Video: Encoding and packaging for DVB-I services

There are many ways of achieving a hybrid of OTT-delivered and broadcast-delivered content, but they are not necessarily interoperable. DVB aims to solve the interoperability issue, along with the problem of service discovery with DVB-I. This specification was developed to bring linear TV over the internet up to the standard of traditional broadcast in terms of both video quality and user experience.

DVB-I supports any device with a suitable internet connection and media player, including TV sets, smartphones, tablets and media streaming devices. The medium itself can still be satellite, cable or DTT, but services are encapsulated in IP. Where both broadband and broadcast connections are available, devices can present an integrated list of services and content, combining both streamed and broadcast services.

DVB-I standard relies on three components developed separately within DVB: the low latency operation, multicast streaming and advanced service discovery. In this webinar, Rufael Mekuria from Unified Streaming focuses on low latency distributed workflow for encoding and packaging.

 

The process starts with an ABR (adaptive bit rate) encoder responsible for producing streams with multiple bit rates and clear segmentation – this allows clients to automatically choose the best video quality depending on available bandwidth. Next step is packaging where streaming manifests are added and content encryption is applied, then data is distributed through origin servers and CDNs.

Rufael explains that low latency mode is based on an enhancement to the DVB-DASH streaming specification known as DVB Bluebook A168. This incorporates the chunked transfer encoding of the MPEG CMAF (Common Media Application Format), developed to enable co-existence between the two principle flavors of adaptive bit rate streaming: HLS and DASH. Chunked transfer encoding is a compromise between segment size and encoding efficiency (shorter segments make it harder for encoders to work efficiently). The encoder splits the segments into groups of frames none of which requires a frame from a later group to enable decoding. The DASH packager then puts each group of frames into a CMAF chunk and pushes it to the CDN. DVB claims this approach can cut end-to-end stream latency from a typical 20-30 seconds down to 3-4 seconds.

The other topics covered are: encryption (exhanging key parameters using CPIX), content insertion, metadata, supplemental descriptors, TTML subitles and MPD proxy.

Watch now!

Download the slides.

Speaker

Rufael Mekuria Rufael Mekuria
Head of Research & Standardization
Unified Streaming

Video: Integrating CMAF Into A VOD Workflow

CMAF is often seen as the best hope for streaming to match the latency of broadcast. Fully standards based, many see this as the best route over Apple’s LL-HLS. Another benefit of it over LL-HLS is that it’s already a completed standard with growing support.

This talk from Tomas Bacik starts by explaining CMAF to us. Standing for the Common Media Application Format, it’s based on the standardised ISOBMFF container format and whilst CMAF isn’t by default low-latency, it is flexible enough to deliver just that. However, as Tomas from CDN77 points out, there are other major benefits in terms of its use of the Common Encryption format, reduces storage fees and more.

MPEG DASH is a commonly found streaming format based on ISO BMFF. It has always had the benefit of supporting other codecs such as HEVC and AV1 over HLS which is an AVC-only specification. CMAF is an extension of MPEG DASH which goes one step further in that it can deal with both HLS-style manifest files (.hls) as well as MPEG DASH format (.mpd) inheriting, of course, the multi-codec ability of DASH itself.

Next is central theme of the talk, looking at VoD workflows showing how CMAF fits in and, indeed, changes workflows for the better. CMAF directly impacts packaging, storage and CDN which is where we focus now. Given that some devices can play HLS and some can play DASH, if you try to serve both, you will double your requirements of packaging, storage etc. Dynamic packaging allows for immediately repackaging your chunks into either HLS or DASH as needed. Whilst this reduces the storage requirements, it increases processing and also increases the time to first byte. As you might expect, using CMAF throughout, Tomas explains in this talk, allows you to package once and store once which solves these problems.

Tomas continues by explaining the DRM abilities of CMAF including AES-CBC and finishes by taking questions from the audience.

