Android TV vs. AOSP Implications on Total Cost of Ownership and Content Security
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
REDEFINING CONTENT SECURITY WHITEPAPER SERIES Android TV vs. AOSP Implications on Total Cost of Ownership and Content Security conax.com
CONTENTS
Introduction......................................................................................................................................................................... 1
Delivering a Next-Generation User Experience.............................................................................................................. 2
Under the Hood .................................................................................................................................................................. 5
Securing Android Devices..................................................................................................................................................6
Comparing the Different Approaches to Android........................................................................................................ 8
Conclusion.........................................................................................................................................................................9
Over the last decade, the Android operating system has become one of the most widely used platforms
across different consumer devices. According to Gartner, 327 million out of 379 million smartphones sold in
the first quarter of 2017 ran Android (86.1 percent)1. While Android has seen wide success on smartphones
and tablets, its growth is not limited to those platforms. According to Google, more than 1 million activations
are added every two months on Android TV™. Additionally, more than 20 operators globally have launched an
Android TV service so far. Forecasts from IHS Markit indicate that shipments of Android TV devices will grow
by 44 percent CAGR from 2015 to 2020.
Five key drivers that attract pay-TV providers to Android set-top-box (STB) propositions are giving subscribers
access to apps and services, increasing end-user engagement, exploring new monetization avenues, reducing
the time to market for new STBs and decreasing churn by keeping subscribers on HDMI1 – TV input which is
controlled by the operator device.
To gain a more in-depth perspective of the commercial
benefits it is essential to understand the different WHAT IS AOSP?
variants of Android STBs that can be deployed in a Android Open Source Project is a
pay-TV operation2. These include: software stack and an open source
project led by Google.
1. Android TV STB
2. AOSP-based STB compliant with Android CDD WHAT IS ANDROID CDD?
3. AOSP-based STB not compliant with CDD (a.k.a. Android Compatibility Definition
AOSP Fork)
Document (CDD) is a set of
requirements that must be met in
order for devices to be compatible
with the latest version of Android.
1
https://www.gartner.com/newsroom/id/3725117
2
http://www.conax.com/press-events/webinars
Page 1
This paper will explore the pros and cons of each variant of Android in the context of STB development
projects for pay-TV operators. Furthermore, the paper will look at the difference in effort and complexity for
Android TV and AOSP based on compliance with CDD, providing insight into the commercial impact of each
variant for an operator and the overall benefits vs. trade-offs.
There are three key areas to consider for each variant, which impact one-time and long-term costs:
• User experience and interaction
• Under the hood hardware and software
• Content security
DELIVERING A NEXT-GENERATION USER EXPERIENCE
Pay-TV subscribers expect a smooth and rich user experience (UX) on Android devices, similar to what
they’ve encountered on smartphones. There are three ways that operators can streamline the UX for end-
users: through an optimized home screen, by providing the best content selection and by providing advanced
interaction options.
Creating a Custom Launcher/Home Screen recommendation. The icon placements, and the UI
When the STB is powered up it starts either in the level at which content is made available, are defined
home screen of the operator (the operator app) by the operator. Depending on the complexity of
or in the application launcher where the user can the project this could take anywhere between
search for and select content and apps to launch. three to nine months to implement.The complete
The look and feel, as well as content offered, choice of user experience, combined with operator
through this entry point into the platform is vital control over the placement of apps and services
for the user experience of the service. makes it a good choice for operators that focus on
a custom branded user experience.
With AOSP, operators can completely customize
the home screen launcher on their STB device, To customize the home screen user experience
including control on operator featured content using Android TV, operators have two options:
(app and games) and features like search and the Android TV standard launcher or an Operator
Page 2
Tier launcher. In the latest version of Android Certain user interface and middleware technology
TV (i.e. Android Oreo), there is a UI framework partners offer a customized UX template solution
to plug-in a list of pre-installed Android apps, that allows operators to choose from a menu of
access to personalized recommendations, and skin-able, tweakable UX options. It is completely
a placeholder for featured content determined different from the Android TV standard launcher
by the operator. It ensures increased visibility UX. From a complexity and timeline perspective,
of operator sponsored content on home there is additional effort involved, such as the
screens and search results to boost content need to include a UI provider. Moreover, there are
consumption. This is a good option for operators additional checks and balances involved to ensure
looking to differentiate themselves through their compatibility with Android TV guidelines. From a
own content offering rather than through a branded time to market perspective, this route is in the
user experience. The configuration of the launcher middle compared with what an Android TV standard
is simple and easy to do for OEMs compared with launcher and a custom AOSP launcher offer.
the full-fledged launcher implementation of AOSP.
