CEA-679-C-2005 National Renewable Security Standard (NRSS)《国家可恢复安全标准(NRSS)》.pdf

1、 CEA Standard National Renewable Security Standard (NRSS) CEA-679-C R-2013 October 2005 NOTICE Consumer Electronics Association (CEA) Standards, Bulletins and other technical publications are designed to serve the public interest through eliminating misunderstandings between manufacturers and purcha

2、sers, facilitating interchangeability and improvement of products, and assisting the purchaser in selecting and obtaining with minimum delay the proper product for his particular need. Existence of such Standards, Bulletins and other technical publications shall not in any respect preclude any membe

3、r or nonmember of CEA from manufacturing or selling products not conforming to such Standards, Bulletins or other technical publications, nor shall the existence of such Standards, Bulletins and other technical publications preclude their voluntary use by those other than CEA members, whether the st

4、andard is to be used either domestically or internationally. Standards, Bulletins and other technical publications are adopted by CEA in accordance with the American National Standards Institute (ANSI) patent policy. By such action, CEA does not assume any liability to any patent owner, nor does it

5、assume any obligation whatever to parties adopting the Standard, Bulletin or other technical publication. Note: The users attention is called to the possibility that compliance with this standard may require use of an invention covered by patent rights. By publication of this standard, no position i

6、s taken with respect to the validity of this claim or of any patent rights in connection therewith. The patent holder has, however, filed a statement of willingness to grant a license under these rights on reasonable and nondiscriminatory terms and conditions to applicants desiring to obtain such a

7、license. Details may be obtained from the publisher. This document does not purport to address all safety problems associated with its use or all applicable regulatory requirements. It is the responsibility of the user of this document to establish appropriate safety and health practices and to dete

8、rmine the applicability of regulatory limitations before its use. This document is copyrighted by the Consumer Electronics Association (CEA) and may not be reproduced, in whole or part, without written permission. Federal copyright law prohibits unauthorized reproduction of this document by any mean

9、s. Organizations may obtain permission to reproduce a limited number of copies by entering into a license agreement. Requests to reproduce text, data, charts, figures or other material should be made to CEA. (Formulated under the cognizance of the CEA R4.8 DTV Interface Subcommittee.) Published by C

10、ONSUMER ELECTRONICS ASSOCIATION 2013 Technology when security is removable, the consumer electronics device can be “secret-free“. A hybrid security system uses embedded circuitry but, if necessary, this circuitry may be upgraded or overridden and replaced with replaceable elements. Thus, embedded se

11、curity may nonetheless be replaceable. A split security system has both embedded circuitry that supports some security functions (e.g., descrambling) and replaceable circuitry that supports other security functions (e.g., key management). Both NRSS-A and NRSS-B support all options except the embedde

12、d security. The consumer electronics industry is looking for a digital standard “cable ready“ television set, receiving both broadcast and cable digital services, that is secret-free and mass merchandiseable. The availability of NRSS-A and/or NRSS-B security elements allows support for the consumer

13、electronics needs. This discussion is provided in order to explain the environment in which this standard has been developed. This standard was developed under the auspices of the CEMA Technology Fax 202-828-3131; Internet http:/www.atsc.org CEA Standards: Global Engineering Documents, World Headqua

14、rters, 15 Inverness Way East, Englewood, CO USA 80112-5776; Phone 800-854-7179; Fax 303-397-2740; Internet http:/; Email CEA-679-C (Part A) 2IEC Standards: Global Engineering Documents, World Headquarters, 15 Inverness Way East, Englewood, CO USA 80112-5776; Phone 800-854-7179; Fax 303-397-2740; In

15、ternet http:/ ; Email IEC Central Office, 3, rue de Varembe, PO Box 131, CH-1211 Geneva 20, Switzerland; Phone +41 22 919 02 11; Fax +41 22 919 03 00; Internet http:/www.iec.ch ; Email pubinforiec.ch ISO Standards: Global Engineering Documents, World Headquarters, 15 Inverness Way East, Englewood,

16、CO USA 80112-5776; Phone 800-854-7179; Fax 303-397-2740; Internet http:/ ; Email ISO Central Secretariat Office, 1, rue de Varembe, Case postale 56, CH-1211 Geneve 20, Switzerland; Phone +41 22 749 01 11; Fax +41 22 733 34 30; Internet http:/www.iso.ch ; Email centraliso.ch NIST FIPS PUBs National

