The quest for the ultimate in content and revenue protection via downloadable security systems and next-gen CableCARDs is not only gaining momentum, but expanding to include a raft of unlikely participants. Traditional set-top box manufacturers, software and hardware providers, security companies, MSOs, the consumer electronics industry, and even retailers are joining the search for a cost-efficient, content and revenue-protecting system that will effectively shield the massive amount of content exposed to theft, copyright abuse and eventually the potential disruption of a growing revenue stream for the cable industry.

It's about protecting assets. And there are plenty to protect. By 2009, more than 108 million digital TV subscribers worldwide will be using a smorgasbord of on-demand services, and probably a few that haven't even been invented yet, reports the media research group In-Stat, which is owned by the same company as CED.

HDTV will play a key role as well. With the average price of an HD set expected to drop 38 percent by 2010 to about $1,100 per set, more than 30 million hi-def subscribers will be accessing huge amounts of content via two-way, interactive platforms, reports a recent Kagan Research study. Kagan also expects 377 million cumulative HD sets being sold to consumers by 2015.

It's no wonder the cable operators and the studios are scrambling to find an effective means of protecting it all. Consequently, this trend is fueling the search for a downloadable security system and/or multi-stream CableCARD that will easily integrate into digital devices such as set-tops and TVs.

"M" is for multi-stream

Two key events are expected to aid the search. A multi-stream test tool prototype (HPNxPro) is currently being tested at CableLabs. The "M" card is expected to be officially validated for use in mid-2006 and available for CE manufacturers in their effort to develop a multi-stream CableCARD.

Considered the next-gen CableCARD, the M card is a backwards-compatible device designed to operate with single stream or multi-stream devices.

"It has multi-stream capabilities with six streams passing through a card. It's getting lots of attention by the FCC and the cable industry. Vendors are now building it, but we need to test product against it," says Don Dulchinos, senior vice president of advanced platforms and services for CableLabs.

A second key issue on the table is a bi-directional agreement between the cable and consumer electronics industries, which is now being hammered out, says Neal Goldberg, general counsel for the National Cable & Telecommunications Association.

Following a July 19 briefing on downloadable security to the FCC staff, a license was expected to be filed by the cable industry with the Commission on November 30. An update of the on-going discussions between the consumer electronics and cable industries regarding a bi-directional agreement is due on that date as well.

"We're making progress on the middleware solution so operators can write their applications to OCAP (Open Cable Application Platform) software and retail devices. The technical hurdles seem to have been overcome. Now, the issue isn't with the cards, it's with the parameter of devices they interface with. And with two-way, like VOD, we must revisit content protection rules. These are the issues being discussed," Goldberg says.

But the big target is July of 2007, when the FCC has flatly stated it wants to see a cost-efficient, downloadable/removable, conditional access (CA) platform that mimics the CableCARD and the tight security functions it provides.

But getting there is the tricky part. Relatively few CableCARDs have been deployed, and MSOs have been asked by the FCC to provide details and support of their CableCARD deployments (see sidebar at left). Most prefer to wait on the M card or some other type of downloadable security system that will reduce production and operational costs and offer multi-stream capabilities.

"We must be committed to [the] CableCARD because that's what's being built, and M card is still on track. Even the existing CableCARD can support two-way communications, just not multi-stream. The next transition is to downloadable security, but we don't see a large scale deployment until 2008," says Pragash Pillai, vice president of advanced engineering and digital video for Charter Communications.

Yet long term, Charter's migration path to downloadable security does not include the CableCARD, Pillai admits. "It's the only solution we have now. The sooner we can migrate off the CableCARD platform, the better. It's to our benefit to get away from hardware-based solutions to software-based. And the CableCARD can be prohibitively expensive. M card will be costly, too. You just can't deliver all the on-demand services we'll deliver through CableCARD."

Mark Hess
In the meantime, Comcast is mapping its own path toward downloadable security, and the CableCARD is at least a temporary route. "Today, we're planning on doing CableCARDs until July of 2007, when downloadable security will be determined by what's in front of the FCC. We want to get downloadable security into the system as soon as possible and are committed to separable security," says Mark Hess, senior vice president of business and product development for Comcast.

Comcast is also committed to lessening the financial burden of CableCARDs, and downloadable security overall.

"The business impact of downloadable security is significant," Hess explains. There are lots of dollars in CableCARDS. You don't have to build slots for each CableCARD [because] it's 10 times cheaper with downloadable security, and that's good for the consumer electronics industry, too. It's also less of a burden on the operations side. An efficient delivery system of downloadable security is good for everyone," he maintains.

