Next Article in Journal
Automatic Volume Calculation and Mapping of Construction and Demolition Debris Using Drones, Deep Learning, and GIS
Previous Article in Journal
Supporting Long-Term Archaeological Research in Southern Romania Chalcolithic Sites Using Multi-Platform UAV Mapping
Font Type:
Arial Georgia Verdana
Font Size:
Aa Aa Aa
Line Spacing:
Column Width:
Concept Paper

Development of an Organisational Certification Process for Specific Category Drone Operations

VTT Technical Research Centre of Finland Ltd., Visiokatu 4, P.O. Box 1300, 33101 Tampere, Finland
Author to whom correspondence should be addressed.
Drones 2022, 6(10), 278;
Submission received: 17 August 2022 / Revised: 14 September 2022 / Accepted: 22 September 2022 / Published: 27 September 2022


To govern and ensure the safety of increasing drone operations, the European Aviation Safety Agency (EASA) has defined three risk-based categories of unmanned aircraft system (UAS) operations. A large part of commercial UAS operations fall into the Specific category, which includes operations with medium risk that require an authority approval. One possible way to gain approval for these operations is the light UAS operator certificate (LUC) awarded by a national aviation authority. It offers organisations the privilege to assess and approve operations without applying for authorisation from an authority. However, only general information regarding the LUC is available in the European regulatory publications. Thus, there is currently a lack of detailed guidelines and practical information about the process and requirements for acquiring LUC status. This paper describes the development of a LUC application process model following a design science research approach. The model supports organisations to assess their LUC capabilities, develop their organisation, create the documentation to fulfil relevant requirements, and to apply for the certificate. Finally, the results of a case study where the process model was applied are presented.

1. Introduction

In 2015, EASA published a concept of operations for drones, describing a risk-based approach to the regulation of unmanned aircraft systems (UAS) [1]. It came into operation on the last day of 2020 with a one-year transition period and changed European unmanned aviation convention significantly, setting new requirements for the use of drones. The regulation classifies a wide range of operations and drone types into three different categories—Open, Specific and Certified, as seen in Table 1. The Open category is for low-risk UAS operations. For example, in compliance with the Finnish national aviation authority (NAA) Traficom [2], no permission is needed from authorities before a flight in this category. The Certified category applies to high-risk operations, for example drone flights with passengers or dangerous goods on board. The safety procedures correspond to manned aviation, and a certification from authorities is required for all aircraft, pilots, and operators. The Specific category includes all operations that cannot be categorised as Open or Certified category operations, i.e., medium-risk operations. These operations can be very variable, ranging from fairly simple to demanding operations. Operations in the Specific category require an authorisation from the NAA.

