As aviation faces rapid technological transformation and increasing environmental and security expectations, remaining compliant with evolving regulations has become one of the sector’s most pressing challenges. For air navigation service providers (ANSPs), manufacturers, and other aviation stakeholders, ensuring regulatory alignment while fostering innovation and operational efficiency is a delicate balance—one that Egis supports through deep expertise and practical, systems-driven methodologies.
The evolving context of European aviation
Today’s aviation environment is shaped by two overarching goals: maintaining the highest safety standards while enhancing efficiency, and aligning operations with sustainability targets and military-civil coordination requirements. To achieve this, aviation must embrace new transport modes such as drones, make better use of airspace with solutions like high-altitude operations and Free Route Airspace, and deploy digital systems that improve information sharing, maintenance, and operational oversight.
These changes require a regulatory framework that is both flexible and robust—one that permits the integration of innovation while safeguarding aviation’s core value: safety. At the same time, the growing reliance on interconnected digital architectures introduces new layers of risk, particularly in cybersecurity, and challenges traditional certification models, especially with the rise of Artificial Intelligence.
The EU regulation strategy: harmonisation and simplification
To address these challenges, a dedicated strategy has been defined at the European level, built around two key principles: harmonisation and simplification.
Harmonisation involves aligning both practices and products across Europe to facilitate the sharing of data, resources, and feedback. This harmonisation extends across multiple levels. For authorities, for example, the European Union Aviation Safety Agency (EASA) has seen its role expanded. At the production level, new rules have been introduced for manufacturers, and when it comes to services, service providers are now subject to updated procedures. In the future, harmonisation may even extend to ATCO (Air Traffic Control Officer) licensing.
On the systems and equipment side, harmonisation is being achieved through a unified set of technical requirements aimed at ensuring uniformity across the continent. This is supported by the introduction of a single certificate, which allows products to be mutually recognised by different service providers throughout Europe.
Simplification is the second pillar of this strategy. It aims to make regulatory texts easier to understand by consolidating them based on the stakeholders they concern. For example:
- Regulation 2017/373 focuses on the certification of ANSPs and their competent authorities.
- Regulation 2023/1769 addresses the approval process for manufacturers through the Designated Production Organisation (DPO) framework.
- Regulation 2023/1768 pertains to ground and space-based ATM equipment (CAGE).
- Regulation 2023/1770 concerns SES airspace usage, targeting aircraft operators and future requirements for onboard equipment.
- Regulation 2023/1772 introduces common rules of the air and new requirements related to flight plans and the Network Manager.
- Regulations 2021/664, 665, and 666 establish the framework for U-space, covering airspace, services, and service providers.
Through these efforts at harmonisation and simplification, Europe is creating a more integrated, efficient, and clear regulatory environment for all aviation stakeholders.
What lies ahead: key regulatory milestones
The period leading up to 2028 will be marked by the implementation of three major regulatory shifts.
1. SES2+ Regulation and Common Project 1 (CP1)
CP1 mandates the deployment of six mature ATM functionalities across Europe by 2027, in line with the SESAR Master Plan.
2. DPO and CAGE regulations
These introduce new certification processes for organisations that design or produce ATM/CNS systems and for the equipment itself. By 2028, all ground and space-based equipment must meet these standards, and providers must adjust their strategies and certificates accordingly.
3. Part-IS
This regulation integrates cybersecurity into regulatory requirements by 2026, promoting joint safety-security assessments to support a more holistic approach to risk management.
Organisational impacts: more than compliance
These new regulations impact organisations in several key areas.
Certification requirements
Beyond existing certificates for Aviation Services (2017/373) and U-Space providers (2021/666), entities producing ATM/ANS ground and space-based equipment now require a new certification. This compels air service providers to revise their product strategies as integrators or Designated Production Organisations (DPOs), which involves extra costs and certification tasks.
Project roadmaps
These regulations add constraints to project roadmaps, mandating compliance with CP1 and the European ATM Master Plan (by 2027), and CAGE requirements for ground-based equipment (by 2028).
Internal processes and engineering methods
Internal procedures and system engineering methods are also affected. Regulation 2017/373 now incorporates CAGE rules, introducing new deployment and compliance procedures for ANSPs, production and design standards for DPOs, and a combined safety-security approach to address the impact of security events on safety.
Regulatory monitoring
Frequent updates require an ongoing regulatory watch, rapid impact analysis and proactive planning, often requiring additional staff or dedicated teams to maintain continuous compliance.
A strategic tool: Model-Based Systems Engineering (MBSE)
To manage this growing complexity, Egis recommends adopting a Model-Based Systems Engineering (MBSE) approach. MBSE enables the development of system architectures that incorporate regulatory requirements from the start, maintaining traceability between those requirements and specific engineering elements such as specifications, use cases, or safety cases.
Egis is supporting DSNA, the French air navigation service provider, with deploying an MBSE strategy for its technical division (DTI). Regulatory frameworks are modelled as requirements, time-stamped to reflect future deployment milestones, and linked to relevant system elements. Compliance is demonstrated through this model, and ongoing changes in regulations can be rapidly assessed for impact.
DSNA is also implementing EUROCONTROL’s CARMA tool to manage compliance at the operational level. Although full integration between MBSE models and CARMA is still under development, data exchange mechanisms are already in place.
Sharing best practices across Europe
MBSE is not the only tool in the toolkit. Other work will be needed to prepare for this new regulatory era. That’s why we have supported clients such as DSNA, Météo France, SKEYES, Skyguide, ANA Luxembourg, and Innov’ATM in a range of activities, including:
- Defining applicable requirements for new system specifications
- Preparing for CP1 compliance, particularly for SWIM infrastructure and services to be deployed by the end of 2025
- Conducting pre-audits of 2017/373 or CAGE compliance status
- Reverse engineering of equipment requirements documentation to ensure compliance
- Designing CNS/ATM architecture
- Supporting the definition of safety study processes as part of the USSP (2021/664) certification.
Targeted support
While the new regulatory landscape poses significant challenges for ANSPs, it also offers opportunities. With tailored strategies and the right support, the ATM industry can embrace regulatory adaptation as a driver of innovation and a strategic advantage to stay ahead of the curve.
Egis offers end-to-end support to organisations navigating this new regulatory environment. Our services include strategic guidance on certification options and product development roadmaps, assistance with drafting system specifications aligned with regulatory requirements, and expert support during compliance evaluations and audits.
We also help organisations implement MBSE frameworks, enabling structured traceability and effective change management. In addition, we provide a cross-sectional view of best practices adopted by other ANSPs across Europe, helping clients benchmark and refine their approaches.