Figure One

CA's shifting landscape

For vendors such as Motorola, now deeply engaged with Comcast in a $1 billion joint venture to develop and license "current and future" CA systems along with a non-exclusive license for MediaCipher, Motorola's CA technology, the CA landscape is changing.

"We wanted to accelerate the rate of progress in the DCAS space (Downloadable Conditional Access Systems) and have lots of technology behind the MediaCipher program. The licensing arm is licensing to other people to stimulate competition and we're developing CableCARDs to work with various TV set manufacturers," says Mark DePietro, vice president of connected homes for Motorola.

DePietro and Hess agree the joint venture is moving along as planned, though obstacles remain.

"The JV has gone very well and the transition has been excellent, but there are technical challenges to making it work and another level of integration of separable security of the M card. We have to start the 12- to 18-month development cycle now," Hess says.

For Motorola, the challenge is timing, DePietro admits. "We have 10 agreements with major CE players for CableCARDs and headend equipment, but a key challenge is the timeframe and regulatory uncertainty regarding CableCARDs and downloadable security. We don't want to discover big incompatibilities in the field."

Scientific-Atlanta (S-A) is deep in the CA mix as well with its Overlay network, which allows its CA system, PowerKEY, to be used with the incumbent CA system. It also features downloadable capabilities.

"It's not real different than what we already do with PowerKEY, but now a fully downloadable version is absolutely a top strategy for us," says Bill Wall, technical director for subscriber networks at S-A.

Not only that, but there are significant business upsides as well, particularly if the FCC embraces the downloadable security idea. Adds Wall: "It opens up other markets for our set-tops and we will actively pursue those. The intent is to open up the retail market for set-tops with DCAS in digital cable ready (DCR) devices. Now, we're in the interoperability testing phase and M card tests. We're trying to stay ahead of the M card, but must have the host devices to do the testing. The challenge is getting to that point."

From a consumer's viewpoint, it really isn't making much difference, some analysts say. "Consumer demand for CableCARDs isn't there. In fact, they (consumers) really don't care," says Bruce Leichtman, president and principal analyst for Leichtman Research Group (LRG). "And salespeople at electronics stores have little incentive to explain CableCARDs. It's not in their selling structure. Customers just don't have big issues with set-tops, so CableCARDs will have an impact with second and third TV sets in the home when the price of DTVs falls under $699. The incentive for CableCARDs is from the capital expenditure standpoint."

Just what incentives there are for MSOs such as Cox Communications to migrate to an effective downloadable security system should surface in the next 12 to 18 months. Nevertheless, Cox is supporting the one-way card across the board, says Senior Vice President of Strategy and Development Dallas Clement.

"We're supporting one-way CableCARDs in all of our markets, but it's only one-way, with no VOD, guides, etc., so it's not that compelling. Our goal is to support downloadable security across all cable networks, ubiquitously. We feel we can license the technology from either Motorola (via the Motorola/Comcast joint venture) or from S-A. We just want to be sure there are no bottlenecks or roadblocks to prevent them from doing the venture," Clement explains.

He adds that Cox will begin participating in various trials to support two-way functionality early next year. In the meantime, the list of CE manufacturers being certified for OCAP interactive digital TV sets is burgeoning, and now includes Samsung, Panasonic, LG Electronics and Digeo.

Figure Two

The CA factor

The roster of manufacturers nudging their way into the expanding CableCARD and downloadable security space is multiplying as well, with many industry observers believing that innovative new software and hardware components now being developed will ultimately lead to content protection nirvana. At least, they had better.

"There's a huge amount of effort being put in securing CPE equipment, set-top boxes, PVRs, etc., and there must be a CA system that will allow operators to save lots of money on set-tops. We need a wide choice and we're playing in an extremely competitive, global market. Until operators can fit an open market CA client into their boxes, they won't be that efficient," cautions Robin Wilson, vice president of business development for encryption and CA specialist at Nagravision.

And efficiencies count. Especially when revenues are at stake. "It's about protecting core revenue streams and the expansion process that will include future services and revenues. We have to surround content with protection and rights management. The challenge is to move faster. There are so many things the cable operators could be doing with that huge pipe," says Dov Ruben, vice president and general manager of NDS Americas, whose VideoGuard System (VGS) and supportive Secure Video Processor (SVP) provides CA and digital rights management protection for content ported from one device to another.