Authorisation of Specific Category Drone Operations

The authorisation process of operations under the Specific category is based on risk evaluation, which determines whether it is sufficient to submit a declaration to the NAA or if an application for the operational authorisation is required [4]. There are four possible options, as shown in Figure 1, to obtain the authorisation for the UAS operation: the national or EASA standard scenario (STS), pre-defined risk assessment (PDRA), specific operations risk assessment (SORA) and the light UAS operator certificate (LUC).
STS has a precise list of limitations and provisions to mitigate the risks so that the competent authority can be satisfied based on a risk assessment performed before executing this type of operation. Corresponding operations and availability of the devices falling to STSs are still limited so the STS regulation is set to start on 2 December 2023 [6]. PDRA makes the operational authorisation application and the risk assessment process easier by identifying the most common operation types in advance. Authorities have already carried out the risk assessment, so it is sufficient to prove that the operations comply with the PDRA boundary conditions [6]. What differentiates PDRA from STS is that it is still verified through an authorisation process, while a declaration is enough for STS. SORA is a methodology and a guidance for UAS risk analysis and assessment to guarantee the same level of safety for the operation as in manned aviation [7]. It supports the authorisation outside PDRA or STS categories by an iterative procedure that systematically identifies the risk of complex drone operations. Applicants identify where, when, and how they will undertake the operation without risking people or goods in the air or on the ground. The concept was developed by the Joint Authorities for the Rulemaking of Unmanned Systems (JARUS) [8] and modified and accepted for European use to fulfil the requirements of the EU regulations [9].
The fourth method, LUC, provides an alternative way of acquiring the authorisation. Instead of focusing on individual operations, it is an organisational approval certificate, granting the organisation with a privilege to self-authorise operations within specified limits. It can be awarded proven that the operating organisation has a mature organisational management system and the capability to assess the risks of operations on its own. The certificate includes the UAS operator’s identification, operator’s privileges, the authorised type(s) of operation, the authorised area, zone, or class of airspace, and any constraints or conditions that may apply [10]. An organization can apply for a LUC which is issued by a national authority if the applicant can demonstrate its operating experience and complete risk assessment-based operational authorisations. According to instructions provided by EASA [11], after acquiring a LUC, an organisation can operate under STS without a declaration, self-authorise PDRA operations without an application or self-authorise allowed operations using the SORA process by itself. Thus, the privileges granted by LUC can be very significant for drone operators, especially if the operations are varied with a high number of required authorisations.
In the European UAS guidelines, LUC is presented as a fourth way to authorise a Specific category operation alongside SORA, PDRA and STS (cf. Figure 1). In fact, LUC is comprised of operations assessed using SORA, PDRA or STS. Currently, SORA is the best way to gain experience and prove maturity for the LUC. Although SORA is a long and complicated process, it is commonly used in various UAS operations around the world because it is the only formal risk assessment method for more complicated operations. Furthermore, completing the SORA also educates the operator and shows their safety capabilities to authorities.
Applying for a LUC is a long process requiring operational experience, understanding of the risk assessment methodology and development of an exhaustive operations manual (OM) from the very beginning of the UAS operations. While LUC is still a new concept, there are already some examples of organizations in Europe with a LUC status. Some of the noted LUC organisations are Nordic Unmanned [12], Skyports [13], Manna Aero [14], Geolayer Kft [15] and Schiebel [16]. The amount of support for applying for LUC differs between countries. For example, in Norway, the NAA provides a generic LUC application form [17]. However, generally, there is a need for more comprehensive documentation and guidelines informing how to apply for a LUC and what the practical requirements are for organisations that are aiming to operate under a LUC.
To address this need, the objective of this research was to construct a structured LUC application process for drone operator organisations. The process aims to support operators in assessing their LUC capabilities, developing their organisation, creating documentation to fulfil relevant requirements, and applying for the certificate. This paper expands on work conducted for a master’s thesis Organisational Certification Process for Specific Category Drone Operations in Finland [18], conducted under the DroLo project involving the VTT Technical Research Centre of Finland [19] and participating companies. The objective of the DroLo project is to assess emerging risks and uncertainties regarding the development and operations of autonomous/semi-autonomous intelligent multi-purpose drones in a UAS traffic management (U-space) environment. The project is linked to European regulatory development.
The main contributions of this paper are as follows:
  • This paper puts forward a description of a practical modular approach for the operations manual (OM) in order to demonstrate how organisations can utilise their existing principles for a LUC authorisation and avoid starting a LUC application from zero.
  • Guidance is presented for the fulfilment of the most essential requirements for the LUC:
    Safety management system with an independent safety review board;
    Operational experience and its quality.
  • A proposal is made for a LUC application process model.
The remainder of the paper is organized as follows: Section 2 describes the research material and methods, which include interviews, a modular approach for OM and its development into the LUC manual, and a safety management system (SMS). Section 3 presents the results and conclusions drawn from those materials and methods. It also highlights the most significant findings for the LUC application process. Using these components, this section also formulates the application process model and applies it in a case study. Finally, Section 4 summarises the work and presents the outcome and prospects of the UAS industry.

2. Materials and Methods

The research method used in this work was the design science research (DSR) approach, which is a problem-solving paradigm to improve technology and science knowledge by creating new and innovative constructs, models, methods, and instantiations [20]. The research followed the DSR structure as shown in Figure 2. Activities within each step of DSR are described in more detail below.

2.1. Identify Problem and Motivate

As described in Section 1, there is a critical need to identify detailed organisational and technical requirements for obtaining and retaining a LUC because there are not any existing documentation or guidelines informing how to apply for a LUC and what necessities are required from an organisation aiming to operate under a LUC. This is an important problem because UAS applications are rapidly increasing worldwide, and a lack of guidelines prevents the running of more complicated UAS operations and diverse drone applications.

2.2. Define Objectives of a Solution

The objective of this research was to support the organisations to assess their LUC capabilities, develop their organisation, create documentation to fulfil relevant requirements, and apply for the certificate by developing a structured LUC application process. As the development of the LUC application process is completely novel, the knowledge gaps and shortages in existing LUC documents and requirements were identified as the work progressed. Objectives of the solution were defined with semi-structured interviews, which provided information from aviation experts about general unmanned aircraft (UA) attributes, preferences, attitudes, opinions, and knowledge.

