PER-004: Jessica Cooper — Airspace Manager

Andi Lamprecht ·2026-05-11· 16 min read· Draft

Draft UERQ-PLANS-61 Authority Application

“If the drone flight isn’t Law Enforcement or doesn’t have an approved waiver — it shouldn’t be there. It would be nice to wipe those off the scope and focus on an actual track of interest.”

1. Identity

2. Professional Context

Responsibilities

• Reviews and disposes the daily queue of flight authorization requests requiring manual authority decision — approving, denying, or requesting additional information.
• Monitors the live Common Operating Picture (COP) during operational hours, correlating authorized flight plans with real-time track data from the Traffic Service.
• Identifies non-conformance events (geofence breaches, altitude deviations, unauthorized vehicles) and initiates the appropriate response: operator notification, authority escalation, or emergency grounding (rescind notification).
• Exercises human judgment to override or uphold automated authorization decisions when edge cases exceed the rules engine’s coverage.
• Coordinates with county-level authorities (David Okafor’s counterparts, PER-003) during multi-jurisdiction events, emergency TFR activations, and cross-boundary compliance incidents.

Team & Reporting

• Reports to the State UAS Integration Director. Manages a shift team of 3 Tactical Controllers who share COP monitoring and manual review duties across a 12-hour operational window (6:00 AM – 6:00 PM, with on-call coverage for off-hours emergency events).
• Coordinates daily with county-level Jurisdictional Administrators (PER-003 persona) on authorization hand-offs, rule conflicts, and incident response. Works alongside 1 Traffic Data Analyst who monitors data quality, provider health, and track fusion performance.
• During emergencies, coordinates directly with law enforcement aviation units, airport tower supervisors, and fire service air operations.

Operational Environment

• Primary: Tactical Operations Center (TOC) — a dedicated facility with multi-monitor workstations (minimum three displays: COP map, authorization queue, and event/alert feed). High-bandwidth, low-latency network connection to the ATOMx platform.
• Secondary: Mobile laptop configuration for deployment to a county Emergency Operations Center (EOC) during major incidents. Requires the same operational view on a single screen.
• Does not operate from a personal mobile device; all operations require the full authority dashboard. Environmental: Climate-controlled office with controlled lighting to minimize screen glare. Noise-managed environment; critical alerts must use audible notifications that cut through ambient TOC noise.

Technical Proficiency

• Highly proficient with map-based situational awareness tools, radar/track display systems, and operational dashboards.
• Prior experience with FAA SWIM (System Wide Information Management) feeds and LAANC coordination portals. Comfortable with real-time data streaming interfaces, geographic filtering, and multi-layer map overlays.
• Not a software developer; cannot write queries, scripts, or API calls. Expects the system to surface actionable information without requiring manual data manipulation.
• Familiar with aviation terminology, airspace classification, track correlation concepts, and non-conformance assessment procedures.

Decision Authority

• Can independently approve or deny flight authorization requests within the state’s jurisdiction during manual review. Can issue a rescind notification (emergency grounding) for any active authorization within the state’s jurisdiction when an immediate safety threat is identified. [UERQ-SYS-1419]
• Can override automated rule decisions (approve a request that rules denied, or deny a request that rules approved) with documented justification.
• Cannot modify rules, jurisdiction boundaries, or delegation configurations — those are the Jurisdictional Administrator’s (PER-003) domain.
• Can suspend authorization processing for her jurisdiction for a specific date range (e.g., major public event).
• Cannot approve flights that violate active “required” category rules (per UERQ-SYS-1502: the system prevents this regardless of role).
• Must escalate to the State UAS Integration Director for: jurisdiction boundary disputes with other states, military coordination requests, and policy exceptions affecting multiple counties.

Regulatory Context

• State holds the root authority in the ATOMx tenant, with delegated authority granted to county-level jurisdictions.
• Jessica operates under the state’s UAS Integration Policy Framework, which requires documented justification for all manual overrides and rescind actions.
• Subject to state audit of authorization decisions quarterly. Must comply with FAA Part 107 operational constraints and cannot authorize operations that conflict with federal rules.
• Familiar with ASTM F3548 interoperability concepts for USS/USSP federation. Required to complete annual recurrency training on emergency airspace management and non-conformance response procedures.

3. Goals

Life Goals

• Advance to State UAS Integration Director within five years.
• Establish the state’s TOC as a model for real-time drone airspace management that other states and international authorities visit and replicate.
• Be recognized as a subject matter expert in tactical UAS conformance monitoring and non-cooperative vehicle response.

