Driven by growing consumer popularity, the ability to provide additional rich and user friendly features and access to a wide range of apps, Android is rapidly becoming a very desirable operating system for hybrid STBs. Thus, hybrid STBs based on Android OS and Android TV are becoming increasingly attractive for pay-TV operators looking to enhance a combined broadcast-OTT service offering and offer consumers a wider range of entertainment services.
As of 2015, Android has the largest installed base of all operating systems. According to an estimate by Statistica, Android smartphones had an installed base of 1.6 billion devices in 2014, 75 percent of the estimated total number of smartphones worldwide. Android’s popularity is based on its ready-made, low-cost, and highly customizable design. Its open environment enables developers to use the source code to design new and advanced features and functions, or to bring Android to devices that have traditionally used other operating systems, such as hybrid STBs.
Android TV, a platform for smart TVs based on Android 5.0 (“Lollipop”) mobile operating system, is specifically developed to provide a full Android experience on TV devices. In other words, Android TV is Android OS enhanced with basic middleware and a full user interface for smart TVs, game consoles, and hybrid STBs.
Developed to meet the growing demand for easy “one stop shop” access to entertainment and gaming with excellent user interface on TV devices, Android brings a streamlined user interface to TV devices, putting the focus on content and usability. Users can view content from a variety of providers such as Google Play, Netflix, and YouTube, as well as play a variety of Android games.
The benefits of Android in hybrid STBs
Some key examples of growing pay-TV operator interest in Android-based STBs:
- Popularity: One of the greatest motivating factors for using Android-based STBs is consumer popularity. Savvy consumers are already familiar with Android mobile touchscreen devices, making it easy to adapt to, use and operate Android STBs. It could be said that the Android name alone is enough to attract consumers. Thus, offering Android-based OTT services can provide operators with a competitive edge.
- Apps: Today’s consumers are hungry for a wide range of apps - the key benefit fordeploying Android. Android offers the Google Play Store, the largest app distribution system available. Google Play Store officially reached over 1 million apps in July 2013, surpassing Apple App Store’s 900,000 and app downloads grew to over 50 billion.Operators can develop their own “operator apps” to offer enhanced services to both existing subscribers as well as reach out to consumers outside of their existing service region, potentially tapping new revenues and competitive awareness.
- High operational benefits: Android provides operatorswith a stable, consistent middleware architecture, high system integrity, unification of features across devices, and quick and iterative deployment of new features. In addition, Android OS is non-proprietary, reducing costs.
- Android OS essentially create a “smart STB” – an STB that enables TV devices to be “smart” without actually being a smart TV. Android OS can provide linear channels, standard broadcast services such as on demand services and features and exclusive live events; enabling operators to offer consumers the best of both worlds.
- Open, flexible support for rich TV features and functionalities: Android is open and flexible, and highly adaptable to changes, allowing operators to customize user interfaces and design customized features and functionalities specific to their operations. The openness of Android also enables adaptability to most hybrid STBs.
A closer look at Android security
Android offers reputable security in general, providing a robust multi-layered security architecture that is flexible and open. SELinux (Security-Enhanced Linux) is supported for the latest Android versions, each app contains its own dedicated user account for its processes and apps run in a sandboxed JVM (Java Virtual Machine) environment. In addition, apps can access only a limited range of system resources and unsigned apps can be blocked. Full disk encryption is also supported.
While Android includes reputable security architecture, vulnerabilities still existthat operators need to take into consideration.Android’s high popularity makes Android devices attractive to hackers looking actively to exploit vulnerabilities. The more widely used Android is, the greater the potential gains for pirates and hackers.
Android’s open, exposed-to-the-Internet, environment in STBscreates a vulnerability to hacking that have the potential to shut down the STB or potentially hijack an operator’s STB platform to blackmail the operator. Hackers will aim to penetrate open channels within the STB or by inadvertent downloading of apps containing malicious software. If the Android environment of the STB is compromised, the broadcast environment of the STB is also at risk of attack.
