Video: Hacking ATSC 3.0

ATSC’s effort to bring IP into over-the-air broadcast has been long in the making and its deployment in South Korea along with the ITU’s inclusion of it in it’s list of recommended digital broadcast standards is a testament to it gaining acceptance. But as US broadcasters continue with test broadcasts and roll-outs in 2020, what security problems arise when IP’s included in the mix?

Acting is a great network security primer, this talk from Texas A&M’s Wayne Pecena, explains the premise and implications of creating and maintaining security in your broadcast plant. Starting by documenting the high profile attacks on broadcasters over the years, Wayne hones in on the reasons they should care from the obvious, omnipresent threat of ‘dead air’ to ‘loss of trust’ which is particularly motivating in recent years as we have seen state actors move to influence, not disrupt the normal course of life, in low-key, long-burn persistent attacks.

The talk hinges around the ‘AIC’ triad, comprising confidentiality, integrity and availability which are the three core aspects of data to protect. Integrity involves ensuring that the data are not altered either in transit or, indeed, in storage. Confidentiality revolves around ensuring that access control is maintained at all levels including physical, network-level and application live. Finally availability encompasses the fact that if the data isn’t available to the people who need it, the whole thing is pointless. Therefore supporting the availability side of the triangle includes thinking about redundancy and disaster recovery procedures.

Wayne, who is also the president of the Society of Broadcast Engineers, explains some of the attributes of a secure system which starts with security policies. These are the outer layer of any secure environment detailing how the many other layers of security will be managed and applied. Other aspects of a secure environment are appropriately layered and segmented network design, to limit what is available to anyone who does penetrate part of a system, access controls and logging.

After looking at the IETF and IEEE standards bodies, we see how the standard network models overlay neatly on the ATSC layered model with networking in the centre of them all. This leads in to a brief introduction to ‘IP’ in the sense of the the IP protocol on which are based TCP/IP and UDP/IP, between them central to most network communications around the world.

As we see how a small hole in defences can be slowly changed and enlarged allowing the attacker to move forward and create another hole in the next layer, Wayne talks about the types of security threats such malware, denial of service attacks and, of course, inside threats such as your employees themselves being complicit.

As the talk draws to a close we look at how this plays out in the real world talking through diagrams of broadcasters’ systems and how mitigations might play out on premise before talking cloud security. As the threat model in the cloud is different, Wayne explains the best practices to ensure safety and how these and the other security technologies used on the internet keep ATSC 3.0 secure including TLS secure certificate and the use of DNSSEC

The talk finishes with a look at security in the home whether that be with the myriad of consumer media consumption devices or items from the ‘internet of things’.

Watch now!
Speaker

Wayne Pecena Wayne Pecena
Director of Engineering, KAMU TV/FM at Texas A&M University
President, Society of Broadcast Engineers AKA SBE

Webinar: An Overview of the ATSC 3.0 Interactive Environment

Allowing viewers to interact with television services is an obvious next step for the IP-delivered ATSC service. Taking cues from the European HbbTV standard, the aim here is to make available as many ways as practical for viewers to direct their viewing in order to open up new avenues for television channels and programme creators.

Mark Corl is chair of the TG3/S38: Specialist Group on Interactive Environment. Its aim is to support interactive applications and their companion devices. It has produced the A/344 standard which is based on W3C technologies with APIs which support the needs of broadcast television. It describes the Interactive Environment Content Display model allowing video to be mixed with app graphics as a composite display. Mark is also part of the ATSC group TG3-9 which looks at how the different layers of ATSC 3.0 can communicate with each other where necessary.

From the TG3 group, too, is the Companion Device Concepts A/338 standards document which details discovery of second devices such as smartphones and enabling them to communicate with the ATSC 3.0 receiver.

In this webinar from the IEEE BTS, Mark marries an understanding of these documents with the practical aspects of deploying interactive broadcaster applications to receivers including some of the motivations to do this, such as improving revenue through the introduction of Dynamic Ad Insertion and personalisation.

Register now!
Speakers

Mark Corl Mark Corl
Chair, TG3/S38 Specialist Group on Interactive Environment
Co-chair, TG3-9 AHG on Interlayer Communications in the ATSC 3.0 Ecosystem
Senior Vice President, Emergent Technology Development, Triveni Digital

Webinar: ATSC 3.0 Signaling, Delivery, and Security Protocols

ATSC 3.0 is bringing IP delivery to terrestrial broadcast. Streaming data live over the air is no mean feat, but nevertheless can be achieved with standard protocols such as MPEG DASH. The difficulty is telling the other end what’s its receiving and making sure that security is maintained ensuring that no one can insert unintended media/data.

In the second of this webinar series from the IEEE BTS, Adam Goldberg digs deep into two standards which form part of ATSC 3.0 to explain how security, delivery and signalling are achieved. Like other recent standards, such as SMPTE’s 2022 and 2110, we see that we’re really dealing with a suite of documents. Starting from the root document A/300, there are currently twenty further documents describing the physical layer, as we learnt last week in the IEEE BTS webinar from Sony’s Luke Fay, management and protocol layer, application and presentation layer as well as the security layer. In this talk Adam, who is Chair of a group on ATSC 3.0 security and vice-chair one on Management and Protocols, explains what’s in the documents A/331 and A/360 which between them define signalling, delivery and security for ATSC 3.0.

Security in ATSC 3.0
One of the benefits of ATSC 3.0’s drive into IP and streaming is that it is able to base itself on widely developed and understood standards which are already in service in other industries. Security is no different, using the same base technology that secure websites use the world over to achieve security. Still colloquially known by its old name, SSL, the encrypted communication with websites has seen several generations since the world first saw ‘HTTPS’ in the address bar. TLS 1.2 and 1.3 are the encryption protocols used to secure and authenticate data within ATSC 3.0 along with X.509 cryptographic signatures.

