SOFTWARE SECURITY REQUIREMENTS FOR U-NII DEVICES REF KDB 594280 D02 U-NII Device Security v01r03 1. Describe how any software/firmware updates for elements than can affect the devices RF parameters will be obtained, downloaded, validated and installed. For software that is accessed through manufacturers website or devices management system, describe the different levels of security as appropriate. ANS: Software/firmware will be obtained by the factory, downloaded from the ODM website, and installed by the end user. Software is accessed through Web UI when computer is connected. 2. Describe the RF parameters that are modified by any software/firmware without any hardware changes. Are these parameters in some way limited such that nay other software/firmware changes will not allow the device to exceed the authorized RF characteristics?
ANS: The RF parameters cannot be modified by software. All these parameters will not exceed the authorized parameters. The firmware has been complied as binary file. It couldn't change the setting RF parameter through this binary file. It is read-only without change 3. Describe in detail the authentication protocols that are in place to ensure that the source of the RF-related software/firmware is valid. Describe in detail how the RF-
related software is protected against modification. ANS: No any authentication protocol is used. The RF Parameters is put in read -only partition of EUT's flash and are only installed in the factory . RF parameters including frequency of operation, power setting, modulation type, antenna types or country code setting will be locked in this partition. 4. Describe in detail any encryption methods used to support the use of legitimate RF-related software/firmware. ANS: I No encryption methods used 5. For a device that can be configured as a master and client (with active or passive scanning), explain how the device ensures compliance for each mode? In particular if the device acts as master in some band of operation and client in another; how is compliance ensured in each band of operation?
ANS: This device cannot be configured as a master and client . 1. Explain if any third parties have the capability to operate a U.S.-sold device on any other regulatory domain, frequencies, or in any manner that may allow the device to operate in violation of the devices authorization if activated in the U.S. ANS: No any third parties have the capability to operate a US sold device on any other regulatory domain, frequencies, or in any manner that may allow the device to operate in violat ion of the device's authorization if activated in the U.S General Description Third-Party Access Control User Configuration Guide 2. Describe, if the device permits third-party software or firmware installation, what mechanisms are provided by the manufacturer to permit integration of such functions while ensuring that the RF parameters of the device cannot be operated outside its authorization for operation in the U.S. In the description include what controls and/ or agreements are in place with providers of third-party functionality to ensure the devices underlying RF parameters are unchanged and how the manufacturer verifies the functionality. ANS: The RF Parameters is put in read-only partition of EUT's flash and are only installed in the factory. RF parameters includ ing frequency of operation , power setting, modulation type, antenna types or country code setting will be locked in this partition 3. For Certified Transmitter modular devices, describe how the module grantee ensures that hosts manufactures fully comply with these software security requirements for U-NII devices. If the module is controlled through driversoftware loaded in the host, describe how the drivers are controlled and managed such that the modular transmitter parameters are not modified outside the grant of authorization.7 ANS: This is not a module device. 1. Describe the user configurations permitted through the UI. If different levels of access are permitted for professional installers, system integrators or end-users, describe the differences. ANS: Authorized channel, bandwidth, and modulation can be configured through the UI. There are no diffe r ent levels of access. a) What parameters are viewable and configurable by different parties?9 ANS: Authorized channel, bandwidth, and modulation . b) What parameters are accessible or modifiable by the professional installer or system integrators?
ANS: Thi s is not professional install device.
(1) Are the parameters in some way limited, so that the installers will not enter parameters that exceed those authorized?
ANS: This is not professional install device.
(2) What controls exist that the user cannot operate the device outside its authorization in the U.S.?
ANS: The RF Parameters is put in read-only partition of EUT's flash and are only installed in the factory. RF parameters including frequency of operation, power setting, modulation type, antenna types or country code setting will be locked in this partition. c) What parameters are accessible or modifiable to by the end-user?
ANS: Authorized channel, bandwidth, and modulation.
(1) Are the parameters in some way limited, so that the user or installers will not enter parameters that exceed those authorized?
ANS: This is not professional install device.
(2) What controls exist that the user cannot operate the device outside its authorization in the U.S.?
ANS: The RF Parameters is put in read-only partition of EUT's flash and are only installed in the factory . RF parameters including frequency of operation, power setting, modulation type, antenna types or country code setting will be locked in this partition. d) Is the country code factory set? Can it be changed in the UI?
ANS:no. ANS: Yes, the country code is set by factory . It cannot be changed in the UI.
(1) If it can be changed, what controls exist to ensure that the device can only operate within its authorization in the U.S.?
ANS: The country code cannot be changed in the UI. e) What are the default parameters when the device is restarted?
ANS: Factory setting. 2. Can the radio be configured in bridge or mesh mode? If yes, an attestation may be required. Further information is available in KDB Publication 905462 D02. ANS: No, this device cannot be conf igured in both bridge and mesh mode. 3. For a device that can be configured as a master and client (with active or passive scanning), if this is user configurable, describe what controls exist, within the UI, to ensure compliance for each mode. If the device acts as a master in some bands and client in others, how is this configured to ensure compliance?
ANS: This device cannot be configured as a master and client. 4. For a device that can be configured as different types of access points, such as point-to-point or point-to-multipoint, and use different types of antennas, describe what controls exist to ensure compliance with applicable limits andthe proper antenna is used for each mode of operation. (See Section 15.407(a)) ANS:This device cannot be configured as different types of access points Signature:
Name:Jason Lee Title: Manager Company: ThinPAD Technology (ShenZhen) Co., Ltd