The Fine Print of Part 108: BVLOS Gotchas That Could Trip Up Energy Operations

By: Nate Ernst* 

The FAA’s new Part 108 Notice of Proposed Rulemaking (NPRM) lays out a sweeping framework for Beyond Visual Line of Sight (BVLOS) operations—regulations that will shape the future of unmanned aircraft systems (UAS) in U.S. airspace. While the proposal unlocks opportunity across many industries, this article zeroes in on its impact for critical infrastructure operators responsible for power lines, pipelines, railways and more.

Now, during the NPRM comment phase, we have a rare chance to influence how these rules will function in practice. Our industry experience gives us not only insight but also responsibility to raise the red flags regulators must consider. After combing through the draft, I’ve identified the key “gotchas,” issues every infrastructure operator should evaluate, comment on and plan for. These details will determine whether Part 108 works in the real world, or sets us all back.

Declarative Compliance Approach: Trust, Liability and Standards

Requirement: According to §108.715, Declaration of Compliance (pages 687–690 of the NPRM), OEMs and manufacturers must formally declare that their aircraft designs meet FAA-recognized standards covering design, testing, noise and cybersecurity. However, the burden of that declaration falls squarely on the manufacturer: once compliance is declared, the OEM assumes full liability for standing behind it.

Opinion: On its surface, this approach is meant to streamline approvals for BVLOS drone certification and integration. But it creates what many in the industry see as a “trust but verify” dilemma. To what standard is an aircraft actually deemed compliant, and who validates this compliance? Without clear third-party assessment or consistent benchmarks, manufacturers face uncertainty, while operators are left questioning whether the declaration alone ensures airworthiness and operational safety. This ambiguity could ripple across the energy and infrastructure sectors that rely on predictable compliance frameworks for future BVLOS operations. (See my next point below on airworthiness acceptance).

Requirement: Under §§108.710–715, Declaration of Compliance (pages 685–688), manufacturers no longer need to pursue full FAA type certification to bring a UAS into service. Instead, they can seek airworthiness acceptance by filing a declaration of compliance under Subparts G and H. In this model, compliance pathways are defined not by traditional FAA certification, but by so-called consensus standards that span design elements like lighting, speed limitations and cybersecurity protections.

Opinion: On paper, this framework lowers barriers for OEMs, helping niche platforms (like specialized BVLOS inspection drones for energy and utilities) reach operators faster. But the devil is in the definition: what exactly counts as a consensus standard, and who gets to decide? By outsourcing safety validation to industry-developed standards and self-declaration, the FAA risks both inconsistency and potential bias.

The problem compounds when we ask utilities, an industry that already struggles with slow tech adoption, to rely on larger, higher-risk aircraft that may have been “certified” to standards influenced or even authored by their own OEMs. This raises serious conflict-of-interest concerns, blurs accountability lines and undermines operator confidence. Without well-defined, independently validated standards, declarations risk becoming arbitrary benchmarks that echo the old “bring me a rock” scenario where no one quite knows what’s acceptable until after the fact.

Requirement: Per §§108.500–585 (Operating Certificates and Permits), the FAA proposes a dual-structure framework for BVLOS drone operations. Lower-risk, lower-weight missions can operate under a Permit, which comes with lighter regulatory oversight. In contrast, higher-risk or larger-scale operations must obtain an Operating Certificate, which requires robust compliance systems such as Safety Management Systems (SMS), hazardous materials protocols and duty/rest programs.

Opinion: On its face, this tiered approach is logical. It streamlines approvals for low-risk missions while holding more complex operations to appropriately higher standards. Given that Part 108 allows for aircraft up to 1,320 pounds, distinguishing between permit-level and certificate-level operations feels not only reasonable but necessary.

Today, industry has demonstrated proficiency with sub-55-pound UAS operations, where risks and requirements are relatively well understood. But scaling to heavier platforms introduces an entirely different set of challenges in flight competency, risk mitigation and operational discipline. The certificate pathway ensures that only operators with the technical aptitude, organizational maturity and risk management credibility are entrusted to fly these larger, potentially riskier aircraft. Meanwhile, the permit pathway ensures we don’t overburden small-scale operators with unnecessary bureaucracy, which allows adoption at scale where risk remains minimal.

In short, the permit vs. certificate split may fragment the regulatory landscape, but it also draws a much-needed line in the sand between hobbyist-grade and heavy-lift professional operations, an essential safeguard as BVLOS expands into critical infrastructure and industrial use.

Requirement: Under §108.310 (Flight Coordinators) and §108.315 (Personnel Knowledge & Training), the FAA proposes eliminating the traditional requirement for airman certificates for BVLOS drone pilots. Instead, companies must designate an Operations Supervisor and Flight Coordinators responsible for oversight. Training obligations are defined internally by the operator—not by a universal FAA certification standard.

