Bu, Cookies

5G Wi-Fi Software Security Declaration Letter

Beijing Xiaomi Electronics Co.,Ltd MITVMDZ28AA Xiaomi Box 4K which supports Bluetooth and Wi-Fi 2AIMRMITVMDZ28AA 2AIMRMITVMDZ28AA mitvmdz28aa

PDF Viewing Options

Not Your Device? Search For Manuals or Datasheets below:


File Info : application/pdf, 4 Pages, 164.84KB

Document DEVICE REPORTGetApplicationAttachment.html?id=6124360
Federal Communications Commission

18/03/2020

Oakland Mills Road

Columbia MD 21046

ModelMDZ-24-AA

FCC ID:2ABAFMD3610B

IC: 25940-MITVMDZ28AA

Subject: Software security requirements for U-NII device.

The information within this section of the Operational Description is to show compliance against the

Software Security Requirements laid out within KDB 594280 D02 U-NII Device Security v01r03.

General Description

1. Describe how any software/firmware update will be obtained, downloaded, and installed. Software that is accessed through manufacturer's website or device's management system, must describe the different levels of security.

Upgrade by OTAAny software/firmware updates can not affect RF parameters.

2. Describe all the radio frequency parameters that are modified by any software/firmware without any hardware changes. Are these parameters in some way limited, such that, it will not exceed the authorized parameters?

The RF parameters/limits are stored in a separate part of the non-volatile storage and not updated or changed with the firmware updates.

3. Describe in detail the authentication protocols that are in place to ensure that the source of the software/firmware is legitimate. Describe in detail how the software is protected against modification.
4. Describe in detail the verification protocols in place to ensure that installed software/firmware is legitimate.

There are currently no authentication protocols in place to check for a valid firmware outside of product registration and serial number.
Firmware are not encrypted. RF related parameters/limits are stored in a sperate part of non-volatile storage and are not part of the firmware.

5. For a device that can be configured as a master and client (with active or passive scanning), explain how the device ensures compliance for each mode? In particular if the device acts as master in some band of operation and client in another; how is compliance ensured in each band of operation?
3rd Party Access Control
1. Explain if any third parties have the capability to operate a U.S.-sold device on any other regulatory domain, frequencies, or in any manner that

The device is client device without radar detection function
Third parties do not have the capability to change radio parameters or country domains.

5G Wi-Fi Declaration Letter

may allow the device to operate in violation of the device's authorization if activated in the U.S.

2. Describe, if the device permits third-party software or firmware installation, what mechanisms are provided by the manufacturer to permit integration of such functions while ensuring that the RF parameters of the device cannot be operated outside its authorization for operation in the U.S. In the description include what controls and/or agreements are in place with providers of third-party functionality to ensure the devices' underlying RF parameters are unchanged and how the manufacturer verifies the functionality.
3. For Certified Transmitter modular devices, describe how the module grantee ensures that hosts manufactures fully comply with these software security requirements for U-NII devices. If the module is controlled through driver software loaded in the host, describe how the drivers are controlled and managed such that the modular transmitter parameters are not modified outside the grant of authorization.
SOFTWARE CONFIGURATION DESCRIPTION

This device does not permit third-party software or firmware installation and only the permitted person can update the software or firmware via special command.
N/A the device is not moduel

1. To whom is the UI accessible? (Professional installer, end user, other.)
a) What parameters are viewable to the professional installer/end-user?
b) What parameters are accessible or modifiable to the professional installer?
i) Are the parameters in some way limited, so that the installers will not enter parameters that exceed those authorized?
ii) What controls exist that the user cannot operate the device outside its authorization in the U.S.?
c) What configuration options are available to the end-user?

This device is not subject to professional installation. N/A-This device is not subject to professional installation. N/A-This device is not subject to professional installation.
N/A-This device is not subject to professional installation.

5G Wi-Fi Declaration Letter

i) Are the parameters in some way limited, so that the installers will not enter parameters that exceed those authorized? ii) What controls exist that the user cannot operate the device outside its authorization in the
U.S.?

RF parameter are programmed in flash memory and not accessible to the enduser.
RF parameter are programmed in flash memory and not accessible to the enduser. This includes the country code regulatory parameters.

d) Is the country code factory set? Can it be changed in the UI?
i) If so, what controls exist to ensure that the device can only operatewithin its authorization in the U.S.?
e) What are the default parameters when the device is restarted?
2. Can the radio be configured in bridge or mesh mode? If yes, an attestation may be required. Further information is available in KDB Publication 905462 D02.
3. For a device that can be configured as a master and client (with active or passive scanning),if this is user configurable, describe what controls exist, within the UI, to ensure compliance for each mode. If the device acts as a master in some bands and client in others, how is this configured to ensure compliance? Best Regards

The country code is factory set and can not be changed in the UI.
At each start up the factory configured country code and antenna gain are read from non-volatile memory. Not supported.
The device is client device without radar detection function.

Name: Wang Kun
Title: Company: Beijing Xiaomi Electronics Co.,Ltd Address: Room 707, 7F, Building 5, No 58, Jinghai Fifth Road, Beijing Economic and Technological Development Zone, Beijing
5G Wi-Fi Declaration Letter

E-mail: [email protected] 5G Wi-Fi Declaration Letter



Related FCC IDs:

Search Any Device: