This article explains how High-bandwidth Digital Content Protection (HDCP) operates within a TesiraLUX system.
Tesira Firmware 3.7 or later is required for HDCP functionality. HDCP is off by default and enabled or disabled per input or output block.
What is HDCP?
High-bandwidth Digital Content Protection (HDCP) is a copy protection system that is implemented for digital transport of high-value audiovisual content. It was developed by Intel Corporation and Digital Content Protection (DCP) LLC maintains the standard. DCP licenses the technology to content creators, distributors, and device manufacturers. All HDCP capable devices utilize encryption mechanisms to secure content and receive unique HDCP device IDs during manufacture. The primary purpose of HDCP is to prevent copying and playback of audiovisual media on unauthorized systems.
The following terms are defined in HDCP:
- Source - The device transmitting the protected content. A common example is a UltraHD Blu-ray player or cable TV box.
- Repeater - A device that retransmits protected content. For example, a HDMI splitter is a repeater. Networked or IP video encoders and decoders are considered repeaters. Thus, TesiraLUX devices are repeaters. This is important to remember.
- Sink - The devices that decrypts and renders the audiovisual content. LCD displays and projectors are common examples.
- Levels - Also known as depth. Refers to the number of repeating devices and sink after the source. HDCP imposes a level limit.
If a HDCP source detects more devices or levels than allowed by the specification, all content is denied. TesiraLUX intelligently manages withholding content to mitigate conditions causing denial to the whole system.
Among many components of how protection operates, the HDCP standards define how many devices may participate in receiving protected content and if that content may be streamed over a network. The following table compares the major elements of HDCP 1.4 against HDCP 2.2.
|HDCP Version||Network Streaming||Maximum Devices||Maximum Levels||Receive HDCP 2.2 Type-1|
The first important consideration for a networked video system is that HDCP 1.x does not support any Ethernet network transit. HDCP 2.2 does support network transit but has lower device levels and maximum device counts, which drastically limits the size of a HDCP compliant networked video system. The number of levels and devices in a HDCP capable system include are not only display devices but also repeaters, such as HDMI distributors or network encoders and decoders. Network end-points must also convert any input HDCP version to 2.2 and follow the limits.
The device limits and levels are for each HDCP source, not for the entire networked system. For example, if a system had two Blu-ray players, each player will allow content to 32 downstream devices.
Networked video encoders and decoders are each considered repeaters in the HDCP 2.2 specification. Encoders and decoders each count against the 32 maximum device limits and apply against the device levels. Each TesiraLUX device with HDCP enabled will count against the limits for each protected source.
HDCP devices report how many device levels exist in the topology. Device levels, or device depth, is the number of connections in a signal chain after the source. Only the hops, or connections, between HDCP device levels count towards device depth. Ethernet switches are not considered a level since they have no protected video interfaces. A typical scenario of “source -> encoder -> decoder -> display” equals a device depth of 3 when counting the connections, or hops, between the HDCP devices. HDCP 1.X has maximum levels of 7 and HDCP 2.2 has a maximum of 4.
Since TesiraLUX must convert all transmission to HDCP 2.2 for network support, the maximum hops or level count is 4 regardless of the input HDCP version.
According to the HDCP specifications, a device is defined as anything containing one or more HDCP secured Interface Ports. This includes HDMI and DisplayPort connections. Device count only includes HDCP capable devices, such as transmitters, video switchers, repeaters, and displays. If it doesn’t have a video port (i.e. network switches, etc.), it doesn’t count towards device limit. Thus, Ethernet switches do not count to the device limit. For TesiraLUX, HDCP 1.X device limits do not matter because that specification does not support network transmission regardless of device count. HDCP 2.2 has a device limit of 32.
