Declaration Letter of Software Security Requirements

FCC ID: 2ADZC-HLWH005

Cover Letter(s)

Download: PDF
FCCID_3012634

Hollyland Technology Co., Ltd Federal Communication Commission Equipment Authorization Division, Application Processing Branch 7435 Oakland Mills Road Columbia, MD21048 <2016-3-24> Attn: Office of Engineering and Technology Subject: Attestation Letter regarding UNII devices FCC ID: 2ADZC-HLWH005 Software security questions and answers per KDB 594280 D02: Software Security description – General Description 1 Describe how any software/firmware update will We do not release the firmware on be obtained, downloaded, and installed. Software our website for downloading. We that is accessed through manufacturer’s website design and manufacture the device or device’s management system, must describe and end product by ourselves and the different levels of security. the firmware from us will not be released to any external customer or manufacturers and it will be made available via secure server. 2 Describe all the radio frequency parameters that Radio frequency parameters are are modified by any software/firmware without limited by US regulatory domain any hardware changes. Are these parameters in and country code to limit frequency some way limited, such that, it will not exceed and transmit power levels. These the authorized parameters? limits are stored in non-volatile memory at the time of production. They will not exceed the authorized values. 3 Describe in detail the authentication protocols The firmware is installed on each that are in place to ensure that the source of the single device during manufacturing software/firmware is legitimate. Describe in process. The correct firmware is detail how the software is protected against also verified and installed during modification manufacturing process. In addition, the firmware binary is encrypted using SHA-1 encryption and the firmware updates can only be stored in non-volatile memory when the firmware is authenticated. The encryption key is known by ourselves only. 4 Describe in detail the verification protocols in The firmware binary is encrypted.

Hollyland Technology Co., Ltd place to ensure that installed software/firmware is The process to flash a new firmware legitimate is using a secret key to decrypt the firmware, only correct decrypted firmware is stored in non-volatile memory (see #3). 5 Describe in detail the verification protocols in Standard SHA-1 encryption is used place to ensure that installed software/firmware is (see #3). legitimate 6 For a device that can be configured as a master The device ensures the compliance and client (with active or passive scanning), by checking the configured explain how the device ensures compliance for parameter and operation values each mode? In particular if the device acts as according to the regulatory domain master in some band of operation and client in and country code in each band. another; how is compliance ensured in each band of operation? Software Security description – Third-Party Access Control 1 Explain if any third parties have the capability to No, third parties don’t have the operate a US sold device on any other regulatory capability to access and change domain, frequencies, or in any manner that is in radio parameters. US sold devices violation of the certification. are factory configured to US. 2 Describe, if the device permits third-party The embedded software is protected software or firmware installation, what via the measures explained in the mechanisms are provided by the manufacturer to previous section(see #3). permit integration of such functions while Distributions of host operating ensuring that the RF parameters of the device software are encrypted with a key. cannot be operated outside its authorization for operation in the U.S. In the description include what controls and/or agreements are in place with providers of third-party functionality to ensure the devices’ underlying RF parameters are unchanged and how the manufacturer verifies the functionality. 3 For Certified Transmitter modular devices, The device is not available for sale describe how the module grantee ensures that or installation outside of company host manufacturers fully comply with these licensing agreements. And the software security requirements for U-NII devices. device don't provide host control If the module is controlled through driver hardware or software interface to software loaded in the host, describe how the users, so that its internal RF drivers are controlled and managed such that the parameters cannot be modified by modular transmitter RF parameters are not outside the grant of authorization. modified outside the grant of authorization. Software Security description – USER CONFIGURATION GUID 1 Describe the user configurations permitted There is no user configuration GUI. through the UI. If different levels of access are

Hollyland Technology Co., Ltd permitted for professional installers, system integrators or end-users, describe the differences. a. What parameters are viewable and There is no user configuration GUI. configurable by different parties? b. What parameters are accessible or modifiable This device is not subject to to the professional installer? professional installation. And we i. Are the parameters in some way limited, don't open any parameters to the so that the installers will not enter installer. parameters that exceed those authorized? ii. What controls exist that the user cannot operate the device outside its authorization in the U.S.? c. What configuration options are available to The end user is not able to the end-user? configure any parameters related to the devices radio, because the device don't provide host control i. Are the parameters in some way limited, hardware or software interface to so that the installers will not enter users parameters that exceed those authorized? ii. What controls exist that the user can’t operate the device outside its authorization in the U.S.? d. Is the country code factory set? Can it be The country code is factory set and changed in the UI? is never changed by UI. The country code is factory set and i. If so, what controls exist to ensure that is never changed by UI the device can only operate within its authorization in the U.S.? e. What are the default parameters when the At each boot up the country code device is restarted? and power calibration value are read from the non-volatile memory; those values are configured during device production. 2 Can the radio be configured in bridge or mesh Not supported mode? If yes, an attestation may be required. Further information is available in KDB Publication 905462 D02. 3 For a device that can be configured as a master No end user controls or user and client (with active or passive scanning), if interface operation to change this is user configurable, describe what controls master/client operation. The device

Hollyland Technology Co., Ltd exist, within the UI, to ensure compliance for is a master and cannot be each mode. If the device acts as a master in some configured as a client because of the bands and client in others, how is this configured hardware to ensure compliance? 4 For a device that can be configured as different The product was controlled by types of access points, such as point-to-point or software to ensure that the point to point-to-multipoint, and use different types of point or point-to-multipoint antennas, describe what controls exist to ensure network architecture is under the compliance with applicable limits and the proper same output power level and antenna is used for each mode of operation. See conform corresponding limit. Section 15.407(a). The product use RP - SMA male joint external antenna to ensure that users can not replace antenna. Sincerely (signature) Name and Title: Vincent Ma/ Sales Director Company Name: Shenzhen Hollyland Technology Co.,Ltd Address: 6th Floor, 3rd Building, 2nd South District, Honghualing Industry Park, Liuxian Avenue 1213, Xili Town, Nanshan, Shenzhen, P.R China E-mail: vincent.ma@hollyland-tech.com Telephone: +86-755-86000682 Fax: +86-755-83940008


Document Created: 2016-05-31 17:23:42
Document Modified: 2016-05-31 17:23:42
© 2025 FCC.report
This site is not affiliated with or endorsed by the FCC