Experience Goals

• Feel confident that every blip on the COP is identified, attributed, and accounted for — no unknowns.
• Not feel overwhelmed by data volume: the system should surface “what needs my attention right now” without requiring her to scan every track manually.
• Feel that the tools support her decision speed — not slow her down with unnecessary confirmation dialogs, page loads, or context switches during time-critical events.
• Trust that when she issues a rescind notification, the operator receives it immediately and the system records every detail for the audit trail.

End Goals

• Review and dispose of all manual authorization requests in the queue within the jurisdiction SLA (4 business hours during office hours). [UERQ-SYS-1413]
• Identify a non-conformance event (geofence breach, altitude deviation, unauthorized track) and assess its severity within 30 seconds of the alert appearing on the COP. [UERQ-SYS-1838, UERQ-SYS-1841]
• Issue a rescind notification to an operator and confirm delivery within 60 seconds of the decision to rescind. [UERQ-SYS-1419, UERQ-SYS-1474]
• Correlate every active track on the COP with a valid, activated authorization — and immediately flag any track that has no matching authorization (non-cooperative/unidentified vehicle). [UERQ-SYS-1411, UERQ-SYS-1641]
• Generate a shift-end compliance summary showing all events, decisions, and overrides for handoff to the next shift team within 5 minutes.

4. Frustrations & Pain Points

Current Pain Points

• Data overload: too many tracks on the COP display without clear visual differentiation between authorized, pending, non-conforming, and unidentified traffic. Every blip looks the same, forcing Jessica to click on each one to determine its status.
• No integrated view linking the authorization queue to the live COP: she must switch between the manual review interface and the traffic map, losing situational awareness when she shifts context to approve a request.
• Non-conformance alerts arrive as undifferentiated notifications — a minor altitude deviation generates the same visual and audible alert as a complete geofence breach or an unidentified vehicle entering restricted airspace. Alert fatigue is a constant risk. [UERQ-SYS-1840]
• No way to quickly verify whether a track on the COP corresponds to an authorized flight without manually cross-referencing the authorization ID, operator identity, and operational volume. Current tools provide track data and authorization data in separate systems that do not cross-link.
• During multi-jurisdiction events, Jessica cannot see what neighboring authorities are doing in real time. She discovers conflicting actions (e.g., two authorities both responding to the same incident) through phone calls, not through the system.
• Manual authorization review queue has no prioritization: time-sensitive emergency services requests sit alongside routine commercial requests with no differentiation.

Workarounds

• Maintains a personal whiteboard listing all currently active authorizations by call sign and authorized volume, updated manually at the start of each shift, because the COP does not overlay authorization boundaries on the traffic map.
• Uses a separate messaging app (Signal group) with county counterparts for real-time coordination during incidents, because the authority dashboard has no inter-authority communication or shared status capability.
• Has created a personal severity classification spreadsheet to triage alerts, because the system does not differentiate event severity. [UERQ-SYS-1840 addresses this gap.]
• Records all rescind decisions on a paper log form (duplicate of the digital record) as a personal backup, because she does not trust the system’s audit trail completeness for post-incident investigation.

Unmet Needs

• A unified COP view that overlays authorized operational volumes on the live traffic map, with each track color-coded by conformance status: authorized-conforming, authorized-non-conforming, authorized-missing-track, and unidentified/non-cooperative.
• Intelligent, severity-tiered alerting that prioritizes critical safety events (geofence breach, unidentified vehicle in restricted airspace) over routine operational events (flight activation, normal flight termination). [UERQ-SYS-1840]
• One-click drill-down from any track on the COP to its linked authorization details: operator identity, authorized volume, conditions, remaining time, and conformance history.
• A shared situational awareness layer for multi-authority events: ability to see which authorities are actively responding to an incident, what actions they have taken, and whether a blanket denial or rescind has been issued by another authority for the same airspace.
• Real-time track-to-authorization correlation performed automatically by the system, with immediate flagging of unmatched tracks. [UERQ-SYS-1411, UERQ-SYS-1641]