Authentication vs Encryption
The importance of authentication alongside encryption is hard to overstate. Encryption allows the receiver to ensure that the data wasn’t changed during transport and gives assurance that no one else could have decoded a copy. It provides no assurance that the sender was actually the broadcaster. Certificates are the key to ensuring what’s called a ‘chain of trust’. The certificates, which are also cryptographically signed, match a stored list of ‘trusted parties’ which means that any data arriving can carry a certificate proving it did, indeed, come from the broadcaster or, in the case of apps, a trusted third party.

Signalling and Delivery
Telling the receiver what to expect and what it’s getting is a big topic and dealt with in many places with in the ATSC 3.0 suite. The Service List Table (SLT) provides the data needed for the receiver to get handle on what’s available very quickly which in turn points to the correct Service Layer Signaling (SLS) which, for a specific service, provides the detail needed to access the media components within including the languages available, captions, audio and emergency services.

ATSC 3.0 Receiver Protocol Stack

ATSC 3.0 Receiver Protocol Stack

Media delivery is achieved with two technologies. ROUTE (Real-Time Object Delivery over Unidirectional Transport ) which is an evolution of FLUTE which the 3GPP specified to deliver MPEG DASH over LTE networks. and MMTP (Multimedia Multiplexing Transport Protocol) an MPEG standard which, like MPEG DASH is based on the container format ISO BMFF which we covered in a previous video here on The Broadcast Knowledge

Register now for this webinar to find out how this all connects together so that we can have safe, connected television displaying the right media at the right time from the right source!

Speaker

Adam Goldberg Adam Goldberg
Chair, ATSC 3.0 Specialist Group on ATSC 3.0 Security
Vice-chair, ATSC 3.0 Specialist Group on Management and Protocols
Director Technical Standards, Sony Electronics

Webinar: ATSC 3.0 Physical Layer and Data Link Layer Overview

ATSC 3.0 brings IP delivery to over-the-air TV marking a major change in delivery to the home. For the first time video, audio and other data is all delivered as network streams allowing services available to TV viewers at home to modernise and merge with online streaming services better matching the viewing habits of today. ATSC 3.0 deployments are starting in the USA and it has already been rolled out in South Korea for the XXIII Olympic Winter Games in 2018.

Whilst the move to IP is transformational, ATSC 3.0 delivers a whole slew of improvements to the ATSC standard for RF, bandwidth, Codecs and more. In this, the first of three webinars from the IEEE BTS focussing in on ATSC 3.0, we look at the physical layer with Luke Fay, Chair of the ATSC 3.0 group and also a Senior Manager of Technical Standards at Sony.

Click to register: Wednesday, 15th January, 2020. 11am ET / 16:00 GMT

What is the Physical Layer?
The physical layer refers to the method data gets from one place to another. In this case, we’re talking about transmission by air, RF. Whilst this isn’t, in some ways, as physical as a copper cable, we have to remember that, at a basic level, communication is about making a high voltage in place A change the voltage in place B. The message physically moves from A to B and the medium it uses and the way it manipulates that medium are what we refer to as the physical layer.

In this webinar, Luke will talk about System Discovery and Signalling, defined by document A/321 and the Physical Layer Protocol defined by A/322. Both freely available from the ATSC website. The webinar will finish with a Q&A. Let’s take a deeper look at some of the topics which will be covered.

Choice of modulation

ATSC 3.0 has chosen the COFDM modulation scheme over the previous 8VSB, currently used for first-generation ATSC broadcasts, to deliver data over the air from the transmitter. COFDM, stands for Coded Orthogonal Frequency Devision Multiplexing and has become the go-to modulation method for digital transmissions including for DAB, DAB+ and the DVB terrestrial, satellite and cable standards.

One of the reasons for its wide adoption is that COFDM has guard bands; times when the transmitter is guaranteed not to send any data. This allows the receiver some time to receive any data which comes in late due to multi-path reflections or any other reason. This means that for COFDM, you get better performance if you run a network of nearby transmitters on the same frequency – known as a Single Frequency Network (SFN). A transmitters signal from further away will arrive later, and if in the guard interval, will be used to re-inforce the directly received signal. This means that, counter-intuitively from analogue days, running an SFN actually helps improve reception.

Multiple operating points to match the business case
Another important feature of ATSC 3.0 at the physical layer is the ability to be able to choose the robustness of the signal and have multiple transmissions simultaneously using different levels of robustness. These multiple transmissions are called pipes. As many of us will be familiar with, when transmitting a high bandwidth, the signal can be fragile and easily corrupted by interference. Putting resilience into the signal uses up bandwidth either due using some of the capacity to put error checking and error recovery data in or just by slowing down the rate the signal is sent which, of course, means not as many bits can be sent in the same time window.

Because bandwidth and resilience are a balancing act with each one fighting against the other, it’s important for stations to be able to choose what’s right for them and their business case. Having a high robustness signalm for penetration indoors can be very useful for targeting reception on mobile devices and ATSC 3.0 can actually achieve reception when the signal is below the noise, i.e. a negative signal to noise ratio. A higher bandwidth service delivering UHD at around 20Mbps can be achieved, however, by using 64 instead of 16 QAM.

Register now!
Speaker

Luke Fay
Chairman, ATSC Technology Group 3,
Senior Manager Technical Standards, Sony Home Entertainment & Sound Products – America