The Android TV Operator Tier launcher approach, AOSP: A custom launcher gives complete control on
on the other hand, allows for UX customizations the user experience, at the expense of additional
as massive as that of an AOSP launcher. There are UI integration time and effort.
some Android TV guidelines that must be followed,
but otherwise operators have a high degree of Android TV: The standard launcher comes built-
freedom to define a unique look and feel. This is a in with Android TV services and only needs
good option for operators that wish to differentiate configuration to customize and go to market
through a bespoke user experience. The trade-off quickly.
is a longer time to market when compared to the
standard launcher implementation.
Page 3
Opening Up a World of Apps and Games AOSP: A good solution for a controlled walled-
The Android platform attracts a relatively large garden app offering, but requires operators to
developer network across the globe, thus allowing deploy infrastructure to roll out and maintain apps.
a bigger base of apps and games to be offered to
consumers. Android TV: With 3000+ apps available and Google’s
back-end infrastructure, the operator does not
AOSP devices do not have access to the Play need to hire additional technology partners.
Store. Operators can either choose to integrate
a third-party app marketplace or exert control
Providing Advanced Interaction
by selecting a limited number of apps, including
Consumers expect interaction with content to be
their own service offering, to be present on the
simple and innovative, with the ability to utilize
Android device, effectively building a walled-garden
voice control services enhancing the entertainment
approach. In terms of effort and complexity, third-
experience, to cast services to the large screen or
party app marketplaces necessitate integrating
STB and play popular games on the big screen.
back-end systems to monitor the ingestion of apps,
the distribution of apps to provisioned devices, and
AOSP-based devices cannot be integrated with
to manage their lifecycle on the end-user devices
Google Cast. Simulating the casting experience with
in addition to ensuring that these apps comply
alternative technology needs additional integration,
with Android requirements. Additionally, operators
with access to a limited number of supporting apps,
might want to hire independent software vendors
which might be useful for operators that choose
for app development and ramp up human resource
to provide such an interaction only with their own
competency to seek and create app partnerships.
service. Voice-based interaction, which comes at
an additional cost from third-party technology
From an Android TV perspective, regardless of
providers, can be integrated by experienced
whether the standard launcher or Operator Tier
middleware vendors and system integrators. A key
launcher is used, these services are pre-built. The
consideration is the extent of deep integration of
five Google services — Play Store, Games, Movies,
voice interaction within the user experience of
YouTube and Music — are part of the software
the pay-TV service. It impacts the development
stack once an operator signs an agreement for the
timelines of the operator UX and home screen.
Android TV device. Deploying pre-installed Android
apps on the STB is fairly easy either through
Android TV, on the other hand, comes with Google
the OEM or via a web-based portal provided by
Chromecast built-in and regularly updated over
Google. Operators are saved from having to engage
the air. Powered by Google’s back-end, the Google
with multiple stakeholders to bring content to
Assistant provides AI functionality. Additionally,
subscribers. Updates to Android apps are delivered
voice search and voice control come free with the
via Google’s back-end to the STB devices.
Google TV services. As a consequence of Android
TV hardware requirements, the casual gaming
Through full access to the Google Play Store,
experience with TV remote control or Bluetooth
Android TV benefits from a vast availability of
gamepads is a default feature.
apps and services (currently more than 3000 apps)
from all types of providers. While this provides
operators’ subscribers with immediate access to AOSP: In order to deliver advanced interaction
a world of content and apps, it does not provide solutions, operators need to engage additional
any means for the operator to block competing technology partners and incur additional costs.
services from their platform. Using the Operator
Tier launcher, operators can though ensure that Android TV: Brings forth next-generation
their own content is prioritized in the launcher and multiscreen interaction, voice interaction and
the Android search engine. gaming experience with little or no additional effort.