2.3. Design and Development

The design and development of the application process model was accomplished by tracing the present LUC instructions in EASA’s rules [10] and comparing them to the operational requirements related to other authorisation approaches. All the conclusions and contributions with these interviews and material analysis were then used to design and develop a seven-step LUC application process model, which assists an operator to discover its current situation and further debate and decide on the next actions to take for the LUC authorisation.

2.4. Demonstration and Evaluation

Finally, the developed application process model was applied in a case study where the process model was applied on an UAS operator organisation. To summarise the research approach applied in this work, its main phases are illustrated in Figure 2. Blue boxes illustrate the sources used to define the objectives, pink boxes illustrate the outputs developed in this research, and the green box is the final product of the development. Yellow boxes are related to the case organisation’s material used to demonstrate and evaluate the LUC application process model.

3. Results

This section presents the core findings and the novel contributions of the paper. It also discusses the significance of these findings and analyses them from different perspectives. Results and related discussion are presented together and organised following the same proceeding of the research shown in Figure 2.

3.1. Interviews

Three semi-structured interviews were conducted to investigate both authority and operator perspectives on the practicalities of applying for a LUC. All three interviewees were senior experts with broad experience in UAS operations. There were three main themes covered in the interviews. First, the focus was on interest and development actions towards LUC in different organisations. Second, views on the relationship between LUC and the other means of authorisation were collected. Finally, the challenges and bottlenecks of the authorisation processes were discussed.
The first interview was answered by the NAA perspective in Finland. According to the interview findings, currently applying even for an operational authorisation is challenging for many operators, and the operator organisations often need detailed instructions and guidance—or in some cases an external consultant—to carry out the application process. Thus, in most cases, granting an operator a LUC does not seem to be a realistic action yet. The LUC status is possible when an operator has done several successful operational authorisation applications. A UAS operator without a LUC does not face any safety management system requirements, so the setup, implementation, and maintenance of the SMS set significantly more requirements for the organisation and its maturity. Therefore, the LUC certification process developed in this research focuses not only on the missing parts of the LUC compared to individual operations but also on successfully completing individual Specific operations and establishing a strong basis for LUC from the beginning of UAS operations.
The second interview was conducted with a European level aviation safety authority representative. As a conclusion from this interview, three key observations were highlighted. The first observation is that SMS is a very integral part of the LUC application process, and it needs to be analysed and clarified as a major part of the application process model. Another important and new finding is that organisational maturity and the organisation’s capability to identify and manage risks are more important than the number of awarded operational authorisations. This is very essential insight considering that several companies are currently struggling with the operational application processes. The third observation is that in the long term, SORA will be an exception, and STSs and PDRAs will cover almost all operations. This might change the future scopes of organisations, as it will become easier to authorise those types of operations and get a LUC later.
In contrast to the two previous interviews, the participant of the third interview was an expert aviation organisation both operating test flights and offering regulatory consultancy services. As a conclusion from this interview, it was observed that the unmanned aviation industry is scattered, and many of the operators are small organisations, which are unaware of drones’ role in aviation in a broader sense. It is a long process for such organisations to adapt to the big changes in unmanned aviation. To speed up this process, it is necessary to inform organisations that they have become aviation organisations with UAS registration requirements and duties and responsibilities regarding aerial operations. There are some discussions between decision-makers but not so much among operators yet.

3.2. Modular Approach for Operations Manual

The interviews pointed out that the same OM cannot be directly used for different operations, and expanding it into a LUC manual is a step-wise process. To contribute to the application process, it was necessary to develop an approach to further develop an OM for multiple operations and for a LUC. A LUC manual is one of the most critical factors of the certification both representing the structure and working principle of the aviation organisation and proving the maturity and capability of risk assessing and operating UASs. Therefore, this section describes the progression of the manual development starting from OM according to EASA guidelines [10]. An operator can operate a single operation, multiple operations, or with a LUC, and these alternatives change the required structure of the OM. Figure 3 shows the necessary components that an operator must establish in a manual in different cases.
When conducting a single operation, organisational, operational, training, and technical information form the basis of the manual. If a single operation is conducted in several locations, operation volume, buffers and an emergency response plan (ERP) must be defined separately for all locations. When conducting multiple operations, the manual must be developed further to be more operation-specific. In addition to volume, buffers and ERP for all the locations under each operation and operational, training, and technical information must be separately defined for all detached operations. The third phase of the operator’s development and so the evolution of the manual is operating with a LUC. The final improvement to the manual is separating organisational information and safety management manual (SMM) from general operational information. The competent authority grants a LUC after determining that the UAS operator has complied with the following EASA’s rules: UAS.LUC.020 ‘Responsibilities of the LUC holder’, UAS.LUC.030 ‘Safety management system’, and UAS.LUC.040 ‘LUC manual’ described in [10]. This observation ascertained the fact that a clear organisational structure and a reliable safety management system are the key factors separating a LUC operator from an operator without the LUC status. Hence, the following section analyses the OM and its similarities and differences compared with the LUC manual, illustrating this modular evolution from the OM to the LUC manual.

