SORA - Risk assessment for the specific category

The risk assessment for specific operations is commonly referred to as SORA. On this page, you can learn more about the SORA application process.

What is SORA?

The risk assessment is based on:

  • ConOps (Concept of Operations): A detailed description of the planned operation.
  • Risk assessment for people on the ground.
  • Risk assessment for other air traffic.
  • Technical review of the drone and documentation proving that you have the theoretical and practical skills required for the type of operation you intend to perform.

Below we have compiled a 10-step overview to help you understand the 10 stages of the risk assessment which is required for a SORA.

 

The Application Process:

Remember processing times – plan your operations accordingly

It may take between 4 to 12 months to obtain an operating permit, depending on the complexity of your drone operation. Therefore, you should plan your drone operation based on this time frame.

The process from submitting your application to obtaining an operating permit:

The expected process for the handling of your application, in a straightforward case, is as follows:

  • Approximately 3 weeks after the Danish Transport, Construction and Housing Authority (Trafikstyrelsen) has registered your application in our system, you will be contacted by a caseworker who will be assigned to your case.
  • When the caseworker first contacts you, they will inform you about the process, expectations regarding the handling time, and when you can expect the first feedback on your application.
  • After the first review of your application, you will receive feedback from your caseworker. During this first review, there may be several comments regarding adjustments, questions for clarification, and similar matters that you will need to address and respond to.
  • You should be prepared for the possibility that multiple reviews of your application may be necessary, where adjustments must be made before it meets the requirements. You will, therefore, have an ongoing dialogue with your caseworker about the application.

SORA's 10 Steps

SORA's 10 steps form a methodology to assess the risks associated with a drone operation. The methodology includes 10 steps, each with specific safety requirements that must be fulfilled before authorization can be granted. Below is a brief overview of the 10 steps, with references to EASA's Easy Access Rules for complete information on the methodology.

Step 1: Describe the Concept of Operations (ConOps)

Provide a detailed description of the Concept of Operations (ConOps) for the specific drone operation. This section should include relevant technical and operational information, system details, and an example map or illustration of the operational area.

Refer to Annex A to AMC1 of Regulation (EU) 2019/947, Article 11.

Step 2: Determine the initial ground risk

Identify the initial ground risk classification (intrinsic GRC) related to the operation. This involves assessing the likelihood of harm to people on the ground in case of a drone crash and the potential damage caused.

Key factors to evaluate this include:

  • The drone’s maximum dimensions (e.g., wingspan for fixed-wing drones or the distance between propeller tips for multirotor drones).
  • The kinetic energy released during a crash.
  • The type of operational area (e.g., controlled area with no people, sparsely populated, or densely populated).
  • Define the operational area with a buffer zone equal to the altitude (1:1 rule).

Step 3: Determine the final ground risk

After identifying the initial ground risk, assess the final ground risk (final GRC) by implementing mitigation measures:

  • M1 - Strategic mitigations: Evaluate the density of people at the location (e.g., flying at night to minimize human presence).
  • M2 - Systems: Use systems to reduce crash impact, such as a parachute.
  • M3 - Emergency Response Plan (ERP): Develop a clear plan to address incidents.

Refer to Easy Access Rules Annex B to AMC1.

Step 4: Assess the Initial air risk

Determine the initial air risk classification (ARC) by evaluating the likelihood of collisions with other air traffic in the operational airspace.

Airspace is categorized into ARC-a to ARC-d, with ARC-a being the lowest risk (remote areas) and ARC-d being the highest risk (near airports or heliports).

 

Refer to AMC/GM-material at Easy Access Rules, section 2.4 The air risk process for guidance.

 

Step 5: Determine the Final Air Risk

If appropriate, argue for a lower air risk classification (residual ARC) based on specific strategic conditions. For example, operations near a temporarily closed airport may warrant a lower risk classification.

 

Refer to AMC/GM-material at Easy Access Rules, section 2.4 The air risk process for detailed instructions.

 

Step 6: Define Tactical Mitigation Performance Requirements (TMPR)

 

At this step you need to evaluate tactical mitigation measures regarding other air traffic. These are referred to as Tactical Mitigation Performance Requirements (TMPR). This means that, while in previous steps you assessed how to minimize risk during planning prior to the drone flight, in this step, you must evaluate what you can do to avoid collisions with manned air traffic during the operation itself.

If you are flying the drone within visual line of sight (VLOS), no additional tactical mitigation measures are required, as VLOS flying inherently ensures safety—provided you always yield to other air traffic.

The Tactical Mitigation Performance Requirements (TMPR) are categorized as follows:

  • No TMPR requirements: VLOS
  • No TMPR requirements: Flights in restricted areas or atypical airspace (ARC-a)

At present, the Danish Civil Aviation and Railway Authority only grants approvals for flights without TMPR requirements. This means that if you intend to fly beyond visual line of sight (BVLOS) or above 120 meters, the authority requires the establishment of a restricted airspace.

