Electronic Signatures — Part FOUR of FOUR - How Electronic Signatures Fit In
This is the final segment in a four-part series on the topic of electronic signatures. This month, we will discuss where the use of electronic signatures will be helpful and where they could create more problems than solutions.
First, I need to set the stage with a brief recap of what we previously covered on the topic of electronic signatures. I encourage you to go back and read through the previous three articles if you haven’t read them already. This article will make much more sense if you do.
The core purpose of AC 120-78
The purpose of AC 120-78, evidenced by its own purpose statement, is clearly to provide guidance on the incorporation of electronic signatures and suggest that the use of electronic signatures will support the use of more elaborate and “complete” electronic record-keeping systems and electronic air agency required manuals moving forward. Here is a recap of the AC’s purpose, using excerpts from the AC itself,
... When electronic signaturesare used and accepted, electronic record keeping and document transfer will also be encouraged ...
... OMB Circular A-130 ... directs the FAA and other government agencies to recognize the limitations on electronic record-keeping systems due to restrictions on the use of electronic signatures... the FAA recognizes this limitation and will now permit the use of electronic signatureson certain maintenance and operational records. Owners, operators and maintenance personnel may now use complete electronic record-keeping systems because the requirement to authenticate documents with non-electronic signatureshas been eliminated ...
... electronic signatureswill encourage the use of electronic maintenance record retention and record entry requirements ...
... will also enhance communication with local Flight Standards District Offices (FSDO) or Certificate-Holding District Office (CHDO) ... will provide for the online transmission of manual revisions ... between operators and the FAA.
Using electronic signatureswill make it easier to identify a document signer (signatory).
The advisory circular (AC), although confusing in many ways, gives the industry guidance on how to obtain acceptance from the FAA on the use of electronic signatures through the issuance of a letter of authorization (LOA). An organization can make significant improvements in the area of efficiency by incorporating electronic signatures in the right places. The AC provides a vehicle to obtain authority for their use. (By the way, the FAA is currently revising the AC.)
Electronic signature = digital signature
A signature, for our purposes, is required to authenticate the individual signing the document as a person authorized to sign, and to connect to a content for which the signature is required, as in the case of aircraft maintenance records. In the world of electronic signatures, that capability requires cryptography. For that reason, an electronic signature, as referred to in AC 120-78, requires cryptography and is essentially synonymous with the term “digital signature.” The FAA surely realized that they were similar when creating the AC. Following are the definitions draw directly from the AC. Although worded differently, they bring forth essentially the same intent which is cryptographic security of the signatory as well as the content being signed.
Electronic signatures. The online equivalent of a handwritten signature. It is an electronic sound, symbol, or process attached to or logically associated with a contract or other record and executed or adopted by an individual. It electronically identifies and authenticates an individual entering, verifying or auditing computer-based records. An electronic signature combines cryptographicfunctions of digital signatures with the image of an individual’s handwritten signature or some other visible mark considered acceptable in a traditional signing process. It authenticates data with a hash algorithm and provides permanent, secure user authentication (ref AC 120-78).
Digital signature. Cryptographically-generated data that identifies a document’s signatory (signer) and certifies that the document has not been altered. Digital-signature technology is the foundation of a variety of security, electronic business and electronic commerce products. This technology is based on public/private key cryptography, digital-signature technology used in secure messaging, public key infrastructure (PKI), virtual private network (VPN), Web standards for secure transactions, and electronic digital signatures (ref AC 120-78).
The need for Certification Authority and PKI
The use of electronic/digital signatures requires the use of a certification authority and a PKI. This is essentially a database and software security system that stores and protects the information associated with each signatory and the documents being signed and provides a means for applying electronic signature and future follow-on authentication (cryptographic security). For an electronic signature system to function, there must be a third-party certification authority that provides the PKI. It is this process that must be accepted by the FAA in order to receive an LOA for the use of electronic signatures.
An important point to know is that each individual air agency seeking an LOA must seek acceptance from the FAA and receive that authority, regardless of what third-party system they are using. For instance, if I know that my neighbor is using XYZ company’s work order system, which as a certification authority with PKI provides the cryptographic security required and has successfully demonstrated for the FAA their use of the work order system and its electronic signature capabilities, I cannot just start using that work order system myself. I must also demonstrate for the FAA my use of the work order system and its electronic signature capabilities and receive my own FAA LOA.
Signature plays a role in two separate environments
There are several places where a signature is required for aircraft maintenance, most of which are to meet the requirements of Part 43.9 or Part 43.11 in one way or another. The list consists of various types of records, each found in one of two specific areas of aircraft maintenance and maintenance record keeping. Those two areas are the records of the maintenance organization and the records specific to the aircraft itself.
Maintenance organization maintenance records
1. Incoming inspection
2. Inspection guides
3. Work order systems and forms
4. Final inspections
Aircraft maintenance records
1. Aircraft logbooks
2.Major alteration and repair forms (337)
3. Aircraft flight/maintenance log
4. Minimum equipment list deferrals
5. 8130 tags
6. Maintenance-tracking task cards
How signatures fit into aircraft maintenance records processes
Understanding that an FAA-accepted electronic record-keeping system must be under the control of a system that incorporates certification authority with a PKI, clearly each individual maintenance organization can readily and successfully implement electronic signatures. Each maintenance organization is generally self-contained relative to its policies and procedures for conducting maintenance and completing the required maintenance records. Within one system, the maintenance organization could adopt and utilize a system that allows them to apply secure electronic/digital signatures to all of their required work order inspection and maintenance records. In essence, they can incorporate any system they select to meet their needs, and can have that system evaluated and accepted by the FAA — assuming it meets the FAA’s requirements contained in AC 120-78.