3.3. Comparison of Operations Manual and LUC Manual

Because many UAS operators are conducting single operations, they have the OM already available. Templates for the OM and also for the LUC manual are given in the EASA’s rules [10]. However, following the modular approach, it is important to understand how to develop the manual from the OM to the LUC manual. Thus, a comparison of the OM instructions and the LUC manual instructions was conducted. With this comparison, this paper demonstrates how to develop the manual correctly to simplify the LUC application process. When comparing the OM template with the LUC manual template, it is notable that they have many similarities. If the OMs of earlier operations are formulated thoroughly, they form an extensive part of the LUC manual. In the comparison, it was discovered that there are only four safety-management-related items, which have to be developed from scratch for the LUC manual. These items are:
  • Duties and responsibilities of the accountable manager and key management personnel;
  • Compliance monitoring;
  • Management of change;
  • Documentation of key management system processes.
Other parts should be at least partially included in the OM, but may need to be extended for LUC manual. This observation correlates with the SMS insertion seen in the modular approach. Moreover, both interviews evidently emphasised the necessity of an SMS for LUC operators. Hence, the following section describes in more detail what an SMS is and what it generally includes.

3.4. Safety Management System

When applying for a LUC, a UAS operator must establish, implement, and maintain a safety management system that is appropriate for the organisation’s size, nature, and complexity of its activities, while also considering the dangers and related risks inherent in these activities. The EASA has defined what an SMS must include in Easy Access Rules for UAS [10]. However, there are no detailed guidelines on how to construct and maintain such a system. This is a critical phase in the LUC application process, and organisations need simple instructions regarding how to establish an SMS. A typical SMS in aviation consists of four main components: safety policy, safety assurance, safety risk management and safety promotion [21].
A safety policy is a written plan that aligns the aims and values of the company with procedures and measurements. It outlines safety performance targets, clearly defines roles and duties, and demonstrates the methods to achieve maximum compliance and responsibility in both normal operations and crises. In the case of LUC, these entail, for example, determining the person in charge and documenting safety protocols and procedures.
Safety assurance is a method of proving that performance is assessed, compliance is monitored, and processes are in place to maintain the SMS so it is current and operational. It is important to examine the effectiveness of the safety initiatives on a regular basis to keep the assurance constantly fulfilled and the SMS properly functioning.
Safety risk management demands an in-depth internal evaluation of an organisation’s activities in order to foresee and identify potential hazards or risks and develop the mitigation methods. It is critical to the SMS because it allows an organisation to develop a structured and systematic approach to identifying the hazards and safety events to which it is exposed. Investigating and analysing these exposures helps to evaluate and understand the risks. Another way to reduce the danger is regular training. SMS training teaches employees about the SMS principles, the employee roles within it, and how to perform required activities competently.
Safety promotion refers to the development of strategies to maintain and improve safety via increased awareness and changes in behaviour, such as communication, training, education, and transparency. An active discussion about the safety helps every worker to understand the organisation’s SMS safety goals, policies, and procedures, as well as the outcomes, which creates a feasible safety culture [22].
An SMS is a method of ongoing improvement that necessitates reassessment and re-vectoring over time.The same applies to organisations with aviation knowledge and operational experience, which are critical aspects to prove an organisation’s maturity and capability to conduct their own risk analysis for different types of operations. These critical aspects are included in the LUC application process model developed in the following section to systematise the LUC application procedure in a formal manner.

3.5. LUC Application Process

In this part of the research, previous findings and outcomes were systematised and outlined in order to develop a LUC application process model. The resulting application process model is aimed to guide organisations to evolve from an operator with a basic OM to a LUC organisation with an SMS and more comprehensive LUC manual. Operators will be able to see their phase in the process and take the correct actions to collect experience and form a strong basis for the possible LUC in the future. Figure 4 shows the structure of the developed model and the connections between different modules and steps used to organise the application process. Each of the steps are described in more detail below.

