Jan 2017

This page is for an MX8400 / AVP / nCC based system

These notes have been compiled using nCompass 9 from R3.12 SVT06 (nCC_9.01.25636.0) and will be valid for nCC versions from around v8.5. Unlike earlier version of nCompass, no XML files need to be edited (there is one if you are doing Director, not covered here) and no extra services need to be manually started.

The parameters used for the CA relate to equipment (ECMG, EMMG) that exists in SVT that is currently managed by Rob O’Neil. The concept is the same for configuration on customer sites, the only difference will be IP addresses / Ports and CA parameters, but the configuration remains the same.

This is not a comprehensive CA guide, it’s a simple set of notes designed to assist in a Simulcrypt CA configuration for anyone who has dealt with CA before, but needs a reminder of the basic configuration steps. If you have never dealt with a CA configuration before, this may not be that helpful.

I suggest reading this document in its entirety before starting a configuration, as all the information within is required for a working system.

This guide assumes that you are a competent user of nCompass Control as it is assumed you will know how to perform tasks such as creating a map, profile, scheduling profiles etc.

The steps covered here are:

1. Basic Terminology
2. Quick Overview
3. Adding items to nCompass map
4. ECMG/EMMG map settings
5. Mux Static Parameters
6. Adding Components to Profiles
7. Profile Scrambling Settings
8. Telnet testing functions

ECMG is the Entitlement Control Message Generator, this is an external server provided by the CA vendor that communicates with the SCS and sends ECMs on request.

ECM is the Entitlement Control Message, the ECM contains an encrypted version of the Control Word (CW) and Access Criteria (AC), and this provides the means for the receiver/STB to descramble the content.

The CWG is the Control Word Generator, and this generates a random 8 byte Control Word. This is forwarded on request to the SimulCrypt Synchronizer (SCS).

Control Words (CW) are also knows as keys.

Typically every 10 seconds, the CW will change. The time between new CWs is defined as the the Crypto Period (CP). CWs are defined as ODD or EVEN and alternate every CP to allow the STB to distinguish between CWs of adjacent CP, thus the CW is made available ahead of time.

EMMG is the Entitlement Management Message Generator, this communicates with the Mux and sends EMMs.

EMM is the Entitlement Management Message, and the EMM contains the authorization details for the smartcard/receiver to determine whether it is “allowed” to descramble the content.

Scrambler physically scrambles the required content using the CSA. (Common Scrambling Algorithm).

Remember, the ECMG is the key to descramble the content, but you can only descramble if the EMM entitles you (your smartcard) to do so.

CSA is the Common Scrambling Algorithm and this is the part of the Mux that scrambles the components.

Encryption – The ECMG Encrypts the Control Words sent by the CW Generator in the Mux.

SuperCAS ID is the CA System ID + CA Sub System ID.

It is worth remembering that Scrambling and Encryption are not the same:

Components (Video/Audio) are scrambled (by the scrambler in the Mux)
Control Words are Encrypted (by the ECMG)

In general, services can be scrambled at service or component level, unless you are using Director, where only service level scrambling is available.

Scrambling / Encryption (the following values are examples, not real data)

• String 0 0 1 0 1 0 0 1
• Scrambling 0 0 0 1 1 0 1 0
• Encryption 22 34 56 67 89

ECMs are referenced by PMT



EMMs are referenced by CAT



ECMs are sent in the clear, but their contents are encrypted (not scrambled)

EIS in most cases is the control system (so nCompass for most of our demos)

Mux and decoder times must be accurate with each other (for RX8200 you will need a TDT/TOT to set the time)

Director is based on Simulcrypt, but cannot be used for DTH

T22/T23 (ECM/EMM) is specific to Sky (NDS)

If using the Mux Control ports for CA (this only works for Director) then you still need to draw the CA connections to the Mux on the Map for routing purposes (from the ECM/EMM to the CA Port)

PDG goes at network level
EMM at TS level
ECM can be service or component level

The SCS in the Mux sends two Control Words (CW) from the Mux Control Word Generator (CWG) in packets to the ECMG, the ECMG encrypts the CWs and sends them back as ECMs with added vendor specific criteria.

The SCS also forwards the Access Criteria (AC) (obtained from the CA configuration) to the ECMG.

The yellow dotted box in the diagram is the Mux

ECMs are passed along to the scrambler (CSA in Mux) which uses the vendor specific information to scramble the content; ECMs are also passed in the Transport Stream (TS).

The ECM typically contains the following:

• The Access Criteria (AC) which must be satisfied before the STB can descramble the incoming services/components.
• The Control Word (CW) used to scramble the required services/components

EMMs provide authorization details to the Decoder/STB. These details must match the Access Criteria that is recovered from the ECM. The EMMs relate to the content of the subscription that the viewer has paid for. The EMMs can be targeted to individual STBs or groups of STB. The STB will only act on the EMM if it contains target information in its header that relates to the STB

The STB/Decoder passes the TS to the descrambler, and the ECM to the CA Processor (Smart Card/CAM module).


