SCALABLE SERVICE PROTECTION

NASC/NOCS

NAGRA's On-Chip Security (NOCS) & Device Certification

NOCS refers to a NAGRA IP block with security functions that are put into SOCs. NOCS (also known as the NAGRA root of trust) plays a key role in the overall content protection chain and is highly leveraged by NAGRA CAS/DRM clients to provide increased and controlled security to service providers.

The NOCS IP block  is provided by NAGRA to SOC vendors in the form of a netlist and then integrated by the latter into their silicon before being certified by NAGRA (functionality and security).

NOCS is independent of customer projects, although it can be verticalised in the field to bring strong customer/market security segmentations. NAGRA works protectively with SOC vendors to enable NOCS on Pay-TV SOCs. NOCS was first introduced in the market in 2002 and since then it has gone through multiple evolutions – NOCS 3.1 is the latest version.

All major Pay-TV chipset providers have NOCS-certified chipsets, including Broadcom, Mstar, Hisilicon, ST, Intel, NXP, NEC (Renesys), Sigma, and Conexant.  As of today, over 30 different chips have been NOCS certified and over 30 million NOCS chipsets have been deployed.

Nagra Advanced Security Certification (NASC)

NASC is a specification and certification process for device manufacturers to ensure their devices properly leverage the NOCS security features in the chipset in order to provide the required security for NAGRA CAS/DRM, device and content protection.

NASC is a set of security requirements to be implemented by device and middleware providers to be protected against certain types of attack. NASC requires the use of a NOCS chipset. In basic terms, NASC allows you to protect CAS and DRM assets, the device itself, boot loaders, software download mechanisms, and other software stacks.

Most major device vendors have produced NASC-certified devices, including ADB, Arion, Changhong, Cisco, Coship, Echostar, Huawei, Humax, Kaon, LG, Novabase, Netgem, Pace, Prime, Sagem, Samsung, Skardin, Technicolor, Telsey, and Zinwell.

NASC comes with a  certification process through which NAGRA checks compliance with its requirements by devices and middleware in their implementation. Such a NAGRA-led certification ensures a minimum standard and prevents weak implementations from entering the market. This also helps service providers to align to a standard, despite different device vendors and middleware providers, as they are not all created equal.

Note: It is important to mention that, whereas all NAGRA Broadcast Secure Clients rely on NASC and NOCS, the NAGRA CONNECT Client can also support either software root of trust or third-party root hardware root of trust from SOC vendors.
Copyright © 2020 Nagravision S.A.