And CableCARDs? "It's a form factor. Some will use [them] in HDTVs, others in set-tops, some not at all. We are, however, working on M cards and Mobile Video Guard, which will protect content in the mobile space. It takes you to the next generation of content, which will be massive," Ruben concludes.

Charter's Pillai, and privately, most MSOs, are anxious to move beyond CableCARD to a more cost-efficient, less operationally tedious system of content protection. Admits Pillai: "It (the CableCARD) was good in the beginning but can't deliver a lot of applications like VOD and interactive. We need a cost-effective, two-way solution, and CableCARD doesn't do either."

Some, especially those with lots of skin in the emergence of downloadable CA systems, insist that smart cards aren't much better. "They aren't working. Renewal time is nearly two years and they're very expensive. Cable simply needs a more cost-effective approach," says Matt Cannard, VP of marketing for Widevine Technologies.

And Widevine thinks it has one. Its digital watermarking technology allows studios, broadcasters and operators to insert digital fingerprints into video content as it passes through three key points in the video distribution chain: the content owner, operator and consumer electronics devices.

The company's Mensor digital forensic technology fingerprints and watermarks content at each stage of a multi-node delivery network. "It watermarks the source, destination of content, and who received it, and provides forensic information on where content is going and can identify individuals as a theft deterrent mechanism. It's a higher level of CA," Cannard says.

Widevine's Mensor, Cannard notes, is currently being trialed at "a major MSO," and used by several Hollywood studios.

The migration to downloadable security is prompting other manufacturers to shift their CA and smart card strategies as well, including Irdeto, a leading supplier of smart card and encryption technology.

"We're offering downloadable security through our SoftClient and Epsilon smart cards, so we're preparing for a world of downloadable security. With the emergence of IPTV, the preference is for the telcos to rid themselves of the logistics of smart cards to a downloadable version and a software-based CA system. It will happen over time, but there are still lots of legacy systems using S-A and Motorola set-tops," says Bo Ferm, general manager of Irdeto Americas.

The mobile market shouldn't be overlooked either, Ferm notes. "We acquired Lockstream for the mobile market, which is seeing tremendous growth. To be effective in that market, we change how we distribute keys and decryptions. There's a big difference between mobile CA and set-tops."

Differences aside, conventional wisdom suggests that some form of downloadable security is destined to replace hardware-based, removable CableCARDs and smart cards.

Concludes Dulchinos of CableLabs: "CableCARDs will have limited use once the CE industry parallels with the work we're doing. And they've been in our test lab for a couple of years. And there should be a gradual change, if any, in the set-top manufacturers' role with security and CA. The key challenge will be system integration."

So, in the meantime, MSOs such as Cablevision, Charter, Comcast, Cox and others are biding their time, and anxiously awaiting new downloadable security developments from FCC filings and the vendor community at-large.

"We're still doing business the old-fashioned way with set-top box manufacturers and working with the CE industry to understand their role with CableCARDs and set-tops, and where our downloadable plans are," says Comcast's Hess. "Now, it's mostly about sharing plans, timelines and engineering resources, so we can all cross the goal line together."

Just who gets to carry the ball, and what the final score on downloadable security, CableCARDs and the CA issue will be, could be determined by the FCC soon.

In this report, CED noted that a major MSO was trialing Widevine Technology’s Mensor technology. The trial is actually in reference to Widevine's Cypher downloadable conditional access and DRM solution. Widevine's Mensor is the company's digital forensics product, which includes watermarking and fingerprinting and is a different product than Cypher.


CableCARD Report Card

CableCARDs have been trickling into the marketplace, and six of the top MSOs have been asked by the FCC to file quarterly reports detailing their deployment and support. Here is a current scorecard (as of October, 2005 filings) on how many are being deployed and the costs involved.

Time Warner Cable:

Current CableCARD customers: 9,240

Monthly lease rate for CableCARD: $1.75

Average installation cost: $18.95


Current CableCARD customers: 3,799

Monthly lease rate for CableCARD: $1.25

Average installation cost: $34.95


Current CableCARD customers: 5,874

Monthly price charged for CableCARD: $1.75

Average installation cost: $40 (price is typically waived.)

Charter Communications:

Current CableCARD customers: 3,900

Monthly lease rate for CableCARD: $1.50

Average installation cost: $32

Comcast Cable Communications:

Current CableCARD customers: 27,875

Monthly lease rate for CableCARD: $0

Average installation cost: $23.12

Cox Communications:

Current CableCARD customers: 6,895

Monthly price charged for CableCARD: $1.99

Average installation cost: $22.91

Source: NCTA