Declaration Letter for 5G WiFi Software Security

FCC ID: 2ACRLCTR

Cover Letter(s)

Download: PDF
FCCID_4351516

Harman Automotive Electronic Systems(Suzhou) Co., Ltd Federal Communications Commission 2019-07-10 Oakland Mills Road Columbia MD 21046 FCC ID: 2ACRLCTR Subject: Software security requirements for U-NII device. The information within this section of the Operational Description is to show compliance against the Software Security Requirements laid out within KDB 594280 D02 U-NII Device Security v01r03. General Description 1. Describe how any software/firmware update The software/firmware update is bundled, as part will be obtained, downloaded, and installed. of the device software update, and the user or Software that is accessed through manufacturer’s installer cannot modify the content. The website or device’s management system, must installation and/or update proceeds automatically describe the different levels of security. once the user accepts to install/update the software/firmware. 2. Describe all the radio frequency parameters The Software/Firmware in the device, controls that are modified by any software/firmware the following RF parameters: 1. Transmitter without any hardware changes. Are these Frequency parameters in some way limited, such that, it will 2. Transmitter Output Power not exceed the authorized parameters? 3. Receiver Frequency 4. Channel Bandwidth 5. RSSI calibration The Software/Firmware controls the RF parameters listed above so as to comply with the specific set of regulatory limits in accordance with the FCC grants issued for this device. The RF parameters are limited to comply with FCC rules and requirements during calibration of the device in the factory. Security keys (certification certificates) are in place to ensure that these parameters cannot be access by the User and/or a 3rd party. 3. Describe in detail the authentication protocols All software images are digitally signed with public that are in place to ensure that the source of the key cryptography. Images are signed by private key software/firmware is legitimate. Describe in detail stored in securely merged server, and verified by how the software is protected against public key stored in a device when they are flashed modification. into the device. 4. Describe in detail the verification protocols in The same as General Description Q3 place to ensure that installed software/firmware is legitimate. 5G Wi-Fi Declaration Letter

Harman Automotive Electronic Systems(Suzhou) Co., Ltd 5. For a device that can be configured as a master This device is only a client in 5 GHz and client (with active or passive scanning), explain operation and does not operate as master. how the device ensures compliance for each mode? In particular if the device acts as master in some band of operation and client in another; how is compliance ensured in each band of operation? 3 rd Party Access Control 1. Explain if any third parties have the capability to 3rd party does not have the capability operate a U.S.-sold device on any other regulatory domain, frequencies, or in any manner that may allow the device to operate in violation of the device’s authorization if activated in the U.S. 2. Describe, if the device permits third-party 3rd party cannot access SW/FW software or firmware installation, what mechanisms are provided by the manufacturer to permit integration of such functions while ensuring that the RF parameters of the device cannot be operated outside its authorization for operation in the U.S. In the description include what controls and/or agreements are in place with providers of third-party functionality to ensure the devices’ underlying RF parameters are unchanged and how the manufacturer verifies the functionality. 3. For Certified Transmitter modular devices, Not applicable – this is not a modular device describe how the module grantee ensures that hosts manufactures fully comply with these software security requirements for U-NII devices. If the module is controlled through driver software loaded in the host, describe how the drivers are controlled and managed such that the modular transmitter parameters are not modified outside the grant of authorization. SOFTWARE CONFIGURATION DESCRIPTION 1. To whom is the UI accessible? (Professional N/A installer, end user, other.) a) What parameters are viewable to the N/A professional installer/end-user? b) What parameters are accessible or modifiable N/A to the professional installer? 5G Wi-Fi Declaration Letter

Harman Automotive Electronic Systems(Suzhou) Co., Ltd i) Are the parameters in some way limited, so that N/A the installers will not enter parameters that exceed those authorized? ii) What controls exist that the user cannot N/A operate the device outside its authorization in the U.S.? c) What configuration options are available to the N/A end-user? i) Are the parameters in some way limited, so that N/A the installers will not enter parameters that exceed those authorized? ii) What controls exist that the user cannot operate N/A the device outside its authorization in the U.S.? d) Is the country code factory set? Can it be N/A changed in the UI? i) If so, what controls exist to ensure that the N/A device can only operatewithin its authorization in the U.S.? e) What are the default parameters when the N/A device is restarted? 2. Can the radio be configured in bridge or mesh N/A mode? If yes, an attestation may be required. Further information is available in KDB Publication 905462 D02. 3. For a device that can be configured as a master N/A and client (with active or passive scanning),if this is user configurable, describe what controls exist, within the UI, to ensure compliance for each mode. If the device acts as a master in some bands and client in others, how is this configured to ensure compliance? Best Regards Name: Danie Hong Title: Project handler Company: Harman Automotive Electronic Systems(Suzhou) Co., Ltd. Address: No.125, Fangzhou Road, SIP,Suzhou, Jiangsu Province, China E-mail: Danie.Hong@harman.com TEL: 86-512-62554740 5G Wi-Fi Declaration Letter


Document Created: 2019-07-11 13:56:41
Document Modified: 2019-07-11 13:56:41
© 2024 FCC.report
This site is not affiliated with or endorsed by the FCC