red_pope
Regular Contributor
https://apps.fcc.gov/oetcf/kdb/forms/FTSSearchResultPage.cfm?id=39498&switch=P
Second Category: General [Equipment Authorization Process]
Question: What are the software security requirements for non-SDR devices and what limitations apply to software configuration control for such devices?
Answer:
Attachment 594280 D01 Configuration Control provides guidance on permissible options and restrictions on configuration controls for devices not approved as Software Defined Radios.
Further, the Commission revised (FCC 14-30, ET Docket No. 13-39) the rules (effective June 2, 2014) for U-NII devices operating under Part 15 rules to require all devices to implement software security to ensure that the devices operate as authorized and cannot be modified. Attachment 594280 D02 UNII Device Security provides guidance on the information that must be provided in the application filing to show that proper security is implemented in the device.
The Commission has established a transition period as follows:
Attachment List:
594280 D01 Configuration Control v02r01
594280 D02 U-NII Device Security v01r02
Publication Number: 594280
Rule Parts: 15C
Publication Date: 03/18/2015
Keyword: Section 15.202 Software Configuration Control, Country Code Selection, Professional Installers Part 15C
First Category: Equipment Authorization Process *Keyword: Section 15.202 Software Configuration Control, Country Code Selection, Professional Installers Part 15C
Second Category: General [Equipment Authorization Process]
Question: What are the software security requirements for non-SDR devices and what limitations apply to software configuration control for such devices?
Answer:
Attachment 594280 D01 Configuration Control provides guidance on permissible options and restrictions on configuration controls for devices not approved as Software Defined Radios.
Further, the Commission revised (FCC 14-30, ET Docket No. 13-39) the rules (effective June 2, 2014) for U-NII devices operating under Part 15 rules to require all devices to implement software security to ensure that the devices operate as authorized and cannot be modified. Attachment 594280 D02 UNII Device Security provides guidance on the information that must be provided in the application filing to show that proper security is implemented in the device.
The Commission has established a transition period as follows:
- New devices will be permitted to be approved under the old rules for until June 1, 2015.
- Starting June 2, 2016, permissive changes will not be permitted for devices approved under the old rules, unless they meet the requirements of the new rules.
- All devices partially or completely approved under the old rules cannot be marketed starting June 2, 2016 unless they meet the requirements of the new rules in all the bands of operation.
- Applications for devices for approval under the new rules must apply all of the applicable test procedures for such devices and provide software security documentation as discussed in the guidance 594280 D02 U-NII Device Security. This also applies to all applications for new devices and applications for permissive changes of previously approved devices under the new rules. Further SDR devices must also provide software security documentation as discussed in the guidance 594280 D02 U-NII Device Security and KDB Publication 442812.
- For further information on transition rules and requirements for permissive changes of already approved devices refer to KDB Publication 926956.
Attachment List:
594280 D01 Configuration Control v02r01
594280 D02 U-NII Device Security v01r02