Opinion: This represents a major shift in compliance accountability, from individual pilots to the operator as a corporate entity. In concept, this aligns with traditional corporate aviation models, where companies bear the responsibility for ensuring operational safety. But in practice, it raises troubling questions for the standardization of safety training across the UAS industry.

By allowing operators to define their own training protocols, the FAA is essentially saying: “You can fly larger, more complex BVLOS aircraft, but it’s up to your company to decide how your train crew and coordinators.” This lack of universal FAA standards risks creating a patchwork of safety practices. Even worse, it injects cost-cutting incentives into an already race-to-the-bottom UAV services market, where OEMs and contractors compete on being the “cheaper drone solution.” If a company controls its own training bar, how many will set it at “just good enough” to stay competitive?

The comment opportunity here is clear: industry stakeholders should push the FAA to clarify at least baseline expectations for training, certification and competency validation. Without stronger safety guardrails, this corporate-centric model risks undercutting safety in pursuit of short-term cost savings, precisely at the moment when BVLOS operations are expanding into larger, riskier aircraft and critical infrastructure missions.

Requirement: Part 146, referenced throughout Part 108 (§108.190 and §108.195, plus UTM discussions in Subparts E and F, pages ~606–610), requires operators to integrate with Automated Data Service Providers (ADSPs) to enable traffic management, conformance monitoring, and airspace deconfliction. These ADSP services may be provided by third parties or built in-house, but in either case, the provider must hold an FAA certificate to participate in the ecosystem.

Opinion: For infrastructure operators conducting BVLOS operations under Part 108, ADSP integration represents both a technical and financial consideration. While this will inevitably add another cost layer, particularly if operators must rely on third-party service providers, the value outweighs the burden. A certificated ADSP framework not only ensures consistency in traffic management but also enhances overall safety, accountability and UTM interoperability. In this case, the financial impact is relatively minor compared to the operational complexity and scale of Part 108 activities. If anything, commenters could focus on ensuring the FAA maintains strict certification standards for ADSPs so the reliability of these services is never in doubt.

Requirement: The FAA re-draws right-of-way rules between drones and manned aircraft in §§108.190–195 and the proposed amendment to §91.113(h) (pages 132–135) Specifically:

• UAS would gain right-of-way over manned aircraft in most environments—except within Class B/C airspace, near airports, or when manned aircraft broadcast ADS-B.

• UAS would also gain right-of-way in defined “shielded areas” (within 50 feet of powerlines, railways, or pipelines), but only with approval from the infrastructure owner.

Opinion: This proposal is nothing short of seismic. For the first time, manned aircraft may be required to yield to drones in many operational contexts. In practice, this could dangerously complicate already high-risk crewed missions, like helicopter powerline construction, where pilots operate within inches of energized lines, often while carrying external cargo or personnel. Requiring those same pilots to monitor and yield to UAS, regardless of ADS-B broadcast status, adds an unsustainable cognitive and safety burden.

The downstream effects could be just as damaging. Manned aviation insurers will likely balk at assuming liability under a system where their pilots, not drone operators, are now responsible to avoid conflicts in shielded airspace. This will drive up premiums and potentially limit coverage for critical crewed infrastructure operations.

Finally, the provision granting infrastructure owners discretion to permit or deny UAS right-of-way raises significant governance concerns. Is it wise to delegate elements of national airspace policy to individual asset owners, each with their own commercial stakes and safety priorities? Airspace right-of-way should remain a federal regulatory decision, not a patchwork of permissions doled out by private entities.

The comment opportunity here is crucial: The FAA must revisit whether prioritizing drones over manned aircraft serves safety or instead exacerbates risks for the very infrastructure these rules are meant to protect.

Requirement: The FAA proposes a simplified approach to UAS maintenance and airworthiness throughout the Part 108 lifecycle in §§108.600–630 Maintenance & Alterations (pages 680–683). Unlike traditional aviation, operators will not need FAA-certificated A&P mechanics. Instead, maintenance will follow manufacturer-defined standards, carried out by individuals the operator deems “competent.” While records must be kept, there is no formal FAA-issued certificate or licensing requirement for maintainers.

Opinion: On the surface, this reduces barriers and offers operational efficiencies. By removing the need to rely on licensed mechanics, operators could accelerate repair-and-return-to-service cycles. This would improve fleet uptime, an attractive prospect for infrastructure missions that demand rapid deployment. But this flexibility comes at a cost: a potential erosion of standardization and safety assurance.