The above diagram is using again the typical scenario of “source -> encoder -> decoder -> display” to fan out a single source out to several monitors. Because each repeater counts against the device limit, this example can only fan the source out to a maximum of 15 monitors. (1 encoder + 15 decoders + 15 displays = 31 devices) Adding another decoder and display puts the system over limit with 33 devices downstream of the source. The 32 device limit is suitable for small installations but the source would deny content if another, repeater or sink is added to the stream.
To prevent the source from denying content to the entire system, TesiraLUX pre-authenticates the first 15 decoders and 15 displays with the first 32 encoders in the Tesira system. This mitigates conditions where the source has more than 32 devices. TesiraLUX OH-1 is also accounting for any downstream devices that would exceed the limits. Wherever too many downstream devices are detected, the OH-1 selectively withholds content and displays a green fill color, which disrupting the entire system. Since HDCP topologies communicate upstream, the IDH-1 does not know if anything exists between it and the source. Devices upstream of TesiraLUX could instigate an overage condition and need considered early in the design process.
Source Device Key Limits
Not all source devices are created equal. Many consumer-grade media players and broadcast receivers do not support the maximum number of devices allowed under the HDCP standards. While less common among modern devices, many consumer grade sources supported less than half the allowable HDCP keys. Some even supported only a single key, making them unusable for any professional distributed applications. Integrators should verify with manufactures that the media source device to be installed supports 32 HDCP keys. A device presented with more than the supported number of keys may blackout all content to the system.
HDCP 2.2 Types
Two content types are defined in the HDCP 2.2 specification:
HDCP 2.2 Type-0 content is allowed playback on prior versions of HDCP. If the content owner has flagged the media for Type-1, content is not allowed to stream in systems containing older versions of HDCP. This means a HDCP 1.4 monitor or projector will likely be denied audiovisual media by an UltraHD Blu-ray player with a new Type-1 movie disc. TesiraLUX does not allow Type-1 flagged content output to HDCP 1.4 displays. Many recently produced movies and Internet streaming services are moving to Type-1 content and may be incompatible with older monitors and projectors.
When HDCP enabled devices are connected to each other, they perform a handshake. This handshaking exchanges and validates encryption keys, reports device levels and device counts back up the chain to the source device. During the process, the source will pause playback of protected content and repeaters or sinks may temporarily blank. The handshaking will cascade through all connected devices in a system. If any HDCP devices are connected or removed, the handshake will start again, temporarily blanking media. If a non-HDCP compatible or blacklisted device is added to the system, all displays will go dark. While black screens are not acceptable for a Pro AV system, HDCP 2.2 is an improvement over HDCP 1.X which supported no Leave-Join tolerance.
TesiraLUX migitates Leave-Join blanking by pre-authenticating the first 15 decoders and first 15 displays with up to 32 encoders. This allows fast stream switching that does not instigate blanking. The OH-1 will selectively deny content if downstream devices are incompatible, reducing risks of denying content to the whole system. However, if anything is connected after the system is running, temporary blanking happens during the HDCP handshaking. It is not possible to completely eliminate leave-join issues without violating the HDCP 2.2 standards.
HDCP encrypts audiovisual content. Audio is also protected. Most Pro AV networked audio DSPs do not contain HDCP keys needed to decode encrypted audio. The HDCP standards allow sending audio unrestricted at "CD Quality" to devices without HDCP support. CD Quality is defined as 2-ch stereo 16-bit 48kHz. This means protected surround sound is not allowed on audio devices without HDCP.
Tesira handles passing de-embedded protected audio without user intervention. The audio is converted to 24-bit in a Tesira DSP. Any audio channels available in the DSP may be re-embedded at 24-bit back into a protected video stream. Simply connect the desired signal paths on the Tesira design layout and the conversions are handled automatically in the background.
HDCP and TesiraLUX
Requirements for using HDCP in TesiraLUX:
- Tesira firmware and software versions 3.7 or later.
- HDCP capability is disabled by default. It needs enabled on every input and output block where protected media will traverse.
