Video: IP Fundamentals For Broadcast Part II


After last week’s talk explaining networking from the real basics, Wayne Pecena is back to look at “where the good stuff is” in the next two layers of the OSI model.

Much of what live production needs happens in layers 2 and 3. At layer 2 we have Ethernet which defines how data is passed from switch to switch. Then at layer 3 we have the IP protocols, UDP and TCP which do nearly all of the heavy lifting getting our data from one place to another.

Wayne Pecena from Texas A&M University builds this talk around layer 2 specifically and starts by looking at the underlying protocols of Ethernet including collision detection. Given that the cabling is bi-directional, it’s possible for both ends to be sending data at the same time. This needs to be avoided, so the sending devices need to sense what’s happening on the wire and allow time for the other interface to finish.

Famously Ethernet has MAC addresses which is the way that this Layer 2 protocol deals with addressing the correct end point. Wayne shows the format these addresses follows and looks at the makeup of the frame which houses the data payload. The length of each segment of data is set with a maximum, but there is a high-throughput option called Jumbo Frames which increases efficiency for high bit rate applications by reducing the number of frames needing to be sent and therefore reducing the amount of header data sent.

A switch is an Ethernet device for connecting together multiple devices to communicate over Layer 2 and has a number of functions like learning MAC addresses, filtering frames and forwarding frames from one interface to another one. Switches can provide not only data but power to avoid having to run more than one cable. Usefully, Wayne walks us through the steps taken for one computer to send to another. Stepping through this mixture of ethernet and IP address is very useful to understand how to fault find, but also to see how layer 2 and 3 work so closely together.

Knowing the innards of a switch is vital to a full understanding of network behaviour. Wayne talks through a diagram of the what’s inside a switch showing that each NIC has its own set of buffers, a backplane (also known as ‘switch fabric’) and shared resources like a CPU. We see then how the switch learns the MAC addresses of everything connected to it and we see that, with the CPU and separating MAC address lists, a switch can create virtual lans, known as VLANs which allow a logical separation of interfaces that are on the same switch. It has the effect of creating multiple networks, that can’t speak to each other by default, on the same hardware and then allows the flexibility to add certain interfaces to multiple networks. VLANs are highly utilised in enterprise computing.

The talk finishes with a full description of how VLANs work and interact and 802.1Q VLAN tagging.

Watch now!

Wayne’s previous talk
Speaker

Wayne Pecena Wayne Pecena
Director of Engineering, KAMU TV/FM at Texas A&M University
President, Society of Broadcast Engineers AKA SBE

Video: ABA IP Fundamentals For Broadcast

IP explained from the fundamentals here in this in this talk from Wayne Pecena building up a picture of networking from the basics. This talk discusses not just the essentials for uncompressed video over IP, SMPTE ST 2110 for instance, but for any use of IP within broadcast even if just for management traffic. Networking is a fundamental skill, so even if you know what an IP address is, it’s worth diving down and shoring up the foundations by listening to this talk from the President of SBE and long-standing Director of Engineering at Texas A&M University.

This talk covers what a Network is, what elements make up a network and an insight into how the internet developed out of a small number of these elements. Wayne then looks at the different standards organisations that specify protocols for use in networking and IP. He explains what they do and highlights the IETF’s famous RFCs as well as the IEEE’s 802-series of ethernet standards including 802.11 for Wi-Fi.

The OSI model is next, which is an important piece of the puzzle for understanding networking. Once you understand, as the OSI model lays out, that different aspects of networking are built on top of, but operate separately from other parts, fault-finding, desiring networks and understanding the individual technologies becomes much easier. The OSI model explains how the standards that define the physical cables work underneath those for Ethernet as separate layers. There are layers all the way up to how your software works but much of broadcasting that takes place in studios and MCRs can be handled within the first 4, out of 7 layers.

The last section of the talk deals with how packets are formed by adding information from each layer to the data payload. Wayne then finishes off with a look at fibre interfaces, different types of SFP and the fibres themselves.

Watch now!
Speaker

Wayne Pecena Wayne Pecena
Director of Engineering, KAMU TV/FM at Texas A&M University
President, Society of Broadcast Engineers AKA SBE

Video: Hacking ATSC 3.0

ATSC’s effort to bring IP into over-the-air broadcast has been long in the making and its deployment in South Korea along with the ITU’s inclusion of it in it’s list of recommended digital broadcast standards is a testament to it gaining acceptance. But as US broadcasters continue with test broadcasts and roll-outs in 2020, what security problems arise when IP’s included in the mix?

Acting is a great network security primer, this talk from Texas A&M’s Wayne Pecena, explains the premise and implications of creating and maintaining security in your broadcast plant. Starting by documenting the high profile attacks on broadcasters over the years, Wayne hones in on the reasons they should care from the obvious, omnipresent threat of ‘dead air’ to ‘loss of trust’ which is particularly motivating in recent years as we have seen state actors move to influence, not disrupt the normal course of life, in low-key, long-burn persistent attacks.

The talk hinges around the ‘AIC’ triad, comprising confidentiality, integrity and availability which are the three core aspects of data to protect. Integrity involves ensuring that the data are not altered either in transit or, indeed, in storage. Confidentiality revolves around ensuring that access control is maintained at all levels including physical, network-level and application live. Finally availability encompasses the fact that if the data isn’t available to the people who need it, the whole thing is pointless. Therefore supporting the availability side of the triangle includes thinking about redundancy and disaster recovery procedures.

Wayne, who is also the president of the Society of Broadcast Engineers, explains some of the attributes of a secure system which starts with security policies. These are the outer layer of any secure environment detailing how the many other layers of security will be managed and applied. Other aspects of a secure environment are appropriately layered and segmented network design, to limit what is available to anyone who does penetrate part of a system, access controls and logging.

After looking at the IETF and IEEE standards bodies, we see how the standard network models overlay neatly on the ATSC layered model with networking in the centre of them all. This leads in to a brief introduction to ‘IP’ in the sense of the the IP protocol on which are based TCP/IP and UDP/IP, between them central to most network communications around the world.

As we see how a small hole in defences can be slowly changed and enlarged allowing the attacker to move forward and create another hole in the next layer, Wayne talks about the types of security threats such malware, denial of service attacks and, of course, inside threats such as your employees themselves being complicit.

As the talk draws to a close we look at how this plays out in the real world talking through diagrams of broadcasters’ systems and how mitigations might play out on premise before talking cloud security. As the threat model in the cloud is different, Wayne explains the best practices to ensure safety and how these and the other security technologies used on the internet keep ATSC 3.0 secure including TLS secure certificate and the use of DNSSEC

The talk finishes with a look at security in the home whether that be with the myriad of consumer media consumption devices or items from the ‘internet of things’.

Watch now!
Speaker

Wayne Pecena Wayne Pecena
Director of Engineering, KAMU TV/FM at Texas A&M University
President, Society of Broadcast Engineers AKA SBE