If it becomes possible to demonstrate awareness of all airspace users, approvals may be granted under the following TMPR requirements:

  • Low TMPR requirements: ARC-b: You must account for 50% of airspace users, have systems capable of detecting them, and employ effective methods to avoid other air traffic.
  • Medium TMPR requirements: ARC-c: You must account for 90% of airspace users, have systems capable of detecting them, and employ effective methods to avoid other air traffic. The requirements for systems and methods are stricter than those under low TMPR.
  • High TMPR requirements: ARC-d: You must have certified Detect & Avoid equipment that meets RTCA SC-228 or EUROCAE WG-105 MOPS/MASPS standards.

 

Refer to the AMC/GM-material at Easy Access Rules, and section 2.4.4 Step #6 — TMPR and robustness levels, for details on Tactical Mitigation Performance Requirements.

 

Refer to Annex D to AMC1 for Article 11 in the AMC/GM-material for the requirements you need to fulfill to implement Tactical Mitigation Performance Requirements.

 

 

Step 7: Determine the SAIL level

Using the final ground risk (GRC) and final air risk classification (ARC),  the operation’s Specific Assurance and Integrity Level (SAIL) shall be determined at this step. SAIL defines the procedural requirements and evidence needed to demonstrate operational safety. In the lowest SAIL categories, you must substantiate your procedures with declarations or tests that you have simulated/done in practice, whereas in the highest SAIL categories, an independent third party is required to verify the procedures.

 

Refer to AMC/GM-material at Easy Access Rules, section 2.5 Final assignment of specific assurance and integrity level (SAIL) and OSO and Annex D to AMC1, Article 11.

 

Step 8: Identify Operational Safety Objectives (OSO)

Once you have determined the SAIL level, you will be able to identify and explain the operation's safety objectives (OSOs).

The higher the SAIL level, the greater the requirements for the OSOs. This means that the higher the SAIL level, the more detailed your procedures and documentation must be. At the highest SAIL levels, you may even be required to have procedures and tests verified by a third party or the Danish Civil Aviation and Railway Authority.

An OSO is divided into an integrity part and an assurance part. The integrity part is reserved for your comments on how the requirements have been met. The assurance part is reserved for references to where in the ConOps, operations manual, or annexes the procedures and tests can be found.

The total of 24 OSOs are applied to a greater extent as the SAIL level increases. The focus required on the integrity and safety of the various OSOs falls into the following categories:

  • Optional: It is optional to complete the OSO.
  • Low: Typically, you are only required to declare that you have procedures or conducted tests. However, there may be OSOs in the Low category that require you to submit documentation.
  • Medium: The requirements for documentation of which procedures and tests you have conducted are more extensive.
  • High: The requirements for OSOs in the High category are further tightened. Here, procedures, tests, etc., must be verified by a third party or the Danish Civil Aviation and Railway Authority.

 

Read about the integrity and safety levels for the OSOs in Annex E to AMC1 for Article 11.

 

Step 9: Assess adjacent airspace risks

Assess the risk of the drone performing a fly-away and entering adjacent airspace, where it could cause a collision with manned air traffic.

If you wish to address the enhanced containment requirement using MOC Light-UAS.2511, we recommend using the declaration developed by EASA to document compliance with the requirements. You can find the declaration on this page.

Step 10: Compile the safety portfolio

Create a comprehensive safety portfolio summarizing:

  • How ground and airspace risks have been mitigated.
  • Compliance with tactical mitigation performance requirements (TMPR).
  • Fulfillment of the operation’s safety objectives (OSO).
  • This portfolio will form the core of your application for operational authorization.

Operations Manual and ConOps

Most applicants for a flight based on a SORA choose to submit an operations manual and a Concept of Operations (ConOps).

The operations manual outlines the general structure of their organization and overall procedures for drone operations, while the ConOps describes specific procedures, operational areas, and other details unique to the specific operation for which approval is being sought.

In the SORA model itself, the operations manual and ConOps are combined, but we accept their separation into an operations manual and a ConOps. This separation can make it easier for drone operators to manage general procedures applicable to multiple or all operations, as well as operation-specific procedures for the type of operation being assessed in the SORA.

You can read more about what a ConOps (and an operations manual) should include in Step #1 of the SORA process above.

Training requirements

At present, there is no specific drone certificate for remote pilots operating under a SORA. However, it is mandatory for remote pilots to hold at least an A2 drone competence certificate.

Although there is no specific certificate, drone operators must ensure that all remote pilots are trained according to the requirements for the type of drone operation you are applying for under the SORA. As part of the SORA development process, you will be asked to explain how you ensure your remote pilots receive adequate training. How this training is provided is up to you. You may choose to collaborate with a drone training provider or train them independently. In either case, a training plan and proof that each remote pilot can demonstrate knowledge of drone operations must be provided.

It is advisable for remote pilots in the specific category to be trained in both theory and practice on the following topics:

  • Aviation regulations
  • Human limitations
  • Operational procedures
  • Technical and operational mitigations for ground risk
  • General drone knowledge
  • Meteorology
  • Drone flight performance
  • Technical and operational mitigations for airspace risk

Fill out the EASA application form

Operations in the specific category requiring approval from the Danish Civil Aviation and Railway Authority (Trafikstyrelsen) shall be supplemented with a completed EASA application form. The purpose of the form is to briefly summarize the scope of your drone operation, the size of your drone, and the area and airspace where the operation will take place.