3.5.1. Impact Assessment of LUC Status

Before starting to implement the LUC documentation, it is recommended to assess the impact of the LUC status for the organisation. If stable operation is possible with a regular operational authorisation and the operator is not planning to expand the operation, then it is always more profitable not to apply for a LUC to avoid unnecessary workload. However, if the organisation is willing to expand its activities in the aviation industry with diverse UAS operations, then it is worthwhile to consider the LUC from the very beginning and start from the first step.

3.5.2. Developing an Operations Manual

As this paper has clarified that the LUC authorisation is a long modular process starting from the single Specific category operations, the UAS operator must specify and describe the proposed operations in the OM in order to receive a Specific category operational authorisation. Instructions on what information the OM should at least contain are available on the NAA’s webpages ([23] in Finland). The OM should always be customised for the area and type of operation. The sections of OM required by Finnish NAA Traficom are listed in [23]. When creating the OM, it is good to consider the needs of the LUC beforehand so that the manual is adaptable when adding new activities. When the handbook is not merely situation-specific but scalable and properly drawn from the start, it may be developed modularly towards the LUC manual, and it is not necessary to start from scratch.

3.5.3. Applying for Relevant Operational Authorisations

An operating authorisation is granted based on either a PDRA issued by EASA or NAA, or based on the operator’s own SORA. In all cases, the candidate must fill out relevant forms specified by the NAA. The OM, as well as other documentation confirming that the operator fulfills the conditions of the application, must always be attached. These include the PDRA or SORA risk assessment’s characterisation and conditions table, as well as any documentation supporting the requirements generated from the risk assessment results. The necessary form and attachments for the application in Finland are listed in [24] and must be submitted at least four weeks before the scheduled commencement of operations. The authorisation is typically subject to a fee (see, e.g., [25]).

3.5.4. Establish Safety Management System (SMS)

The SMS is a crucial factor of a LUC organisation. It is necessary to ensure that the regulations are met, the operational risks assessed, and accidents avoided. An internal "authority" under an SMS must take the role of the authority regarding the authorisation of the UAS operations operated in the LUC organisation.

3.5.5. Develop LUC Manual

The evolution from an OM to a LUC manual is described in Section 3.2, and the content of the LUC manual is described in Section 3.3. As presented in that section, four elements are found in this research which are missing completely from OM. These elements are:
  • Duties and responsibilities of the accountable manager and key management personnel;
  • Compliance monitoring;
  • Management of change;
  • Documentation of key management system processes.
All missing and insufficient parts should be supplemented during the development progress of the organisation with a precise OM and SMS regarding individual operations. After completing these steps successfully, an operator will have enough evidence to prove their maturity, aviation experience and risk understanding.

3.5.6. Applying for the LUC

Since any forms or instructions for the LUC application are not available in Finland, the applicant may need to contact the personnel in Traficom and discuss operating under the LUC in detail. A comprehensive management system and self-contained operation of different parts of the organisation are crucial prerequisites for the certificate. Therefore, it is worthwhile to separately present an accountable manager, operations manager, maintenance manager, training manager, safety/security manager and a person responsible for authorising operations with UAS. Additionally, it is worthwhile to check all the attachments in general, which are:
  • The LUC manual;
  • The OM (if separate from the LUC manual);
  • The SMM (can be as a part of the LUC manual);
  • SORAs;
  • List of UASs applied in the operations;
  • Proof of insurance (can be sent later during the application process).
As LUC is a fairly new concept, the collaboration between the first LUC applicants and the NAA is important as it will shape the eventual authorisation system for future LUC applications.

3.5.7. Maintaining the LUC

A LUC is valid for an indefinite period. If the LUC holder complies with the relevant criteria of the EASA’s regulation [10] and the member state that issued the certificate, it is not relinquished or cancelled. If a LUC is revoked, the LUC holder must submit an acknowledgment in digital format, which must be returned to the competent authority as soon as possible [6]. Therefore, to maintain the LUC, it is important to keep track of everything going on in the aviation organisation. Authorities are supposed to supervise and monitor the operations on a regular basis, e.g., every six months. On request, the LUC holder has to show reasonable documents and data to satisfy the authority that everything is in order.