17、Institute of Standards and Technology (NIST), c/o National Technical Information Service (NTIS), 5285 Port Royal Road, Springfield, VA 22161; Phone 703 605 6000; Email ordersntis.gov ; http:/www.csrc.nist.gov/publications/fips/index.html 4 Definitions Also see ISO 7816. A CA module (CAM) is the cond

18、itional access device, such as, an ISO 7816 smart card or a conditional access card. This is the device that provides authorization and decryption functions for the consumers system. A CE device is a consumer electronics device, such as a television receiver, a set-top converter box, or a plug-in mo

19、dule that performs a signal conditioning function and houses the conditional access interface. A PID is a packet identification number. This is used to identify a single data stream within a packetized multiplexed data stream. A television service may consist of several data streams, including but n

20、ot limited to, one PID number for video, and one or several PID numbers for audio. A reportback channel is a means of communication to a head-end or uplink system. Examples of such communication channels are telephone connections, reverse cable modem channels, and wireless communications. NVM is non

21、-volatile memory, that is, memory that is retained when operating power is removed, such as EEPROM, ferrite core memory, a disk drive, or battery-backed-up RAM. Number Base: Unless otherwise specified, numbers in this document are decimal base. However, numbers that begin with 0x are hexadecimal bas

22、e numbers. 5 General Electrical and Physical Characteristics The CA module shall conform to the physical and electrical characteristics (Annex B (normative) described in ISO 7816 with exceptions and additions noted in Section 6. Additionally, the CA module shall be capable of being inserted in and r

23、emoved from a powered CE device without damage to either the CA module or CE device. The conversation between the CA module and CE device shall start (end) with the activation (deactivation) of electrical contacts by the CE device. The consecutive operations needed for these two processes are shown

24、in Table 1. CEA-679-C (Part A) 3Activation Deactivation (1) RST state L (1) RST state L (2) VCC powered (2) CLK state L (3) I/O reception mode (in CA) (3) VPP inactive (high speed clock) (4) VPP inactive (high speed clock) (4) DIN inactive or low (5) CLK provided with a stable clock (5) I/O state A

25、(6) VCC inactive Table 1 Procedure for NRSS Part A Activation/Deactivation 6 Exceptions and Additional Physical Characteristics The CA module shall employ the card height (nominally 53.98 mm), width (nominally 85.60 mm), and thickness (nominally 0.76 mm) dimensions of ID-1 type cards defined in ISO

26、7810, with the following exceptions. Unless otherwise specified, all measurements have a tolerance of 0.05 mm. a) Card Width: The card width may be any value between 85.60 mm and 111.00 mm. b) Card Thickness: The portion of the card that is inserted into the connector shall have a thickness of 0.76

27、mm, for a distance of at least 37.00 mm from that edge of the card which is inserted into the connector. At any point within 5.0 mm from any of the edges of the card, the card shall have a thickness of 0.76 mm. The remainder of the card may have a thickness not to exceed 5.00 mm. c) Flexibility: The

28、 flexibility requirements of ISO 7816 are not required in the CA module. The intent of this set of physical requirements is to allow the use of a wide range of existing ISO 7816 connectors, while simultaneously accommodating a wide range of internal architectures for the CA module. The CA module may

29、 contain batteries and many ICs. The CA module form factor range also includes the flexible IC card which is superficially indistinguishable from the ISO 7816 card. Physical limitations of the CA module are depicted in Annex C (normative). 7 Exceptions and Additional Electrical Characteristics This

30、CA module uses the same 8 contact physical connector as ISO 7816, but three contacts are used differently. These contacts are C4, C6, and C8, and their uses are identified in Table 2. contact Use Previous assignment C4 High-speed data in Reserved for future use C6 High-speed clock VPP (programming v

31、oltage ) C8 High-speed data out Reserved for future use Table 2 Additional Contacts Used in NRSS Part A The contacts C1, C2, C3, C5, C7 remain unchanged. These are the complete set of ISO 7816 contacts that are used for most modern ISO 7816 integrated circuit cards containing microprocessors. An exa

32、mple architecture for a CA module is given in Annex D (informative). This architecture is flexible for future improvements; stronger scrambling algorithms, longer keys, and different formats for EMM and ECM filters can be used. The timing diagram (see Figure 1) describes the relationship between the

33、 three high speed signals. Table 3 summarizes the timing requirements of this interface. CEA-679-C (Part A) 4High speedclockHigh speeddata inHigh speeddata out34561278Figure 1 Timing Diagram # Symbol Parameter Conditions Value Unit Min. Max. 1 TsDINHigh-speed Data In Set-up Time before DCLK 4.0 ns 2

