Opening A Pandora’s Box

An interoperable solution based on a standardized STB platform and operator-specific CA implemented by use of smart cards proposed by the MIB and TRAI is a commendable initiative. Advantages are many. Less e-waste, maximum utilization of resources, ease for the viewer, a flexible and efficient STB eco-system, reduced dependence on imported supplies to list a few.

However, is this possible? There are innumerable challenges which need to be considered. Algorithms used for ECM/EMM encryption are not currently standardized across the platforms. When almost 85 percent of STB penetration is already done or underway, revisiting these boxes for software upgrade or physical swap means a considerable cost to the MSO. A different operating system exists for every OEM, the EPG middleware varies with each platform, different modulation standards and compression standards exist for cable distribution head-ends and DTH services. Methods of interoperability like CAM/cable card or downloadable CAS are not yet popular as there are inherent problems in making them universal.

Security is a major issue. Today CA systems depend on advanced, proprietary security modules incorporated into the SoC hardware to provide service providers with sufficient levels of security. The current proposal indicates that significant portions of the key material would reside in STB RAM, exposing the system to significant hacking.

Many other aspects as countermeasures intended to be used against various attacks on a service provider, whom breach responsibility currently with the CA operator lie with will, certification and test suites whereby each system has a compliance verification suite are not defined. Responsibilities covering certification, maintenance, and piracy cannot be undermined.

Commercial operability, as stipulated by TRAI, seems to be working well. A consumer procures the STB, on payment of security deposit and monthly rental, and in case of dissatisfaction, switches his digital service provider, returns the STB, and claims a refund of the security after a small deduction.

Be it STB manufacturers, SOC companies, CAS companies, system integrators, operators, associations, or senior experts, all have expressed serious reservations on going ahead with this proposal. It seems it is too late to consider STB interoperability now. Will the powers that be heed the stakeholders?