To gain an understanding of how the broadcast industry’s transition to IP-based systems is going, Félix Poulin suggests literally visualizing it. Poulin, director of media transport architecture at CBC/Radio-Canada, explains that the continually evolving Technology Pyramid for Media Nodes document created and periodically updated by the EBU’s Technology and Innovation Unit, offers the industry “an expression of the needs of users” in the broadcast community as it relates to comprehending “what the minimum number of [IP-related] features need to be” in order to successfully build and maintain a large-scale, IP-based broadcast facility.
Poulin says the pyramid illustrates different colored layers “that indicate the current state of the market.”
“For example, the media transport layer is green, which is good—it means the industry is providing what is needed for that aspect of things right now, and it is getting mature,” he elaborates. “At the bottom of the pyramid, you will see the security section listed in red, while configuration and monitoring are shown in red and yellow. That means we are not there yet in those categories, that most products lack the vigorous security features that would be needed. Those tools are not to the level we would like to have them for a secure plant. Configuration and monitoring are often lacking the proper interfaces to readily be able to integrate with everything else in a big, multi-vendor system.”
The pyramid has been tweaked over the years, however, as things change across the industry. In particular, according to Poulin, what has changed the most in recent years is that “everybody has learned from the experiences of big projects like ours [the state-of-the-art CBC/Radio-Canada Broadcast Center in Montreal] and others that have [gone online] in a similar time-frame, such as [European Broadcaster BCE Luxembourg’s] RTL project and the BBC’s [facility in Cardiff, Wales]. ESPN has had a digital broadcast center for several years, and more are being built. The industry has learned a lot from such projects, and so we have refreshed the pyramid to reflect this learning, improving some of the wording to reflect that new and important things like the evolution of NMOS [Networked Open Media Open Specification] that are now getting implemented across the industry. This lets us be more precise in describing requirements. Obviously, the goal is an entirely green pyramid. And as the pyramid makes clear, there is a lot more to successful IP-based devices than simply being compatible with [the Professional Media over Managed IP networks suite of standards, ST-2110, as discussed in the May 2020 issue of Newswatch].
Indeed, the rise of an NMOS-based control layer for managing equipment in these kinds of facilities has been a crucial leap forward in the industry’s pursuit of a greener pyramid. NMOS, after all, was designed by the Advanced Media Workflow Association (AMWA) as an open-source control specification to make interoperability and management of IP networked devices simpler to achieve, Poulin, who also serves as the user-chair of the AMWA NMOS Steering Committee, relates.
“SMPTE ST-2110 is the foundational standard that we use for the transport of audio and video, but you need a lot of different things around 2110 to make a complete product,” he emphasizes. “Central to all that is a control layer. NMOS is the answer to that because it is an open specification, and it is rapidly growing in adoption.”
Poulin elaborates that NMOS was originally developed “as a low-level control system for things like discovery of devices and connecting streams, but it is now evolving into a higher level of device control. It’s a very dynamic set of specifications that is still evolving. The industry agreed to make 2110 the main transport mechanism for video over IP, but there are still fragmentations of that market when it comes to the control layer—some facilities still use proprietary control protocols, for instance. But if we really want to have a multi-vendor interoperable ecosystem for users, we need to have a common method of control become widely adopted, and NMOS is going in that direction. When it gets there, the pyramid will be fully green on that layer, and that will mean you really could build your system with pieces from many different vendors. All those pieces will talk NMOS, and you won’t have to worry about compatibility of your control system.”
Even as NMOS marches forward as another key piece in the larger IP broadcast puzzle, however, there remains the question of how to trickle such benefits down to smaller, local broadcast entities around the globe in a way that makes financial and logistical sense for them. Poulin points out that such infrastructures “need a lot of expertise to achieve” and that costs time and money, which may not always be feasible for smaller broadcasters. Therefore, he says, “I think we need this technology to next evolve to become more user friendly, easier to implement and use, much like SDI has been over the years.”
Poulin thus hopes the market will develop “either a 2110 solution that will get easier to use or the improvement of prosumer [tools] in a way that will make them interesting for local broadcasters to take advantage of.” He adds that various developments are already happening to make the use of 2110 “easier,” and one of them is the proposed use of IPMX (Internet Protocol Media Experience) as a set of open standards designed, as IMPX literature describes, “to enable the carriage of compressed and uncompressed video, audio, and data over IP networks for the pro AV market.”
Poulin calls IPMX, created by the Alliance for IP Media Solutions (AIMS), a methodology for “making a prosumer kind of profile for 2110 and NMOS—essentially trying to make 2110 easier to use.”
