MovieLabs has updated its Specification for Enhanced Content Protection (ECP). Since its original publication in 2013, the ECP has raised the bar for protecting 4K, HDR and early window content in consumer distribution. The ECP spec has been widely implemented by industry partners. Based on discussions with those partners and in response to evolving threats, MovieLabs from time to time publishes updates to the specification. ECP v1.2 was published in August 2018.
The latest version, ECP v1.3, primarily addresses the risks posed by debugging interfaces left open in production units and by devices past their end-of-life for DRM and security updates that fail to patch known vulnerabilities. When left open in consumer devices, debugging interfaces can open a significant attack surface for circumventing content protection. And as more ECP devices reach their security maintenance end-of-life, known security vulnerabilities that will never be fixed pose an increasing risk to content security. MovieLabs also added additional language to further clarify that implementers should consult with individual studios and their distribution partners to determine which features are necessary in specific products and services. Studios and distributors are free to choose which ECP elements are appropriate to any particular type of distribution.
The updated version can be found here.