3.5.8. Expanding the LUC

A LUC will act as an umbrella covering current operations, allowing an organisation to have an autonomous status concerning these specific UAS systems. On the other hand, it should be simple to change the LUC to enable some operations outside the scope of the original LUC for a specific type of operation with the same risk classification. Therefore, while applying for a LUC, authorised operations are required, and once granted, a LUC operator can apply to extend the LUC to cover further operations within the same categorisation level or to even more demanding operations with the necessary explanations conveyed to the authority.

3.6. Case Study: Application of the Process on a Potential LUC Applicant Organisation

In the final phase of this work, the formulated LUC application process model was experimented on in an aviation organisation. With this experiment, the functionality and reliability of the developed application process model were evaluated. The studied case organisation conducts a varied portfolio of UAS operations for R&D purposes, applying a number of different unmanned aerial vehicles (UAV). The operations include visual line of sight (VLOS) and beyond VLOS (BVLOS) flights in both urban and rural areas. The first task according to the LUC application process model was to figure out the current status and components the organisation had. Starting from the beginning, the impact of a LUC appeared to be very positive, since a LUC would be very beneficial considering different types of UAS operations for R&D purposes. Thus, the first step was to develop an OM. The applicant already had a functional UAS OM, which covered operations in the ‘Open’ and ‘Specific’ categories and was based on the European regulatory framework. The first version of this manual has been used and accepted in former operational authorisations. It was a 60-page document including the organisation overview, safety management, roles and responsibilities, configuration management of UAs, maintenance, concept of operations (ConOps), etc. After reviewing the manual, it was observed that those missing parts spotted in the manual comparison are actually missing from this OM in general.
The second step was applying for relevant operational authorisations. The case organisation had one approved authorisation based on a PDRA, and it was working on other, SORA-based authorisations. SORA is the most critical permission because a comprehensive SORA authorisation can be enough to prove an organisation’s maturity and risk management capabilities as a LUC operator. Therefore, this was an important step for the applicant as an aviation organisation. The third task was establishing the SMS. The case organisation is a large organisation with established occupational safety principles and safe working guidelines. Its UAS OM built on these documents and featured many operational safety management characteristics. However, the organisation did not have a clear separate safety management system for aviation activities. It is not possible to obtain a LUC with the operational principles and manual without any further development and clarification. Therefore, the case organisation was identified to be within steps two and three of the process model. Thus, the next tasks for the case organisation were to complete the relevant SORA authorisations successfully and to improve the SMS while documenting it and developing premises for step four.

Follow-Up Actions

Based on the application of the process model, several concrete actions were identified for the case organisation. The next task was to figure out follow-up actions to meet these remaining requirements and finally reach step five, i.e., applying for the LUC. The first initiative was to obligate a new or a suitable existing team to manage the LUC authorisation task. This team will maintain the OM, develop the LUC manual, and establish the SMS. It will also decide the distribution of the work and create the structure for the LUC organisation. The structure of an aviation organisation operating under the LUC can be divided to three independent roles, as in Figure 5: an operational team, a risk assessor, and an internal authority.
The operational team specialises mainly in flying and does not focus on permissions and authorisations. When the team wants to operate a flight, they describe the details and are in active communication with the assessor. On the other hand, if the risk assessor and the operational team are across each other, i.e., some persons work in both roles, the operators will directly contemplate possible flights avoiding groundless flight cases and useless effort and time consumption. The risk assessor consists of authorisation experts with deep regulatory knowledge. It collects all relevant information about the planned flight and conducts the risk assessment, e.g., SORA or PDRA. Then, it applies to the internal authority for an operational authorisation, similar to the NAA application. The internal authority acts as a competent authority inside the LUC organisation. It constantly supervises activities and checks if the safety requirements are met. It evaluates applications and either accepts or declines them with further clarification. Risk assessors can complete small shortages and apply again or inform back to the operational team in demanding cases. Regardless, the internal authority must be strictly independent while the operational team and the risk assessor are recommended to collaborate closely. Yet, all the three roles must be in an active communication with each other. SORA is primarily a qualitative method; it should be considered whether the internal authority requires more detailed quantitative indicators to support the approval.