With competency defined internally, one company’s “qualified mechanic” may look very different from another’s. This would create wide disparities in maintenance quality. That variability raises concerns about fleet reliability, accident prevention and downstream liabilities for energy and infrastructure operators who depend on consistent safety benchmarks. In practice, this places complex, high-risk BVLOS operations on a maintenance foundation that could be anything but uniform.

Stakeholders should press the FAA to clarify baseline competency standards for Part 108 maintenance personnel. Without stronger consistency, operators run the risk of trading regulatory efficiency for unpredictable safety outcomes.

Requirement: Under §108.910 (Noise, page 400), the FAA will exercise its statutory authority to impose noise standards as part of UAS airworthiness acceptance, even though drones, unlike manned aircraft, will not undergo full type certification. These requirements embed BVLOS aircraft into the same environmental framework that governs traditional aviation.

Opinion: For communities along powerlines, rail corridors and pipelines, this development could be welcomed relief. Many of these areas already push back against helicopter noise impacts. Expanded drone use risks spark similar opposition as aircraft size and operations scale up. While utilities and oil & gas operators may not see noise as a dominant issue, community relations tied to right-of-way (ROW) access have become increasingly sensitive.

Historically, small UAS have been nearly invisible in the noise-abatement conversation, but larger, heavier BVLOS aircraft will change that dynamic. In this case, the FAA’s decision to mandate noise compliance standards for UAS feels not only appropriate but also necessary. It helps normalize drones within aviation’s broader environmental regulatory framework, while giving operators a proactive way to defuse community pushback before it becomes a barrier to access. Industry should support this portion of the rule as drafted.

Requirement: In §108.185(c) (pages 115–118), the FAA introduces five population-density categories derived from Oak Ridge National Laboratory’s LandScan USA dataset. These categories establish thresholds based on population exposure, with higher categories (3–5) requiring operators to implement additional strategic deconfliction measures.

Opinion: This move is an important step toward standardizing risk assessment for BVLOS operations. By defining population density through a consistent, publicly available dataset, the FAA gives operators a clear, measurable reference point, something long overdue in UAS regulation. While this framework will likely increase planning costs for suburban inspections, where higher density scores could trigger costlier mitigations, it also forces operators into GIS-intensive flight planning. This aligns drone operations more closely with traditional risk-based aviation approaches.

This methodology isn’t entirely new either. Population density analysis has been widely used in Public Aircraft Operations (PAO) certificates of authorization and waiver (COAs), experimental certifications and Section 44807 exemptions. Embedding it directly into Part 108 provides continuity while also raising the bar for accountability and transparency. From an industry perspective, this is a welcome development. It enhances safety credibility without imposing arbitrary or subjective thresholds. On this provision, I am in full agreement with the FAA’s direction.

Requirement: Under §108.535 and §108.875 (pages 275–276 and 393–394), operators must implement comprehensive cybersecurity policies and processes to safeguard UAS systems, networks and operations from unauthorized access or malicious interference. This includes securing both hardware and software, managing employee access protocols, proactively mitigating potential cyber-attacks and aligning with recognized benchmarks such as the NIST Cybersecurity Framework. The goal is straightforward: prevent threats like the hijacking of drones near critical assets, including power plants, pipelines and rail corridors.

Opinion: On principle, these cybersecurity requirements are a welcome advancement for critical infrastructure protection. They reflect growing federal concern over cyber vulnerabilities in aviation. They clearly draw influence from the Blue UAS initiative, which emphasized secure, vetted platforms, particularly with respect to foreign-manufactured drones. Yet, this is where legitimate ambiguity arises. Who defines the cybersecurity standard? If compliance is handled through self-declaration without third-party enforcement, operators could face the same uncertainty and compliance headaches that plagued the Blue UAS rollout. Questions remain unresolved: 

• What is the FAA’s change-management process for cybersecurity requirements? 
• How often will standards update? 
• Who ensures operator adherence in a space that evolves faster than regulation? 

Without clearer definitions, the industry risks navigating shifting compliance targets, which raise both operational uncertainty and competitive imbalance.

The need to comment on this is vital. Stakeholders should pressure the FAA to clarify not only what cybersecurity standards apply, but also who validates compliance and how changes will be governed. Without that structure, the cybersecurity framework risks looking strong on paper but weak in practice. That would leave operators exposed in precisely the missions where resilience is most critical.

Requirement: Under §108.560 (pages 283–285), any certificated operator must establish a formal Safety Management System (SMS). This framework includes risk management procedures, safety assurance monitoring and continuous improvement programs. The move directly aligns Part 108 UAS operations with the Part 135-style SMS standards already applied to airlines and charter operators. It signals the FAA’s intent to hold advanced drone operations to the same safety oversight as manned commercial aviation. (See prior AG coverage of SMS under Part 108).