How would that look? Let’s say that we are a large repair station, utilizing a computerized work order management system that will act as the certification authority utilizing a PKI. Within that system, each employee will have been registered and provided a unique personal identification number (PIN) or “private key” to be used for identification purposes when signing as part of the PKI. Every place where the employee would normally place their unique initials or signature on paper, they will now be able to enter a PIN into a computer that replaces the paper and is the electronic work order. This could include all of the points of signature we talked about before — incoming inspection, work order discrepancy recording, functional tests, short (progressive work) signs, final inspections final approval and work order closing, and more, depending upon the capabilities of the system.
Once all work is completed using the system, the work order could be reviewed electronically. Each signature will have been applied as needed in the proper place and at the proper time. With cryptographic-security controls, the content of the detailed information contained in each discrepancy in the work order can be verified to be exactly the same as it was when the employee signed it.
It is obvious that a well-designed electronic work order control system with full electronic signature capabilities can be a great efficiency gain for any maintenance organization. The prospect is exciting. Can you imagine how nice it would be to have an iPad or similar wireless device in the hands of each technician so that they could document the work accomplished, pull up any instructions, and apply their signatures as they go without having to go find a computer on a high boy and log in from there? It would be within the electronic confines of that maintenance organization’s system, but still can be beneficial for the maintenance organization.
If the system includes the capability, the actual aircraft logbook entries themselves, required for approval for return to service, could also be created and signed without printing out an actual piece of paper.
This is where a separation occurs. The accepted electronic system described above is only accepted for that organization. Once the aircraft is approved for return to service and leaves the facility, just like in the old “paper-only” days, a maintenance logbook record entry and all that is required with it (8130s, FAA form 337s, etc.) must be completed and provided to the owner. Now, as a maintenance provider holding an FAA LOA to use a system such as the one described, these documents can all be created within that system if it will handle it. The documents can even be created as PDFs with some signature marking to indicate that the document was signed digitally ... but when the aircraft leaves the control of that maintenance organization and is placed back into service, the aircraft owner must be able to provide all maintenance records if requested for audit purposes, FAA ramp checks, and/or when the aircraft is for sale. Sure, the aircraft owner could simply place all of the PDFs or other electronic forms in a computer directory somewhere and make them available when needed, but some structure around those records will be necessary to stay organized, and in most cases will also need to fit into the aircraft’s existing paper documentation. Not to mention that next time maintenance is accomplished for that aircraft, it may not even be accomplished by the same organization. If not, the new maintenance organization will have a different electronic work order control system with its own certification authority and PKI, or won’t have an electronic work order control system at all and will provide logbook entries on paper with original signatures.
Since there is no over-arching electronic/digital signature system to be used by all of us equally, each individual maintenance organization will have its own, if it chooses to implement one. When an aircraft is traveling from one provider to another for maintenance, it must maintain its own maintenance records, as required by FAR 91.417.
Aside from the regulatory requirement, clear, concise and chronological aircraft maintenance log books are needed to protect aircraft value. For example, when two separate aircraft are being compared side by side for purchase, the one with the best records will be most attractive to the buyer. We all know there is significant risk to the operator in having to redo or perform more maintenance when log books simply don’t reflect the maintenance that has been accomplished in an organized and professional way.
The aircraft operator could also incorporate its own electronic signature processes and receive acceptance from the FAA in the form of an LOA to use that system if they choose. This would probably be in a case where the operator has its own maintenance organization and is utilizing an electronic work order system with the same or similar capabilities as the maintenance organization discussed earlier. In such case, the challenge remains the same. Unless that operator performs all maintenance within the confines of its accepted electronic signature system and keeps the aircraft forever, never to sell it, then the aircraft’s maintenance log book records will still have to be created and stored outside the work order system and in a format that can easily be transferred with the aircraft if and when it sells.
In summary, acceptance and implementation of work order and work flow process systems with electronic/digital signatures capability is a great idea and will have a huge positive impact on our industry over the coming years. However, based on the constraints of a heavily-regulated industry, it will be a while before an aircraft has a fully-electronic maintenance log book incorporating all of the benefits of electronic/digital signatures and cryptographic-security measures. Any aircraft could easily move to fully-electronic (PDF) viewable log books today. Several companies have been doing that years, but that sort of electronic log book (PDF copies) doesn’t require any acceptance or approval from the FAA because it doesn’t include a system for electronic/digital signatures. Also, in order to maintain aircraft value, the original paper log books should still be kept up to date and stored in a safe place to be transferred with the aircraft when it does change hands.
Thank you all for sticking with me through these four separate articles written to cover such a complicated issue. I hope the information has been helpful. Keep an eye out for the FAA’s revision to AC 120-78 in coming months. Until next month...
Joe Hertzler has more than 25 years of experience in business aviation. He has earned a reputation as an efficiency expert when it comes to aircraft maintenance and is well known for his in-depth understanding of maintenance regulations and how they affect aircraft compliance. He has helped many in dealing with critical and urgent FAA interactions and often speaks on the topic of aircraft maintenance and compliance at industry events, such as the NBAA Maintenance Managers Conference, PAMA meetings and IA renewal seminars. Hertzler also serves on the National Air Transportation Association’s (NATA) Maintenance and Systems Technology committee. Contact him at JoeHertzler@gmail.com.