ATSC Takes 3.0 Security 'Very Seriously': Noland

Amid ransomware attacks, the Advanced Television Systems Committee takes security of the 3.0 standards and deployment “very seriously,” said President Madeleine Noland. “We are vigilant” about security, she told us Friday. “It is not an afterthought. It is absolutely one of the most important parts of the standard.” 3.0 security “was built in and considered from the very beginning,” she said. The A/360 document in the suite of 3.0 standards on security and service protection was approved two years ago and was last updated in February. A third A/360 amendment on updated system encryption is in the candidate standard process that runs through Dec. 31. The 3.0 standards say “all the executable code shall be signed” cryptographically with a specified “key structure,” she said. “The receiver is able to look at that signature and determine whether or not the executable came from a bona fide source.” And “all the signaling structures” for audio and video, emergency alerting and other service features “must be signed” by the broadcaster, Noland said. “It would be very difficult for a man-in-the-middle attack to come in and sort of take over.” ATSC’s S36 specialist group on 3.0 security, chaired by Sony Director-Technical Standards Adam Goldberg, “meets on a regular basis, and they always have their ear to the rail,” Noland noted. Broadcasters have been hit by other ransomware attacks. (See our recent report here.)