Opinion: This requirement represents a major step forward in legitimizing BVLOS infrastructure operations. Strong SMS programs provide the kind of structured accountability that regulators, insurers and the public will expect as drones scale into critical infrastructure domains. Utilities and energy operators, in particular, can use SMS to demonstrate due diligence in regulatory inquiries or legal reviews to prove that their risk mitigation and safety oversight parallel traditional aviation practice.

That said, the burden of implementation will not be evenly shared. Large operators with mature compliance departments already have robust SMS platforms, or the resources to build them. But small- and mid-sized contractors, especially inspection providers working on utility projects, could find the administrative and documentation demands of SMS overwhelming. Without thoughtful guidance on scaling these programs to fit operator size and complexity, this mandate risks becoming a barrier to entry by consolidating the market in favor of large incumbents.

Still, on balance, I strongly support this provision. Standardized SMS adoption is essential if BVLOS flight is ever to be regarded on par with crewed operations. Commenters should consider not opposing SMS altogether, but requesting the FAA for tiered or scalable guidance so that safety management doesn’t become synonymous with market exclusion.

Final Thoughts: The Future of BVLOS Under Part 108

The FAA’s Part 108 rulemaking is an ambitious attempt to normalize BVLOS drone operations at scale. For critical infrastructure operators, however, its current structure introduces areas of ambiguity that could undermine safety and slow adoption. To realize the promise of UAS integration, the rule will need sharper clarity on standardization, right-of-way authority, training expectations and performance benchmarks.

Energy Utilities: Enterprise-Scale UAS on the Horizon

For energy utilities, Part 108 represents a turning point. Compliance will demand more than just new flight permissions. It will require sophisticated protocols, dedicated staff and advanced fleet management systems. While the upfront costs, particularly around SMS adoption, regulatory reporting and cybersecure platforms, will strain early budgets, the long-term return on investment (ROI) lies in reduced risk exposure and enhanced reliability. The winners in this space will be utilities that embrace enterprise-scale UAS programs that consolidate deployments, automate compliance and use data-driven safety metrics to build regulatory trust and strengthen public engagement.

Service Providers: Consolidation and Market Differentiation

For UAS service providers, the rule presents a double-edged sword. On one hand, cybersecurity, SMS and standardized compliance protocols elevate industry credibility and open doors to lucrative infrastructure contracts. On the other, the administrative and documentation burden could prove prohibitive for smaller firms. The likely result will involve market consolidation, with large players absorbing routine BVLOS inspection work, while survivors among smaller contractors differentiate themselves through specialization, compliance sophistication or advanced technology integration. Expect to see a tiered provider landscape, split between premium enterprise-capable firms and niche operators serving specialized segments.

OEMs: Compliance-Certified Platforms as a Market Advantage

For UAS manufacturers, Part 108 mandates a fundamental shift in product development. Meeting higher standards for cybersecurity, reliability and operational safety will lengthen development cycles and increase research and development (R&D) spend. Yet the payoff is clear: OEMs that deliver compliance-certified platforms will gain a premium market position that opens access to utilities and large operators seeking “plug-and-play” approval for critical missions. While legacy platforms may struggle under new requirements, those redesigned to meet the standard can command higher pricing and faster adoption, which turns regulation from a barrier into a marketing edge.

A Market Adjustment Is Coming

Industry should prepare for turbulence. The Part 107 era fostered a race-to-the-bottom pricing narrative, where “drones as the cheaper option” dominated contracts. By contrast, Part 108 compliance, justifiably more demanding, will spike costs and force an expectation reset as operators, utilities, insurers and regulators recalibrate what it truly takes to deliver safe, large-scale BVLOS operations. For some firms, this will be painful. For others, it could signal the long-awaited moment when quality, safety and compliance finally outweigh cost as the dominant value driver.

Call to Action

This NPRM presents an opportunity for industry to shape the future. Every comment submitted matters, whether from a utility risk manager, a service provider CEO, an OEM engineer or an individual citizen. Getting Part 108 wrong on the first pass could freeze UAS adoption for years. Getting it right could unlock a new era of reliability, safety and resiliency for our national infrastructure.

The opportunity, and the responsibility, is ours. Read the details. Engage with the framework. Submit your perspective. And above all, keep both the promise of innovation and the imperative of safety top of mind.

This is an exciting time for UAS in the national airspace system. Let’s make sure we build it on the right foundation.

*Nate Ernst is the AG Ambassador for Energy. His company, the Tactien Group, is an AG Vendor Partner.