ETSI - GS ECI 001-1
Embedded Common Interface (ECI) for exchangeable CA/DRM solutions; Part 1: Architecture, Definitions and Overview
|Publication Date:||1 March 2018|
The present document specifies the architecture of an ECI Ecosystem. A major advantage and innovation of the ECI Ecosystem, compared with currently deployed systems, is a complete software-based architecture for the loading and exchange of CA/DRM systems, avoiding any detachable hardware modules. Software containers provide a secure ("Sandbox") environment for either CA or DRM kernels, hereafter named as ECI Clients, together with their individual Virtual Machine instances. Necessary and relevant Application Programming Interfaces (API) between ECI Clients and ECI Host ensure that multiple ECI Clients can be operated in a secure operation environment and completely isolated from the rest of the CPE firmware and are specified in full detail. The installation, verification, and exchange of an ECI Host as well as multiple ECI Clients is the task of the corresponding ECI loaders. ECI Host and ECI Clients are downloaded via the DVB data carousel for broadcast services and/or via IP-based mechanisms from a server in case of broadband access. This process is embedded in a secure and trusted environment, providing a trust hierarchy for installation and exchange of ECI Host and ECI Clients and thus enabling an efficient protection against integrity- and substitution attacks. For this reason, the ECI Ecosystem integrates an advanced security mechanism, which relies on an efficient and advanced processing of control words, specified as "Key Ladder Block" and integrated in a System-onchip (SoC) hardware in order to provide the utmost security necessary for ECI compliance.