HDCP capability is controlled via Tesira Software. It is modified offline or online. It may also be enabled or disabled per device during system operation via presets or Tesira Text Protocol (TTP) commands from an external control system. See our Tesira Command String Calculator for the AV Input and AV Output HDCP commands.
Enabling HDCP in TesiraLUX
HDCP is enabled per block on the AV Input and AV Output control dialog windows by toggling the HDCP button from "HDCP Disabled" to "HDCP Capable."
AV Input block control dialog window:
AV Output block control dialog window:
When HDCP is enabled on a block, it block will show a protected shield icon:
Additionally, the signal path identifier will show a purple outline to represent where HDCP media is allowed to stream. The HDCP signal path outline also shows if audio is protected between audio and video partitions. It will show if re-embedding audio via the AV Combiner is protected or not.
When HDCP is enabled on a block, the assigned TesiraLUX device front panel OLED will also show a shield icon.
Manage HDCP Window
Enabling HDCP per block is time consuming for a large system. The Manage HDCP window in Tesira Software allows enabling HDCP per block, by multiple blocks with a multi-select or by globally enabling or disabling HDCP on all TesiraLUX devices.
Access the Manage HDCP window by clicking the shield icon in the following locations in Tesira Software:
- System menu
- Network toolbar
- Right-click context menu on any AV Input or AV Output block
- Right-click context menu the background of any video partition
The Manage HDCP window will show all TesiraLUX input and output blocks on all partitions in the design file. The window will operates in online or offline mode before the configuration is sent to any live devices.
Expanding the Output Priority in the Manage HDCP window will reveal an AV Output's priority relative to the input streams. The priority number is used to determine which outputs will receive protected streams and which are denied to prevent HDCP over limit conditions.
Tesira Software determines the output priority by using the following order of rules:
- The number of signal path segment hops. Ex: A direct input to output signal path has highest priority.
- Connections from lower AV Router block output port numbers prioritized over connections from higher output port numbers.
- If the previous factors are equal, priority is determined alphanumerically based on the AV Output block label text.
- If the previous three factors are equal, priority is determined by the block Object ID
Output priority can be changed by altering one of the previous ordering rules in the Tesira design layout.
Stream Protection State
When HDCP Capability is enabled, the stream protection state follows that of the connected HDMI or DP source device. If no source is connected to the active input, HDCP Capable encoders default streaming with HDCP protection.
The current stream protection state is visible on the To Network tab of the AV Input block.
The the stream state at the decoder is also visible on the From Network tab of the AV Output block.
TesiraLUX HDCP Behavior
TesiraLUX uses the following behaviors to intelligently manage HDCP to mitigate over limit conditions. The HDCP behaviors are only present on blocks with HDCP enabled and when receiving protected content from the HDMI or DP source device:
- Every IDH-1 and OH-1 with HDCP enabled is assigned a priority number depending on how it is connected in the Tesira design file.
- All TesiraLUX devices attempt to prevent HDCP over limits conditions by checking the number of downstream devices.
- An OH-1 will mute audio and fill the screen green if it detects an over limit situation.
- Stream fan out (one-to-many) behavior:
- Each IDH-1 is allowed fan out to 15 decoders. This prevents exceeding the 32 device limit required by HDCP 2.2.
- Tesira will use the highest priority routed decoders first.
- The OH-1 first assumes only a single display is attached. More displays attached downstream on higher priority outputs reduce the stream fan out limit.
- Unrouting one of the top 15 outputs and routing in another lower priority will prompt brief HDCP leave-join blanking on the protected stream.
- Routed outputs beyond the top priority 15 are filled green if they join the stream.
- Stream switching behavior:
- Each OH-1 will pre-authenticate with the first 32 prioritized HDCP enabled IDH-1 encoders.
- Stream switching among the first 32 protected streams is fast.
- Stream switching to a 33rd or lower priority protected stream results in brief blanking from HDCP leave-join behavior.