Watch now!
See Streamflow’s blog post supporting the talk
Speakers

Tomas Bacik Tomas Bacik
VP of Product Development, Streamflow by CDN77
CDN77

Video: RIST Pre-Shared Key Encryption

An important factor when sending production video feeds and other media over the internet for most people is encryption. When distributing to the end user, it’s different, but for contribution having the assurance that no-one else can view the video is very reassuring to all parties even when the content doesn’t necessitate it. RIST has been in development for a while and has grown beyond the simple profile which only dealt with packet loss. Now with the main profile, encryption is possible; there are actually two ways to encrypt. One uses DTLS which is the UDP-based equivalent of the same TLS encryption that https:// websites use, the other uses pre-shared keys (PSK).

Sergio Ammirata from DVEO starts the talk by introducing the main profile and the use of GRE tunnels. The use of a tunnel from sender to receiver allows for a single connection to carry multiple channels of multiplexed data. Importantly. it also allows the encryption to happen to the tunnel rather than to each media stream separately.

The next section of the talk revises what DTLS is: part of the main profile providing TLS encryption to UDP. Given this is an encryption method, it’s important to realise it is not part of the data-loss recovery algorithms. Since DTLS is based on TLS, it will also need certificates. Just like websites you have the choice of having a self-signed certificate or one signed by a trusted authority. This means that you not only know that you are sending encrypted data, you are also sending it to a trusted computer, not someone unintended. Sergio takes us through the workflow of verifying the certificates highlighting, for instance, the requirement for a realtime clock otherwise the start and expiry dates in the certificates wouldn’t have any meaning.

With PSK, there is no authentication. It encrypts the whole of the GRE tunnel except for headers with an AES key related to the pre-shared passphrase. The encryption is changed periodically by an automatic process. It’s important to realise that because this is so deterministic, this can be used for bonded connections. When Sergio then looks at the data flow for using PSK, we see that that it is much simpler with many fewer handshakes.

As to when PSK is the route to take over using DTLS, one-to-many transmission is an obvious candidate but also where there is only one-way communication such as most satellite links. Sergio finishes the talk by looking at the use of FEC and taking questions from the floor.

Watch now!
Speaker

Sergio Ammirata Sergio Ammirata
CTO,
DVEO

Video: Broadcast Content Protection

With video piracy estimated to cost the US economy $29M a year and programming rights costing 100s of millions of dollars or more, there’s plenty of reason to look to technology to protect your content. There is a long history of copy protection for broadcast/linear content which is continually changing.

Graham Turner, who has worked extensively in copy protection for many years, gives us an overview of how pay TV works, a look at the different types of protection and a look back at the history to see what we can learn from the mistakes made since the late 1980s.

After explaining the many reasons different types of channels have to protect their content, Graham explains the fundamentals of content protection, encryption and decryption being central to protection discussing symmetric and asymmetric cryptography. He then discusses key length which is something we hear a lot of, but can be non-trivial to understand. After all, AES talks of 128 and 256-bit keys, whereas in other areas we hear 1024, 2048 and more. Graham shows how these relate to the different keys in symmetric and asymmetric cryptography.

Pay TV is the area of focus for this video whereby live decryption keys need to be available at the set top box (STB) in the home. For DVD copy protection, the key is already in the DVD player and revocation of the rights of that DVD player are difficult. For TV there is a path from the broadcaster to the receiver which allows for more reactive rights management. ECM, Entitlement Checking Messages and EMM, Entitlement Management Messages, are the ways in which these permissions are spread so we look at how these work.

The architecture of the STB comes in focus next as Graham explains how the decryption and describing fit together along with hardware security and software security. Naturally after the STB has decoded the video, there’s interest in making sure the delivery to the TV is also secure which is where HDMI’s HDCP comes in with HDCP 2.2 protecting UHD content. HDCP is a method of ensuring that recording devices don’t get to record protected video whereas TVs or display devices can. Fingerprinting and watermarking are two technologies which are also examined showing how they are useful, to an extent, in identification of footage though not directly useful in preventing piracy itself.

The video ends with a very interesting look at the various high profile hacks from the last 30 or so years examining what was broken and how – in particular whether the cryptography itself was broken or whether the attack succeeded due to a weak link in the chain of another part of the system.

Watch now!
Speakers

​ Graham Turner ​Graham Turner
Television Technologist,
Former Chair, IET Media