5. Safety & Operational Context

Safety-Critical Decisions

• Issuing a rescind notification (emergency grounding). Jessica decides to revoke an active authorization when she observes a safety-critical non-conformance (e.g., aircraft operating outside its authorized volume near a manned aircraft corridor). An incorrect rescind disrupts a legitimate operation; a missed or delayed rescind leaves a hazardous condition unaddressed. [UERQ-SYS-1419, UERQ-SYS-1474]
• Assessing non-conformance severity. When the system alerts a geofence breach or altitude deviation, Jessica must rapidly determine whether the deviation is a transient GPS error, a minor excursion that is self-correcting, or a genuine loss-of-control event requiring immediate response. The system must provide the data to support this assessment (position, velocity, deviation magnitude, trend). [UERQ-SYS-1838, UERQ-SYS-1839]
• Identifying and responding to non-cooperative/unidentified vehicles. A track on the COP with no matching authorization may be a data correlation failure, a hobbyist not in the system, or a genuinely hostile actor. Jessica’s response escalation — from monitoring to operator contact to law enforcement notification — depends on correct assessment. [UERQ-SYS-1411, UERQ-SYS-1641]
• Overriding an automated rule decision during manual review. When automated rules deny a request that Jessica believes should be approved (e.g., emergency services operating under unusual conditions), her override must be correct: a wrongful override grants access to restricted airspace. [UERQ-SYS-1502, UERQ-SYS-1615]
• Approving manual review requests in contested or sensitive airspace. During high-tempo operations (multiple simultaneous flights near critical infrastructure), each approval decision affects the density and complexity of the COP. Approving too many concurrent flights in a small area degrades her ability to monitor conformance.
• Approving or denying manual review requests. A wrongful denial blocks a time-sensitive public safety operation; a wrongful approval grants access to restricted airspace. [UERQ-SYS-1413]

Time Pressure

Information Needs During Stress

Failure Tolerance

• Traffic Service degradation (stale or missing track data): If the Traffic Service enters degraded mode [UERQ-SYS-1680], Jessica needs an immediate, unmissable indication that the COP is operating on incomplete data. A COP that displays stale positions without warning is worse than a COP that shows “data unavailable,” because Jessica may make rescind or clearance decisions based on positions that no longer reflect reality. The staleness indicator [UERQ-SYS-1813(e)] on each track is essential.
• Fusion pipeline failure: If the fusion pipeline fails completely [UERQ-SYS-1805], the COP must clearly indicate that track data is unavailable. Jessica falls back to direct communication with county authorities and airport towers via phone/radio. The system must not display a partial COP that could be mistaken for a complete picture. [UERQ-SYS-1806]
• FAS degradation: If the FAS enters degraded mode and cannot process new authorization requests [UERQ-SYS-1515], Jessica needs to know that existing active authorizations are preserved [UERQ-SYS-1500] and that no new approvals are being issued. Her manual review queue will freeze; she needs clear indication of this state.
• Loss of connectivity between TOC and ATOMx: Jessica must fall back to direct communication with field teams and county counterparts. The system should cache the last known COP state locally with a prominent timestamp. Session recovery upon reconnection must be fast — she cannot afford a full reload and re-authentication during an active incident.

Consequence of Error

Training & Certification

• No FAA pilot certificate required (Jessica is not an operator).
• State requires completion of ATOMx Authority Tactical Operations certification course (80 hours) before independent COP monitoring.
• Annual recurrency training on: emergency airspace management, non-conformance response procedures, rescind notification protocols, and multi-agency coordination.
• Quarterly tabletop exercises simulating non-cooperative vehicle incursions and multi-jurisdiction emergency response.
• Familiar with aviation terminology, airspace classification, radar/track display conventions, ATC coordination procedures, and ASTM F3411-22a Remote ID concepts.
• Expects the system to use standard aviation display conventions (track symbology, altitude readouts, velocity vectors) and to provide contextual help for ATOMx-specific concepts (conformance monitoring, trust scores, authorization lifecycle states).

6. Key Scenarios

Scenarios are documented as individual pages under the Key Scenarios section.

7. System Interaction Profile

Session Pattern

Data Volume

• Monitors 20–60 concurrent active flights across the state during peak hours.
• Authorization queue receives 20–40 manual review requests per day across all county jurisdictions.
• Needs access to 7 days of track replay data for incident investigation. [UERQ-SYS-1653, UERQ-SYS-1830]
• Consumes real-time fused track updates at 1 Hz per active track. [UERQ-SYS-1817]
• Manages event notifications across 8 operational event types. [UERQ-SYS-1838]
• Requires track data from multiple providers (5+ concurrent data sources). [UERQ-SYS-1640, UERQ-SYS-1642]

Notification Needs

Collaboration Needs

• Needs shared situational awareness with county-level Jurisdictional Administrators (PER-003) during multi-jurisdiction events — preferably through cross-jurisdiction view [UERQ-SYS-1591], currently supplemented by phone/messaging.
• Needs to delegate individual manual review items to Tactical Controllers on the shift team and track their decisions.
• Needs to escalate unresolvable cross-jurisdiction conflicts to the State UAS Integration Director.
• Needs to share COP event data with law enforcement and airport authorities during non-cooperative vehicle incidents — currently via phone/email, ideally through webhook integration to external systems. [UERQ-SYS-1665, UERQ-SYS-1842(b)]
• Does NOT interact with operators directly through the system: denial reasons are concealed per UERQ-SYS-1509. Rescind notifications are system-generated; Jessica does not compose the message content.

8. Traceability

9. Revision History