4. Discussion

The objective of this paper was to figure out detailed organisational and technical requirements for obtaining and retaining a LUC for drone operations and to develop a proposal for a LUC application process. It was realised by collecting information with literature research and semi-structured expert interviews, as well as analysing and expounding these findings from different perspectives. The outcomes were utilised to obtain a better understanding of the available regulatory documents and to develop a clear application process model for the LUC. Finally, an example organisation’s UAS operations and related documentation were reviewed in a case study to test the functionality of the model. In the case study, several concrete development actions were identified. However, it was not tested with other organisations in different situations. Thus, to be further developed and fully approved, the created LUC application process model has to be tested with several aviation organisations of different sizes in different countries. Additionally, future work should also focus on other aspects outside the actual application process, including wider social matters such as cybersecurity, privacy, legal issues, and social response, which were not covered in this paper because they are not assessed in a LUC application either.
Accepting and adopting something new has always been a time-consuming and even frightening process for humankind. This is also the circumstance in the aviation industry with the current rapid increase of UAV operations. The aviation industry still has a long way to go in terms of adopting new legislation and practises for unmanned aviation. In countries with mostly small drone operator organisations, applying for an operational authorisation can be notably challenging for many operators, often requiring detailed instructions and guidance. The LUC application process model developed in this work will help aviation organisations to develop their actions and documentation. It has also been developed to encourage active discussion between different stakeholders in the aviation industry. Organisations will become aware of duties and responsibilities related to aerial operations. A better understanding of authority requirements will promote creating successful applications. As the entire domain of drone operations is still in the phase of rapid development, it is also important to actively follow the regulations as they are constantly developing and changing and to adapt the processes and documentation accordingly.

Author Contributions

Conceptualization, E.Ö., E.H. and R.T.; methodology, E.Ö., E.H. and R.T.; investigation, E.Ö.; writing—original draft preparation, E.Ö., E.H. and R.T.; writing—review and editing, E.Ö., E.H. and R.T.; visualization, E.Ö.; supervision, R.T. All authors have read and agreed to the published version of the manuscript.


This research has been conducted in the DroLo project funded by Business Finland and the participating companies.

Data Availability Statement

Not applicable.

Conflicts of Interest

The authors declare no conflict of interest. The funders had no role in the design of the study; in the collection, analyses, or interpretation of data; in the writing of the manuscript; or in the decision to publish the results.


The following abbreviations are used in this manuscript:
BVLOSBeyond visual line of sight
ConOpsConcept of operations
DSRDesign science research
EASAEuropean Aviation Safety Agency
ERPEmergency response plan
EUEuropean Union
JARUSJoint Authorities for the Rulemaking of Unmanned Systems
LUCLight UAS operator certificate
NAANational aviation authority
OMOperations manual
PDRAPre-defined risk assessment
R&DResearch and development
SAILSpecific assurance and integrity level
SMMSafety management manual
SMSSafety management system
SORASpecific operations risk assessment
STSStandard scenario
TraficomFinnish Transport and Communications Agency
UAUnmanned aircraft
UASUnmanned aircraft system
UAVUnmanned aerial vehicle
U-spaceUAS traffic management
VLOSVisual line of sight