34、 ThDINHigh-speed Data In Hold Time after DCLK 1.5 ns 3 TwlDCLKHigh-speed Digital Clock Low Period 9.0 11.0 ns 4 TwhDCLKHigh-speed Digital Clock High Period 9.0 11.0 ns 5 TDCLKHigh-speed Digital Clock Period 20.0 ns 6 TrDCLKHigh-speed Digital Clock Rise Time 3.0 ns 7 TfDCLKHigh-speed Digital Clock Fa

35、ll Time 3.0 ns 8 TdDOUTHigh-speed Data Out Valid Time after DCLK Cload=50pF 2.5 15.0 ns Table 3 Timing Diagram 7.1 High-speed Data-in This is the high-speed serial data in signal, and is a one bit input per each high-speed clock cycle. The data-in serial stream is an MPEG-2 system level transport pa

36、cketized data multiplex. Between packets, zero stuffing is required. 7.2 High-speed Clock This is the clock that determines the bit rate of both the high-speed input and high-speed output. Continuous operation is required. 7.3 High-speed Data-out This is the high-speed data out signal that produces

37、one bit of data output per each high-speed clock cycle. The data-out serial stream is an MPEG-2 system level transport packetized data multiplex. The card has a fixed bit delay between input and output. CEA-679-C (Part A) 57.4 Functional Operations on High-speed Data On startup, the high-speed data

38、out is a delayed copy of high-speed data-in with a fixed bit delay. 7.5 Communications Protocol and Flow Control Only asynchronous half-duplex character transmission protocol, T=0 (see ISO 7816-3), is supported and required. (Asynchonous half-duplex block transmission protocol can optionally be impl

39、emented if the application needs it.) If an NRSS-A module will not be able to accept communications, it can assert the data line as indicated in Section 7.5.1 and Section 7.5.2 to provide flow control. 7.5.1 CA Module Implementation of Flow Control The CA module may signal that it is busy in the fol

40、lowing ways: a) Assert the data line (state A) beginning at 11.5 +/- 0.2 ETUs after the start of the last character (during the time between characters). This will cause the host to delay the next character. The assertion shall be for more than 1.0 ETU and last until at least 12.5 ETUs from the curr

41、ent start bit. b) Assert the data line (state A) beginning more than 12.5 ETUs after the start of the last character (during the time between characters). This will cause the host to delay the next character. The assertion shall be for more than 12.0 ETUs. The maximum time that the flow control shal

42、l be asserted is the duration of the work waiting time (see Section 8.1 of ISO 7816-3). Flow control shall not be asserted on the last character before a direction change of the data. Flow control shall not occur if the CA module has indicated a parity error condition on the previous word. 7.5.2 Hos

43、t Implementation of Flow Control The host shall implement Section 6.3 of ISO 7816-3 (error detection and repetition). The host shall test the data line before any transmission to verify that the CA module is not excercising flow control. If the data line is asserted (state A), the host shall wait un

44、til at least 1.0 ETUs after the line returns to the high impedance state (Z) to start its transmission. If the data line does not return to state Z during a full work waiting time, the host should reset the CA module. The next byte after flow control when transmitting will not be sent before: max. (

45、flow_control_end + X, TGT), where X = 1 0.02 ETU (see Figure 2 and Figure 3). SByte P Byte STime from Start bit to here = min per Guard TimeFlow ControlX11.5Figure 2 Flow Control, Next Byte at Total Guard Time (TGT) CEA-679-C (Part A) 6SByte P Byte STime from Start bit to here = min per Guard TimeFl

46、ow ControlX11.5Figure 3 Flow Control, Next Byte After end_flow_control + X 8 Commands Commands are sent between the CE device and the CA module via the ISO 7816 serial I/O line. Using the commands presented in Sections 9-21, complete conditional access applications can be created. An example of how

47、this can be accomplished is included in Annex E (informative). Only asynchronous half-duplex character transmission protocol, T=0 (see ISO 7816-3), is supported and required (Asynchronous half-duplex block transmission protocol can optionally be implemented if the application needs it). All commands

48、 are originated by the CE device. Any information that is sent from the CA module to the CE device must be requested by the CE device. Each command consists of a 5-byte command preamble and a message. The preamble is always sent from the CE device to the CA module. Depending on the contents of the p

49、reamble, the message either is sent from the CE device and is read by the CA module, or it is sent from the CA module and is read by the CE device. For each command, the explanation indicates whether the command is required to be implemented in the CA module or not, and the default values of the data message, if any. For all commands that are listed as “required”, the CA module must support the intended functionality in order to be considered an NRS