If the ECM matches the TS components (is the correct ECM for those components) and the EMM has the correct entitlement (you are allowed to descramble those components) then descrambling will start.

Before attempting to configure CA, please ensure you have a working system that is running in the clear

To enable Conditional Access, the map has to be altered, the main steps are:

Add EMM/ECM components to the map

Edit Mux Static Parameters to include:

• Set Map Global Settings
• Add EMMG/ECMG to Map
• Mux CA Ethernet Interface IP Address:Port
• EMMG Parameters
• ECMG Parameters
• EIS/SCS Parameters (if using external devices)
• Control / CA Static Routes
• CA Mode / CSA Version

From the Equipment Setup application, open the Maps Global Settings (Edit → Global Settings…)



Look for the ‘Conditional Access’ section, it will just have a single entry labelled ‘Any’

Enter the type of CA you are configuring (Conax, Nagra etc.) This box is just a label, and anything can be entered here. This entry will be visible is further menus when configuring CA.

Click ‘Ok’ to close this section, save the map.

To start Add the following components to the Physical Map

• Simulcrypt ECMG
• Simulcrypt EMMG
• Ethernet Hub

Double Click the Simulcrypt ECMG icon to show the properties.

Connect the Simulcrypt components to the hub, and then connect the hub to the CA port of the Multiplexer(s). A hub is required on the map as the Mux only has a single CA interface.



Edit the information in the relevant sections.

1. ID – This is just a label to describe this ECMG map item
2. CA Vendor – Use this drop down list to add your CA Vendor
3. CA System ID – This will be supplied by the CA Vendor / customer
4. CA SubSystem ID – This will be supplied by the CA Vendor / customer
5. CA Types – This list comes from the list you edited in the map Global Settings

Remember – SuperCas = CaSystem ID + CA SubSystem ID Click OK to close this window

Double Click the Simulcrypt EMMG icon to show the properties.



Edit the information in the relevant sections.

• ID – This is just a label to describe this ECMG map item
• CA Vendor – Use this drop down list to add your CA Vendor
• CA System ID – This will be supplied by the CA Vendor / customer
• CA Types – This list comes from the list you edited in the map Global Settings
• EMM Mux Connectors - This will be supplied by the CA Vendor / customer. You can chose a Mux (this is populated from the Mux) but in general, set ‘Any Mux’

Click OK to close this window

On the physical Map, double click the Mux icon, then click ‘Edit’

This is where the IP Address of the CA Interfaces on the Mux are defined. There are three IP Addresses per configuration (there are two interfaces running as a redundant pair.



Enter the Primary, Backup and Virtual IP Address details.

If the network that hosts the ECMG/EMMG is not directly reachable from the CA network, you may need to add a static route.



In the Mux Static Parameters there is a section called ‘Control / CA Static Routes’ this is a table, double click this to open the table.



Add the desired routing information (this will come from the customer, as it will be their network you are connecting to). Click OK to close this window.

The only parameter we have to supply for the EMM connection is a port (TCP/UDP) But the CA vendor will need to put the CA Port address of the Mux in to the EMMG so that the EMMs are sent to the Mux CA Port.

In the Mux Static Parameters, there is an entry entitled ‘ECMGs’ This is a table that lists the available ECMG servers (on a real system, there may be redundant servers).



Double click the ECGMs entry to open the table.



Add each server in the table as shown. In this example the ECMG server address is 192.168.3.35. Again this information will come from the CA Vendor / Customer.

Don’t forget to scroll along and add the ECMG Port to the ECMG settings above.

EIS/SCS parameters will only be used if there is an external scheduler or scrambling system being implemented; normally these settings are not used when the Ericsson Mux is doing the scrambling.

At the end of the Mux Static Parameters list there are two entries that we need to configure



The CA Mode is by default set to ‘None’ this needs to be changed to ‘SimulCrypt’

The CA CSA Version is set to ‘SimulCrypt EIS Control’ by default. This is generally fine but can be set to ‘Force CSA1’ or ‘Force CSA2’

• Close all windows and accept any changes you made
• Save the Map (if you only have the original map then create a copy)
• Upload the Map
• Once uploaded, reboot the Mux for any IP Address / Parameter changes to take effect

Having configured the components on the Map and the Mux Static Parameters, we need to add the relevant components to the Profile, set the scrambling and schedule the profile to start the CA Configuration.

EMMs are added at the Transport Stream (TS) level. To add an EMM right click your profile at the TS level and from the menu select ‘Add EMM…’





Most of the information required here will come from the Customer or CA Vendor. If you do not have this information you will not be able to proceed.

Fill out the General and Streams tabs, the Private Data is not required in this example.

Label - This is just a label to allow you to identify this EMM in your TS configuration CA System ID - Select the correct CA type from this list CA Type - This list is populated from the entries made in the map Global Settings

Output PID - The PID you wish to assign to this component. Bit Rate - Bit rate of EMM (this is used by nCompass for TS size calculations)

ECMs can be added at Component or Service level to scramble just a single component or the entire list of components in a service.