In addition to helping us understand your drone operation, the form can also guide you in determining the type of risk assessment required and the necessary preparations.

Find the EASA application form here.

Remember the processing time – plan your operations accordingly

It may take between 4 to 12 months before you receive an operational authorisation, depending on how complex your drone operation is. You should therefore plan your drone operation with this timeline in mind.

The process from submitting your application to receiving an operational authorisation:

The expected processing time for a straightforward case typically follows this process:

  • Approximately 3 weeks after the Danish Civil Aviation and Railway Authority has registered your application in our system, you will be contacted by a case officer who will be assigned to your case.
  • When the case officer contacts you for the first time, they will inform you about the process, expectations for case handling, how long it is expected to take, and when you can expect the first feedback on your application.
  • After the initial review of your application, you will receive feedback from your case officer. At this stage, there may be several comments, requests for adjustments, or questions that you must respond to and address.
  • Be prepared for the possibility that your application may require several rounds of review and revisions before it meets the necessary requirements. You will therefore have an ongoing dialogue with your case officer during the processing of your application.

Working together on the application:
The processing often stalls because applicants do not prioritise making the required corrections and sending them back to the Danish Civil Aviation and Railway Authority promptly. Fast processing of your application requires close cooperation and a continuous dialogue about expected feedback timelines.


Introductory guidance meeting

Preparing a SORA and the related documentation can be complex. Therefore, we offer an initial free kick-off meeting, where we can answer any questions you may have about the process.

However, it is important that you familiarise yourself with the SORA process in advance and send us your questions by email prior to the meeting so that we can provide qualified answers.

Before the guidance meeting, please make sure to:

  • Complete the application form for operations in the specific category, as it will help both you and us understand the type of drone operations you plan to carry out (find the form below).
  • Familiarise yourself with the 10 steps of the SORA process (read more below).
  • Describe (preferably in bullet points) what you would like to discuss at the guidance meeting.

Request a guidance meeting by sending an email to info@trafikstyrelsen.dk. Please include your company name in the subject line.

The actual application process does not begin until you submit the complete SORA. Therefore, the guidance meeting is not counted as part of the official application processing timeline.

Once you have compiled the complete material for your SORA application, it is time to submit it to us.

Here is a checklist of the documents your application should include:

  1. Application form: Complete the application form for operational approval in the specific category.
  2. Risk assessment (SORA or PDRA): The SORA must include a review of all 10 steps. It must be submitted as a single document.
  3. Operations manual (if separate): If prepared separately, include it with relevant annexes in the same document.

Submit all relevant documents as PDF or Word files attached to one or more emails to info@trafikstyrelsen.dk. Use the subject line “SORA Application – [Company Name]” in your email.

We cannot accept the following:

  • Links in your application pointing to manufacturer websites.
  • Applications submitted via shared drives (e.g., Dropbox or WeTransfer). All documents must be attached to your email(s).

The application process officially begins when your application is deemed complete and sufficient for review.

After submitting the SORA

Once your application is submitted to Trafikstyrelsen, it will be logged, and a caseworker will be assigned after an initial review during the internal  screening meeting.

The drone team holds screening meetings every 14 days to review new applications in the specific category and assign a caseworker. You will receive an email from the caseworker shortly after the screening meeting. This email will provide details on processing time and when the expected processing timeline begins.

Trafikstyrelsen will only begin evaluating your application once it is fully documented or sufficiently detailed to allow adjustments during the process.

A risk assessment like a SORA often requires revisions and adjustments to the operator’s application before approval can be granted. Trafikstyrelsen advises both service providers and drone service buyers to refrain from finalizing agreements on drone services until formal approval is obtained.

SORA 2.5

The current version of the SORA model in use is version 2.0. The SORA framework is continuously revised to reflect developments in drone technology and operations.

The next version is called SORA 2.5. EASA expects to publish the revised materials for risk assessments in the specific category during May 2025. This timeline is tentative. SORA 2.5 will, among other things, include new methods for conducting risk assessments, such as revised ground risk evaluation procedures.

For up to 6 months from the date SORA 2.5 is officially published, the Danish Civil Aviation and Railway Authority will accept applications submitted under either SORA 2.0 or SORA 2.5. However, we recommend that drone operators use SORA 2.5 as the basis for new applications from the date of publication.

We will continue to process applications submitted under SORA 2.0 as long as the case handling was initiated within the six-month transition period, even if the processing concludes after the transition deadline.

Fee

The processing of the above applications and approvals is subject to a fee as outlined in the current regulation on fees and charges issued by the Danish Civil Aviation and Railway Authority.

If you require an initial advisory meeting before submitting your risk assessment, this meeting will not be subject to a fee.

Read the current fee regulation here.

Senest opdateret 09-04-2025