MovieLabs has updated its Enhanced Content Protection Specification, which can be found here.
Since its original publication in 2013, the MovieLabs Enhanced Content Protection Specification has raised the bar for protecting 4K, HDR and early window content in consumer distribution. The ECP spec has been widely implemented by industry partners. Based on discussions with those partners and in response to evolving threats, MovieLabs from time to time publishes updates to the specification. ECP 1.2 was published in August 2018.
The latest version, ECP 1.3, primarily addresses the risks posed by debugging interfaces left open in production units and by devices past their end-of-life for DRM and security updates that fail to patch known vulnerabilities. When left open in consumer devices, debugging interfaces can open a significant attack surface for circumventing content protection. And as more ECP devices reach their security maintenance end-of-life, known security vulnerabilities that will never be fixed pose an increasing risk to content security.
MovieLabs also added additional language to further clarify that implementers should consult with individual studios and their distribution partners to determine which features are necessary in specific products and services. Studios and distributors are free to choose which ECP elements are appropriate to any particular type of distribution.