To add an ECM, right click the desired service in the profile, and from the list select ‘Add ECM…’

Label - This is just a label to allow you to identify this EMM in your TS configuration CA System ID - Select the correct CA type from this list CA Type - This list is populated from the entries made in the map Global Settings SGD ID - Scrambling Control Group ID

The SGD ID is the Scrambling Group ID, this must be unique per TS. The SGD ID can be used to give several components the same access, where access is controlled by the EMM via the smart card.

	Vendor 1
		
Service 1	Video 	AC 1
	Audio	AC 1
	Audio	AC2
		
Service 2	Video	AC2
	Audio	AC2
	Audio	AC1
		
Service 3	Video	AC3
	Audio	AC3
	Audio	AC1

In the above example, the SGC ID is an example of using different SGD IDs. If the Smart Card being used only allows for SGD ID 1, then you can only descramble any components marked AC1.

This only really works like this if ECMs are at component level, if ECMs are at Service Level,

Output PID - The PID you wish to assign to this component. Bit Rate - Bit rate of EMM (this is used by nCompass for TS size calculations) SGD ID - TBC



Private Data is not required in this example.

The Access Criteria (AC) will be supplied by the CA Vendor.

Having added all of the required components to the transport stream, the profile for the service to be scrambled must be edited.



Each component must be selected and the Scrambling changed

If you have been running in the clear, then chances are that you are not generating a Conditional Access Table (CAT). This will now need to be added.



From the Transport Stream settings in the Profile Manager, ensure to select the CAT table.

We can test the connectivity between the CA servers and the MX8400 Mux using some Telnet menus, Telnet to the MX8400 and login using:

  engineer
  engineer

If the time of the MX8400 is out, then CA will at some point stop working, as it will assume all the CA messages are out of date.

From the Telnet Menu select 1,1 Time (1. Configuration, 1. Time)



Here the Mux time can be seen, if this time is incorrect, then you may not be able to descramble any components.

To test the ECMG status, use the following menu selection.

2,4,1 (2. Status, 4. Conditional Access, 1. ECMG Status) (go back to main menu first)



Here it can be seen that there is an active connection to the ECMG.

Press 1 again – ECMG Status



Here we can see the status of the ECM, the SuperCAS ID, Channel ID etc.

Press 1 again – ECMG Details



Here we can see the Stream Details, CP Parity (CP is Crypto Period) and the CP duration (10s by default)

To test the EMMG status, use the following menu selection.

2,4,2 (2. Status, 4. Conditional Access, 2. EMMG/PDG Status) (go back to main menu first)



Here we can see the EMMG Status (Client ID 0x00000001 in this example) As we only have as single EMM we only see one connection in this example.

Select '1' to see the EMMG Details.



Here we can see the Client ID, Channel ID and number of Streams.

Press '1' for the Stream Details



Here we can see that the EMMG is initialised, that it is un use and we can see Bandwidth useage etc.

The RS232 port on the Mux displays some more information about the Mux status, this is quite useful. However if you do not have an RS232 cable, or port on your laptop, then you can use this method.

The RS232 messages are redirected to port 12, so you can Telnet to port 12 (instead of the normal port 21)

Telnet ‘mux-control-address:12’ e.g. Telnet 192.168.27.31:12



This display can be very useful to see what errors the mux is trying to report.

For Test System Mux ONLY
These parameters will only work in demos (due to routing) and will only work on our Mux.

Alan Walker	Demos	Ext Num						Provided By: 
                                                                        Rob O’Neill	
									
Date    Current	16-11-15							
	Review	06-01-16											
									
Link    	To Room	Patch panel ID					
F54 – CAPEN V&I Int 11 		G7 						
								
Network 	Gateway	        SCS 1	        SCS 2				
10.101.101.x/24 10.101.101.254	10.101.101.3	10.101.101.6				
								
ECMG	  CAS ID  SubSystem ID	IP	        Port	AC	        TS Section/Packet	Max ECMs
Conax 	  0B00	  0001	        192.168.3.70	5000	00000066	Packet	                25
Irdeto	  0604	  0000	        192.168.3.90	4350		        Packet	                25
								
EMMG      CAS ID  SubSystem ID	TCP Port    UDP Port	TS Section/Packet   Bandwidth (KbS)  Channel	Stream
Conax	  0B00	  0001	        5001	    -	        Packet	            100	             1	        1
Irdeto	  0604	  0000	        5001		        Packet	            50	             0	        0
									
CAM                     CAM sn	        Type		Smartcard	AC	                Valid Until	
Smit Icecrypt SVT 81	OAK1T134500097	Single Svc	10075964063	90010006000100010065	Review date	
						                        (Irdeto Access Criteria)

For Test System Mux ONLY
These parameters will only work in demos (due to routing) and will only work on our Mux.