The Android CDD and STB security
One concern is Google’s requirements for licensing Android. The Android CDD (Compatibility Definition Document) can come create conflict with the security requirements for hybrid STBs set forth by content owners. These are conflicts that can potentially lead to security breaches that could pose serious threats to broadcast operations.Operators should engage the expertise of a strong security partner to guide them through the necessary requirements of CDD compliance while ensuring platform security.
Security considerations in a hybrid STB
Hybrid STBs enable both DVB-based traditional broadcast TV and OTT services. The broadcast environment of the STB and the OTT environment of the STB coexist within the STB and the architecture of the box is such that they are separated into two separate environments, with a protective wall between them.
- The broadcast environment: Pay-TV operations have specific security needs and often include premium content with strict regulations for protection and DRM compliance set by content owners. Hybrid STBs support both DVB-based traditional broadcast TV and streamed content OTT. The traditional broadcast environment is protected by the operator selected conditional access solution preventing control word sharing and illegal content streaming.
- Android environment:Hybrid STBs, unless protected by walled garden networks, are connected to the open, unmanaged Internet.This uncontrolled environment makes it challenging to prevent security breaches such as DoS/DDoS attacks and malware in apps. However, though the Android environment is open to the Internet, there are hardening methods available to increase the level of security provided by Android.
- Multi-DRM approach:The DRM market is currently highly fragmented. To enable a common set of business rules for both broadcast and OTT environments, operators should employ a flexible, unified security platform to handle both environments. The importance of protecting the broadcast operation should not be underestimated as it the main medium for premium content delivery such as 4K/UHD movies and live sports. STBs need to manage multiple DRMs in one device.Therefore, it is advisable that future pay-TVplatforms are based on a flexible security solution that reduces the complexity of handling both CAS and multiple DRMs for the operator.
Separation –closing the security gaps
Offering an extensive range of features and functionality also creates a large attack surface. So from a security standpoint, everything that is not necessary for a functioning STB should be locked down to limit potential modes of attack. Operators should preferably have full control of apps used in the operation. Because this is not a likely scenario when using Android, operators need to look for other ways to prevent the security breaches that may come from exposure to the Internet to ensure the high overall level of security required for their operations.
Despite these challenges, it is possible for operators to offer secure broadcast-OTT services based on Android. This is done by completely separating the broadcast environment and the heavily-exposed Android OTT environment. However, separation has its challenges. This is described in the following section.
Extra hardening of the separation
The complexities of separation show that operators cannot “simply install Android” in hybrid STBs. Experienced content security providers can guide operators in the task of ensuring that the separation between the broadcast and Android parts of the hybrid STB is strong enough to resist piracy and hacking attacks.
Although current software-based separation technologies are deemed to be adequate, these can be compromised. Conax believes that the separation needs to be made stronger and offers a unique hardware-based separation of environments that is considerably stronger than standard separation solutions are available today.Hybrid STBs security tested by Conax include a chipset with two separate environments in the hardware. This separation greatly reduces the threats and lowers the threshold for operators who want to use Android STBs.
Certified security evaluations for Android STBs
It is important to ensure that Android STBs undergo a strict security regime to properly safeguard broadcast operations, thus undergoing a reputable, certified security evaluation of the hybrid STB is highly recommended.
Operators can benefit by offering Android-based broadcast-OTT services. Fast time-to-market of new features, wider range of entertainment and high-quality user experience are often mentioned benefits of Android-based pay-TV solutions. However, securing Android STBs is a highly complex task.
Building an Android-based TV solution requires expertise in three specific areas – broadcast content security, Android as a TV platform, and how to keep the two environments separate in a hybrid STB. Operators will benefit from using CAS / DRM security experts such as Conax to manage the security needs of their current operations and plan a reliable roadmap to the future. Conax, with over 25 years of security expertise, is offering end-to-end solution together with partners to provide the bestAndroid-based broadcast-OTT operations. All Conax solutions are based on our proven and future-proof Conax Contego™ Multi-DRM security backend and our open partner policy.