TRAI consultation paper: Tech players echo need for defined CAS/SMS framework

TRAI consultation paper: Tech players echo need for defined CAS/SMS framework

A consultation paper was issued in April and the industry has responded.

TRAI

MUMBAI: The irregularities in the conditional access system (CAS) and subscriber management systems (SMS), the key pillars of delivering broadcast services in the digitised era,  have been major concerns for stakeholders. Like all broadcasters and major distribution platform operators (DPOs), technology players have voiced the need to define a framework for CAS/SMS systems as the Telecom Regulatory Authority of India (TRAI) issued a consultation paper seeking comments on the issue.  

ByDesign India Private Ltd (BIPL), which offers an advanced embedded security CAS, SMS platform, recommends certain additional audit measures to improve the compliance of CAS, SMS which can be utilised by TRAI and/or its appointed auditors as it is of the view that self-certification is not sufficient.

“BIPL has long been an advocate for standardisation of the systems which creates a level playing field and a fair operating environment for all ecosystem partners," it said. According to it, a defined framework with minimum requirements would ensure good service quality to end consumers, help broadcasters by reducing content security threat and prevent loss of revenue for the government of India. It mentioned the dire need to define a framework to benchmark the minimum requirements of the system before these can be deployed by any DPO in India.

“A standard framework also allows the product / application developers / providers to plan their resources and price their products / services in accordance to the market offerings and end consumer requirements. This helps in running sustainable business operations with healthy competition and implementing growth strategies thereby providing confidence and satisfaction to its investors, shareholders as well as its employees,” it added. 

Nagra Kudelski opined that a certificate from CAS and SMS vendor is sufficient to confirm the compliance of CAS, SMS. However, it also noted that a compliance certificate certifying that the SoC (System on Chip) has implemented secure TEE or hardware root of trust (security module) needs to be issued by the SoC vendor. It also added that SoC, CAS, SMS vendors should have a registered office in India with the necessary infrastructure to provide 24 x 7 support. 

“While we follow the Digital Video Broadcasting Project (DVB) standards, we also agree that there is a need to define a framework for the overall Digital TV systems in India. There is a need to define CAS security and robustness to ensure that the business and technical interests of Operators and the Government of India are fully met,” it stated further. 

ReliableSoft, one of the leading SMS providers in India recommended that TRAI should finalise benchmark features of SMS apart from Schedule III features and then all DPOs should conform those features with their existing SMS or New SMS that DPOs are going to finalise, based on that SMS compliance can be improved. It is also in favour of a defined framework for SMS systems in India.

Schedule III of the interconnection regulation specifies the benchmark features or technical criteria that the systems are required to comply with. In addition, there are provisions in Schedule III that entail CAS and SMS systems to conform to certain technical features to check the piracy.

SAFEVIEW, which offers CAS/DRM solution to TV operators, said that CAS-issued certificate for the SMS deployed in that particular DPO should be made mandatory. It also added that current version of CAS deployed needs to be certified by an accredited international agency for Hollywood studios. It is also in favour of defining a framework for CAS/ SMS systems to benchmark the minimum requirements.

However, technology players differ in their opinion on the topic that who should be entrusted with the task of defining the framework. BIPL said a committee should be entrusted with a chairperson who should be reporting to the regulator. It also suggested representation from TRAI,  ministry of information and broadcasting (MIB), ministry of electronics and information technology ( MEITY), ministry of home affairs (MHA), ministry of finance (MoF),  ministry of company/ corporate and consumer affairs, Prasar Bharati, Software Testing and Quality Certification (STQC) Directorate, BIS (Bureau of Indian Standards). 

“We propose that TRAI leads the overall monitoring and execution with support from BIS. Assign industry members including the leading CAS vendors, operators and SMS vendors as part of a group to define the framework. As TRAI is the leading authority that defines the rules and regulations for the industry, and therefore, is in best position to ensure proper measures are put in place. Adding industry members will ensure that the operation and business interests are considered as part of the framework,” Nagra Kudelski said. 

ReliableSoft suggested that STQC Directorate should be entrusted with the task while SAFEVIEW recommended TRAI itself should take up the task.