  1. EASA. Concept of Operations for Drones—A Risk Based Approach to Regulation of Unmanned Aircraft; European Aviation Safety Agency: Cologne, Germany, 2015.
  2. Traficom. Operations in the ‘Open’ Category. Available online: (accessed on 1 July 2022).
  3. EASA. Technical Opinion: Introduction of a Regulatory Framework for the Operation of Unmanned Aircraft; European Aviation Safety Agency: Cologne, Germany, 2015.
  4. Traficom. Drone-Infotilaisuus. 2020. Available online: (accessed on 1 July 2022).
  5. EASA. The European UAS Regulation, The Specific Category. Available online: (accessed on 6 August 2022).
  6. Traficom. Operations Subject to Authorisation in the ‘Specific’ Category. Available online: (accessed on 1 July 2022).
  7. Traficom. SORA Risk Assessment. Available online: (accessed on 1 July 2022).
  8. JARUS. JARUS Guidelines on Specific Operations Risk Assessment (SORA), 2.0 ed.; Joint Authorities for Rulemaking of Unmanned Systems: 2019. Available online: (accessed on 26 September 2022).
  9. ECA. Specific Operations Risk Assessment (SORA)—ECA Position Paper; European Cockpit Association AISBL: Brussels, Belgium, 2019. [Google Scholar]
  10. EASA. Easy Access Rules for Unmanned Aircraft Systems; European Aviation Safety Agency: Cologne, Germany, 2021.
  11. EASA. I Would Like to Know about the Light UAS Operator Certificate (LUC). 2022. Available online: (accessed on 1 July 2022).
  12. Nordic Unmanned. The Importance of a Certificate—The Light UAS Operator Certificate (LUC). 2021. Available online: (accessed on 2 August 2022).
  13. sUAS News. Skyports Gets Go-Ahead to Self-Authorise Drone Operations with Light UAS Operator Certificate. 2021. Available online: (accessed on 2 August 2022).
  14. O’Brien, C. Manna Aero Gets First Certificate for Drone Delivery Service. 2021. Available online: (accessed on 2 August 2022).
  15. Dronewatch EU. Geolayer First Operator to Receive LUC Certificate in Hungary. 2021. Available online: (accessed on 2 August 2022).
  16. Schiebel. Schiebel First UAS Operator in Europe to Receive LUC from Austro Control; Schiebel Press: Wien, Vienna, 2021. [Google Scholar]
  17. CAA Norway. Application for Light UAS Operator Certificate LUC. Available online: (accessed on 2 August 2022).
  18. Öz, M. Organisational Certification Process for Specific Category Drone Operations in Finland. Master’s Thesis, Aalto Univeristy School of Electrical Engineering, Espoo, Finland, 2022. [Google Scholar]
  19. DroLo. Business from Urban Airspace. Available online: (accessed on 18 July 2022).
  20. vom Brocke, J.; Hevner, A.; Maedche, A. Introduction to Design Science Research. In Design Science Research Cases; Springer: Cham, Switzerland, 2020; pp. 1–13. ISBN 978-3-030-46780-7. [Google Scholar]
  21. Jon Hegranes. Introduction to UAS Safety Management Systems. National Business Aviation Association (NBAA). 2020. Available online: (accessed on 13 July 2022).
  22. Zoldi, D.M.K. (Ed.) Building a Drone Safety Management System: The Four Pillars. In Drone Life; 3 May 2020; Available online: (accessed on 13 July 2022).
  23. Traficom. Specific Category Operations Manual Contents. Available online: (accessed on 13 July 2022).
  24. Traficom. Applying for an Operational Authorisation for the ‘Specific’ Category. Available online: (accessed on 13 July 2022).
  25. Traficom. Prices and Fees. Available online: (accessed on 13 July 2022).
Figure 1. Four possible options for the UAS operational authorisation (derived from EASA’s summary [5]).
Figure 1. Four possible options for the UAS operational authorisation (derived from EASA’s summary [5]).
Drones 06 00278 g001
Figure 2. Proceeding of the research following the DSR model (derived from [20]). The coloured boxes are defined as follows: blue: source materials, pink: output, green: final product, and yellow: case study related material.
Figure 2. Proceeding of the research following the DSR model (derived from [20]). The coloured boxes are defined as follows: blue: source materials, pink: output, green: final product, and yellow: case study related material.
Drones 06 00278 g002
Figure 3. Modules of the OM for single, multiple and LUC operator (derived from EASA).
Figure 3. Modules of the OM for single, multiple and LUC operator (derived from EASA).
Drones 06 00278 g003
Figure 4. Proposed LUC application process model.
Figure 4. Proposed LUC application process model.
Drones 06 00278 g004
Figure 5. Division of roles in a LUC organisation.
Figure 5. Division of roles in a LUC organisation.
Drones 06 00278 g005
Table 1. Risk-based operation categories by EASA (derived from [3]).
Table 1. Risk-based operation categories by EASA (derived from [3]).
Low riskIncreased riskComparable to manned aviation
Without involvement of Aviation AuthoritySafety risk assessmentLimit between specific and certified is not yet defined
Limitations (visual line of sight, maximum altitude, distance from airport and sensitive zones)Approved by NAA; possibly supported by qualified entities unless approved operator with privilegePending criteria are defined; EASA accepts application in its present remit
Flight over populated area is possible if:Operations authorisation with operations manualTC, C of A, noise certificate, approved organisations, licenses (case of small drones)
No overflying of crowdsConcept of accredited bodyCommand and Control and Detect Avoid can receive an independent approval
Industry standards (case of toy of less than 500 g)Airworthiness of drone and competence of staff based on risk assessment
Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Share and Cite

MDPI and ACS Style

Öz, E.; Heikkilä, E.; Tiusanen, R. Development of an Organisational Certification Process for Specific Category Drone Operations. Drones 2022, 6, 278.

AMA Style

Öz E, Heikkilä E, Tiusanen R. Development of an Organisational Certification Process for Specific Category Drone Operations. Drones. 2022; 6(10):278.

Chicago/Turabian Style

Öz, Emrehan, Eetu Heikkilä, and Risto Tiusanen. 2022. "Development of an Organisational Certification Process for Specific Category Drone Operations" Drones 6, no. 10: 278.

Article Metrics

Back to TopTop