who is setting this standard? Is this a self-declaration as well? What is the change management process to these requirements? These are all relative questions I have considering how the FAA has handled cybersecurity issues related to sUAS in the past.
11. Safety Management System (SMS) Mandate
What it says: §108.560 - Certificated operators must establish a formal Safety Management System (SMS) that includes risk management procedures, safety assurance, and continuous improvement. This aligns UAS with Part 135-style commercial aviation SMS requirements. Pages 283–285
Impact: This elevates infrastructure UAS ops to the same safety oversight as airlines and charter operators. Strong SMS programs could help utilities demonstrate due diligence in regulatory or legal reviews and hold their operations to the highest standards
Concern: While large operators can absorb SMS programs, smaller inspection contractors may find the administrative and documentation burden overwhelming. Most of the large-program operators have built relatively robust SMS already. However, without scaling guidance, SMS may become a barrier for entry into infrastructure inspection markets. Regardless, I completely agree with this section.
Final Thoughts
Part 108 is an ambitious step toward normalizing BVLOS. But for critical infrastructure operators, its current form introduces ambiguity and ultimately safety concerns that could undermine adoption. The rule needs sharper clarity on standardization, right-of-way authority, and performance benchmarks—or we risk creating a system that slows and/or cripples, rather than accelerates, the role of UAS in critical infrastructure resiliency.
Energy Utilities Impacts
From the perspective of energy utilities, Part 108 is poised to reshape operational risk paradigms for UAS operations. The rule will require utilities to invest in more sophisticated operational protocols, dedicated compliance staff, and robust technology solutions. Financially, these new requirements may drive up initial program costs—particularly in SMS implementation, regulatory reporting, and overall Part understanding—yet suggest longer-term reductions in risk exposure and financial ROI. The industry trend expected to emerge is (true) enterprise-scale UAS programs, where utilities consolidate operations, automate compliance, and leverage data-driven safety performance as a strategic advantage in regulatory and public engagement.
Service Providers Impacts
Part 108 presents a double-edged sword for service providers ranging from large enterprise operators to small contractors. While robust safety and cybersecurity mandates elevate the credibility of service offerings and open doors to higher-value contracts with customers, they also introduce administrative and documentation burdens that may be prohibitive for smaller firms. Operationally, service providers must train staff on new compliance protocols and rethink risk mitigation at a level that few have experience in. Financially, the upfront investment could lead to a larger phase of industry consolidation, as smaller players either merge or specialize to survive. The anticipated trend is the emergence of tiered service markets, with contractors differentiating themselves based on compliance sophistication and technology integration, while most of the large/routine inspection work migrates to larger, well-capitalized firms.
OEM Impacts
Manufacturers face both challenges and opportunities as Part 108 tightens security and performance standards for UAS hardware and software. Operationally, product development cycles will lengthen to accommodate cybersecurity, reliability, and safety benchmarks, potentially increasing R&D expenditure and time-to-market. However, manufacturers able to meet or exceed regulatory standards will benefit from enhanced market access and stronger customer trust. Financial impact will be felt most by firms needing to redesign legacy platforms to comply, but those who succeed can capitalize on a trend toward “compliance-certified” products: platforms pre-approved for critical infrastructure use, commanding premium pricing and facilitating rapid adoption by utilities and service providers.
I do however fear for a phase of “market adjustment.” Part 107 operations have crafted a narrative of price competitiveness. This has had a spiral effect on bottom-dollar pricing for services. Part 108 and the suggested compliance requirements are ambiguous and leave much detail to be desired. I imagine that pricing for such systems (justifiably so) will spike. This could create an “expectation reset” as industry grapples with the harsh financial and operational requirements to truly operate BVLOS on a routine basis.
I implore you to take advantage of this NPRM to research the Part yourself and think about how it could affect your use of UAS. We as normal citizens have the authority to make our voices heard through every single comment submitted. Getting Part 108 wrong the first time could prove disastrous.
This is certainly an exciting time for UAS in the NAS….Just be thoughtful and safe.
Nate Ernst
President, The Tactien Group, LLC
About The author
As Founder and President of The Tactien Group, Nate Ernst is dedicated to advancing the secure integration of unmanned aircraft systems (UAS) into critical infrastructure operations, leveraging a career that blends hands-on deployment experience with regulatory compliance operating some of the largest and most complex UAS to fly in the National Airspace, commercially
Drawing on years of experience at the intersection of aviation innovation and infrastructure risk management, Ernst has guided organizations through evolving regulatory landscapes and complex technology adoption. His work is driven by the conviction that robust safety management, operational agility, and compliance are not mutually exclusive, but rather essential pillars for a resilient and future-ready infrastructure ecosystem.
About The Tactien Group