Page 4
UNDER THE HOOD
Delivering user experience and interaction requires a certain level of hardware capability and software
development for the STB. Additionally, there are considerations around future software maintenance and
rolling out improvements and innovations to end-user devices.
STB Development Process the Android TV stack comes with a built-in TV-Input-
AOSP devices have to be compliant with the Framework (TIF), providing a common interface for
Android CDD in order to leverage the Android robot broadcast channel apps and on-demand services
branding. The turnaround time to complete this self- to export the program metadata to a presentation
certification process is relatively short. As there are layer chosen by the operator. Being a TIF-compliant
no hardware requirements for AOSP, these STBs are device, with no additional implementation effort,
cheaper from a bill of materials (BoM) perspective. a subscriber can see the content exported from
Choosing a more limited user experience, e.g., linear and on-demand services in the channel’s app
without voice interaction and gaming capability, and program guide, as a combined content-driven
results in lower component costs. Furthermore, in experience.
terms of software components, the AOSP source
code does not have the complete DVB/IPTV stack
built-in. Middleware vendors or system integrators AOSP: Higher cost of integration, due to more
that bring this competency also provide a software software components, offsets the savings in
framework to intergrate an electronic program STB hardware with potentially limited interaction
guide i.e. EPG, a channel app and other features ability.
like “now and next” programming events. There
are, consequently, proprietary implementations Android TV: The STB is more expensive but has a
that differ across various AOSP STBs. longer shelf life due to the advanced specifications.
Overall, the project is less expensive due to
In case of Android TV, this is a mixed bag. In addition software component reuse.
to being CDD compliant, Android TV devices need
to pass the Google Test Suite. The certification
process itself can take between four to six weeks STB Maintenance and Upgrades
depending upon the preparedness and maturity For AOSP devices, operators are in complete
of the OEM. These tests impose performance control of updating the software on the STB.
requirements that are fulfilled through the higher There is no requirement from Android to roll out
minimum hardware requirements for Android TV. upgrades. However, any feature improvements or
While these hardware requirements i.e., better security patches made available in the latest AOSP
chipset, higher memory and a Bluetooth receiver source code may or may not be rolled out to the
drive up the BoM, in the long run the devices are end consumer devices, based on the operator’s
better equipped to perform with new features, preferences. While this lowers the CAPEX for
innovations and next-generation Android updates. operators, it might leave the operations at risk
due to unpatched security flaws. Furthermore,
Like the AOSP devices, technology partners need to managing end-user expectations of new features
bring the DVB/IPTV stack to an Android TV project, for Android STBs can be challenging and cause
which means cost and effort wise there are similar operators to miss out on opportunities to monetize
implications between the two options. However, new services.
Page 5In the case of Android TV, OEMs make a to reduce dependency of the overall STB software
commitment to Google for updating devices in on the Android TV system updates over successive
the field for a period of three years. Upgrading generations.
Android TV software could impact certification
of other software and services, such as DVB
and HbbTV functionality and others. From a AOSP: Depending on operator priorities, this
commercial perspective, managing the cost of approach has limited maintenance costs at the risk
future upgrades is a discussion between the OEM of losing out ability to roll out security patches to
and the operator. In order to minimize the impact vulnerable connected STBs.
of upgrades of Android versions, Google is actively
working on Project Treble, separating the vendor Android TV: Mandatory upgrades add to total cost
implementation — the device-specific, lower- of ownership over the lifecycle, but ensure well-
level software written in large part by the silicon patched, secure STBs in the operation, while rolling
manufacturers — from the Android OS framework.3 out innovations.
