We use necessary cookies to make our website work. We'd also like to use optional cookies to understand how you use it, and to help us improve it.

For more information, please read our cookie policy.

UK Civil Aviation Regulations

These are published by the CAA on our UK Regulations pages. EU Regulations and EASA Access Guides published by EASA no longer apply in the UK. Our website and publications are being reviewed to update all references. Any references to EU law and EASA Access guides should be disregarded and where applicable the equivalent UK versions referred to instead.

If you are applying for a licence to carry out commercial spaceflight and associated activities in the UK, it is important you understand the necessary security measures that may be required in relation to the physical, personnel and cyber security of space sites and operations. This includes requirements that cover facilities, equipment, spacecraft, carrier aircraft, other vehicles, payloads, cargo, supplies or other things at space sites.

Security requirements for all licence types under the Space Industry Act are explained in guidance on security matters for applicants and licensees.

Physical and Personnel Security

For a spaceport, range control or launch operator licence you must appoint a security manager – an employee of the organisation responsible for the implementation of the security programme of the spaceflight site or operation.

You will also need to submit a security programme that sets out the procedures that you will use to identify any potential security risks and rectify them. Rectification may include having to reapply security controls to any part of the operation where security may have been breached.

Additionally, all horizontal spaceports must be directed under the National Aviation Security Programme (NASP). Details of the publicly available elements of the NASP. Read the Secretary of State under the Aviation Security Act 1982 for further information on how to become a directed aerodrome.

Cyber Security

Our vision is to have a proportionate and effective approach to cyber security that enables space to manage their cyber security risks without compromising safety, security or resilience. Also, to stay up-to-date and positively influence cyber security within space to support the UK’s national security strategy.

Cyber Security Strategy under the Space Industry Regulations 2021

Under the Space Industry Regulations, all applicants are required to have a cyber security strategy for the proposed operation, based on a security risk assessment and, where required, a safety case.

The Cyber Team has published guidance for applicants and licensees. Should you require further information, please feel free to contact us at cyber@caa.co.uk and we will be able to answer any questions you may have.

Information handling

We are aware that some information relating to cyber security may be sensitive.

Before submitting sensitive cyber security information to the CAA please contact us at cyber@caa.co.uk You will receive secure Information Handling Instructions to ensure commensurate protections are established based on the sensitivity of the information in question.

Useful Links

CAA Cyber Security Certification Team

We would highly recommend joining the NCSC’s Cyber Security Information Sharing Partnership (CISP).