sfx2000
Part of the Furniture
Verbatim from the FCC document - so this is all moot if the device does not support impacted bands - remember 5GHz is three (some would consider 4) blocks - the UNII-1, UNII-2 (and extension), and UNII-3 - so perhaps the comments back to FCC are clarification on what specific channels/blocks/frequencies would this apply to, or is this going to be applied across the entire 5GHz band.
SOFTWARE SECURITY REQUIREMENTS FOR U-NII DEVICES
I. INTRODUCTION
On March 31, 2014, the Commission revised the rules in Part 15 that permits U-NII devices in the 5 GHz Band.1 As part of that revision, the Commission required that all U-NII device software be secured to prevent its modification to ensure that the device operates as authorized thus reducing the potential for harmful interference to authorized users.2 Although, the Commission refused to set specific security protocols, the methods used by manufacturers to implement the security requirements must be well documented in the application for equipment authorization. In this document, we provide general guidance on the type of information that should be submitted in the equipment authorization application.3 The security description provided in the application must cover software security, configuration, and authentication protocols descriptions, as appropriate. This guidance applies to master and client devices. Special circumstances that apply only to client devices are also addressed.
II. SOFTWARE SECURITY DESCRIPTION GUIDE
An applicant must describe the overall security measures and systems that ensure that:
1. only properly authenticated software is loaded and operating the device; and
2. the device is not easily modified to operate with RF parameters outside of the authorization.
The description of the software must address the following questions in the operational description for the device and clearly demonstrate how the device meets the security requirements.4 While the Commission did not adopt any specific standards, it is suggested that the manufacturers may consider applying existing industry standards for strong security and authentication.
I. INTRODUCTION
On March 31, 2014, the Commission revised the rules in Part 15 that permits U-NII devices in the 5 GHz Band.1 As part of that revision, the Commission required that all U-NII device software be secured to prevent its modification to ensure that the device operates as authorized thus reducing the potential for harmful interference to authorized users.2 Although, the Commission refused to set specific security protocols, the methods used by manufacturers to implement the security requirements must be well documented in the application for equipment authorization. In this document, we provide general guidance on the type of information that should be submitted in the equipment authorization application.3 The security description provided in the application must cover software security, configuration, and authentication protocols descriptions, as appropriate. This guidance applies to master and client devices. Special circumstances that apply only to client devices are also addressed.
II. SOFTWARE SECURITY DESCRIPTION GUIDE
An applicant must describe the overall security measures and systems that ensure that:
1. only properly authenticated software is loaded and operating the device; and
2. the device is not easily modified to operate with RF parameters outside of the authorization.
The description of the software must address the following questions in the operational description for the device and clearly demonstrate how the device meets the security requirements.4 While the Commission did not adopt any specific standards, it is suggested that the manufacturers may consider applying existing industry standards for strong security and authentication.