He adds, however, that the control aspect isn’t the only pyramid layer that will require updated approaches in order to turn the entire diagram green. As mentioned earlier, for example, configuration and monitoring are two other important pieces of the puzzle.
“In IP, monitoring is very important, because you have much less visibility into the complexity of your connections—they are kind of buried in the cable,” Poulin states. “It’s not one signal per cable anymore. Instead, it is one signal somewhere in a Cloud that is part of your network, but you don’t know where it literally is physically. Therefore, you need more monitoring to gain the visibility to be able to be fast in terms of trouble-shooting, and in terms of configuration and deployment. So, you need more monitoring than in the past. And the same with configuration, because these devices tend to have many more parameters than before, since each IP interface has a number of IP addresses, parameters, and so on. So, you have more configuring to do in order to get your equipment up and running in a system.
“That is why we want to automate as much of this as possible, rather than trying to go in manually to each device, spending time scrolling through a menu and configuring it each time, when you have thousands of devices. You want to be able to script the configuration in a fashion similar to what a data center would do for operating with high availability.”
In this regard, he explains that the industry will continue borrowing concepts out of the IT world, such as the use of so-called Continuous Integration/Continuous Delivery (CI/CD) pipelines, which essentially is a term to describe a series of automated steps a system must perform every time new software is introduced to it.
“Basically, the configuration process would be scripted using this approach,” Poulin explains. “You program the state of your infrastructure into those configuration files, rather than going to one piece of equipment at a time within the user interface of your equipment, and not knowing who made what changes or when. This way, you have a perfect track record of all changes that have been applied to your system, a precise log, so that if something goes wrong, you can look at what happened and know who changed something and when they did it, and you can roll the system back, cancel that operation quickly, and gain back stability of your system.”
Poulin emphasizes that none of this is, per se, a “new” methodology, but rather these are approaches involving the application of what the IT industry has done for years to the modern configuration of broadcast equipment.
“The issue is that vendors need to provide an interface, an API of some kind to give us access to the configuration files,” he says. “That is not yet something we find very often these days. And that is a big reason why it will take a few years before we can get to anything close to a totally green pyramid. But that said, the whole industry is working on it, and we are getting closer.”
The other crucial matter for the industry to sort through as it relates to carving out a future in which interoperable IP-based equipment can seamlessly power broadcast facilities is the matter of security. As manufacturers rush to produce and distribute 2110-compatible products for such facilities, Poulin says many of them “are still not making a big enough effort where security is concerned.”
“Many of them are just offering a basic kind of hygiene, so to speak—the use of passwords on their management interfaces and things like that,” he says. “So, they have a lot more work to do in this area. [The CBC] and others all have our own standards, and we try to work with the product vendors to let them know what we need in terms of security, at a minimum. The EBU has published a very good document on security safeguards called EBU R143 [Cybersecurity for Media Vendor Systems, Software & Services]. It basically describes what the minimum level of security should be that we want to see in vendor equipment.
“But the thing is, when it comes to security, we can’t be content with just securing the border of our network anymore. A lot of attacks across the wider IT industry come from inside, from social engineering, phishing, bad USB keys you might get at trade shows with spy software on them, and so forth. So, the most important thing is to secure your control system. Luckily, NMOS is a system that lets you do that. It is securable, based on HTTP. That means you can use HTTPS [Hypertext Transfer Protocol Secure, used for secure computer network communications in the IT world] to encrypt all control communications. Otherwise, you would have to perform critical access management to make sure only the right people have network access, and that puts a lot of weight on your network management.
“The bottom line, though, is that we need these devices to be more secure, control protocols to be more secure, and we need to provide a lot of training to people so that they understand the risks. This is one of the new challenges we face moving into the IT world. With SDI, it was a lot harder to hack into control systems. This is the big reason why the security layer is still red on the pyramid.”
Poulin worries that as new IP-based equipment proliferates into the marketplace that security is not an immediate top priority for manufacturers, at least to start. “It’s about their priorities,” he explains. “They like to start out by adding as many features as they can to sell their product, but only when they see the product has a good future, do they start spending resources and time on security of those products. I hope we can see the next year become the year of security for vendors, where at NAB and other shows, they start talking first about the security of their products. But really, security is a problem on every layer of the system, and there are different priorities for each vendor as they try to implement their solutions. So, education is probably the most important thing. It’s a holistic problem, and not something that can be handled just by hiring one or two security experts to work in your building.”