- HDCP devices are not aware of upstream topology or changes. Devices or conditions upstream of TesiraLUX may result in the source denying content to the whole system.
While TesiraLUX intelligently attempts to prevent situations where all media is denied by the source, conditions outside the system's control that may cause temporary handshaking blanking or complete loss of video from the source. Conditions outside the system's control:
- The source device has support for a limited number of keys. This is common with consumer grade media players.
- A display downstream of the decoder is physically connected or disconnected.
- Power up and down of some displays may instigate HDCP leave-join temporary blanking.
- Too many devices or levels upstream of the IDH-1 encoder. HDCP attributes only traverse upstream toward the source, so the IDH-1 is not aware of any potential exceeding limits ahead of the TesiraLUX system.
- A invalid, non-compliant, or incompatible device is connected to the system and the source device revokes all authorizations.
The following best practices are recommended to reduce troublesome conditions with HDCP:
- Only enable HDCP capability where needed. This reduces potential content denial conditions.
- Place critical displays on decoders with the highest output priorities. Ex: Connect the main projector of an auditorium to output priority 1.
- Avoiding connecting displays or changing display power states while the system is being used for protected media streaming.
- Avoid toggling HDCP capability states while system is in use.
- A green screen means too many devices, levels or a HDCP incapable display is connected.
What is HDCP Professional? HDCP Professional (Pro) is an emerging standard variation for Pro AV applications. AV Professionals should be educated about this standard before Pro devices enter the market.
The above considerations highlight HDCP limitations with networked video systems in projects where protected content will be played. To address these limitations for the Pro AV industry, the DCP created the HDCP Pro standard. Integrators and sites approved for HDCP Pro will not be subject to device limits, level limits or leave-join handshaking. HDCP Pro allows Pro Repeaters to ignore the traditional topology constraints for allowing unlimited access to protected content. It does require extra administrative steps from the integrator.
Professional Licensed Installer
Any integrator wishing to deploy a HDCP Pro system must first receive approval from DCP as a licensed installer of Pro devices. HDCP Licensed Manufacturers are not allowed to sell HDCP Pro devices to unauthorized installers. HDCP Pro is only allowed for professional projects. The integrator must agree to the HDCP Professional terms and pay an administrative fee to DCP. Once approved, the integrator is placed on the public authorized installer list. Please see the DCP website for information on becoming a HDCP Professional Licensed Installer.
Only site types on the HDCP Professional Authorized Locations white list may receive HDCP Pro approved projects. The following site types are currently allowed:
- Large Retail Outlets
- Shopping Malls
- Cruise Ships
- Merchant Shipping
- Oil & Gas Service Vessels
- Large Private Yachts
- Single Family Dwelling
- Office Buildings
- Education Facilities
- Share Trading Floors
- Hospitals & Medical Training Facilities
- Transport Venues
- Manufacturing Facilities
- Houses of Worship
- Broadcast Production Facilities
- Mining Villages
- Oil/Gas Rigs/Installations
- Military Installations
- Government/Municipal Sites
- Courts & Justice Facilities
- Sporting Facilities
Projects not fitting any of the authorized location criteria will not be granted access to HDCP Pro. Any licensed installer may petition DCP to exempt another type of site.
System Renewablity Message
HDCP Pro enabled repeaters will have a System Renewability Message (SRM) engine. This engine manages authorization of the repeater to use HDCP Pro functionality. Approved projects must receive a SRM updates quarterly. When the SRM is active, repeaters act as a proxy to all standard HDCP sources and sinks. Pro repeaters will report their device count is 1 and the current level 1 one, regardless of the actual topology. This effectively removes all limitations. If the engine detects that the SRM is expired or invalid, the the repeater will default back in to standard HDCP 2.2 functionality, enforcing device and level maximums. DCP and SRM engines will support remote management and updates, eliminating the need for quarterly onsite visits. Any system designed for HDCP Pro should include Internet access for remote SRM updates, otherwise on-site updates are required.