Thus, Google works with chipset vendors early on
SECURING ANDROID DEVICES
As a platform for TV operators, Android opens up many opportunities. However, there are security hurdles
to overcome. Android can be prone to piracy due to the fact that it’s a very flexible platform, with a lot of
functionality and connectivity. With the Android platform, there is a large attack surface that is complex to
protect. When an app store is open and available to a large developer base, an STB is vulnerable to untrusted
apps. In addition, several development and debugging tools offered give access to core functionality, which
can be a security threat. To keep threats at bay, operators need to ensure they are securing Android devices
properly.
Live broadcast content such as sports is regarded by many as premium content with additional security
requirements. It’s critical to add an extra level of security in order to conform to the content owners’ security
demands. One key component in this security regime is to maintain a separation between the Conditional
Access (CA)/DRM functionality and the application environment in the Android OS. A number of separation
technologies are available, including Linux User Privileges, SE Linux, Linux containers, ARM TrustZone, secure
processing environments, and proprietary security cores.
As a content security provider, the Conax approach to securing Android devices leverages advanced hardware
mechanisms available in modern DVB chipsets to protect the CA and DRM environment from the vulnerability
of Android and malicious apps. The Conax approach is to use Trusted Execution Environments (TEE) to
build two separate worlds for stack execution with Conax Lynx, an advanced separation technique that
complements both smart card and cardless technologies. Using Conax Lynx, only predefined commands and
data can flow between the Rich Execution Environment (REE), where the Android functionality resides, and
the TEE, minimizing the attack surface of hybrid STBs.
3
https://android-developers.googleblog.com/2017/05/here-comes-treble-modular-base-for.html
Page 6SET-TOP-BOX
REE
Android
Middleware
Middleware API
TEE
Conax Lynx Conax Lynx
Main Agent Trusted Agent
Secure Media Pipeline (SMP)
In addition to the separation of the CA/DRM environment, the Conax approach also leverages the Secure
Media Pipeline (SMP) of the chipset to ensure that a successful attack on the Android environment cannot
in any way compromise the security of the pay-TV content being accessed by the device.
This enables operators to distribute premium 4K and linear sports content via broadcast while simultaneously
offering an abundant selection of Android apps. The complexity of integrating security for broadcast content
is almost the same for both Android TV and AOSP when using Conax Lynx. Conax Lynx provides a standardized
API toward the Android stack, with the option of using the MediaCAS API from Android Oreo version onwards.
MediaCAS API is a Google defined interface which is designed to easily integrate CA implementations from
various vendors. Security vendors like Conax play a key role in this integration process.
In the world of OTT content and unmanaged IP devices, DRM plays a major part in content security. It’s
important to note that AOSP devices do not include a DRM implementation by default. Based on the operator’s
content needs, OEMs can integrate proprietary DRMs like Conax Connected Access or others like Microsoft
PlayReady and Google Widevine into the STB. Alternatively, the DRM can be included in the apps themselves,
but this adds significant complexity to the app. The level of DRM security required is mandated by content
rights owners, which further impacts the choice of chipset. Middleware vendors, system integrators and
OEMs work on different layers to integrate the DRM in the AOSP device.
For Android TV, both PlayReady and Widevine are mandated in the STB, and the OEM is required to have a
license for the same. Chip vendors pre-integrate the DRM stack in the chipset and deliver this to the OEM.
The OEM or middleware vendor additionally integrates the DRM into the secure player on the Android stack.
AOSP: No built-in DRM. Allows operator to pick and choose specific DRMs, resulting in higher project timelines
for DRM integration.
Android TV: Mandates Widevine and PlayReady DRMs in the STB. Ensures smooth integration of third party
OTT services.
Conax recommendation: Use TEE-based separation techniques to secure linear content on AOSP and Android
devices, which require the same effort.
Page 7COMPARING THE DIFFERENT APPROACHES TO ANDROID
Choosing Android TV Going the AOSP direction
With Android TV, the key concerns are the cost In term of benefits of AOSP, the operator could
of STB hardware and the future maintenance and potentially have a cheaper STB device with the
upgrade costs of the software. Also, for some freedom to control the user experience. It also
operators, the inability to control which apps gives the operators better control of apps and
and services are accessible on the platform — services being used on the device through an
including the presence of competitors’ services operator controlled app store. This approach has
— is a concern. The primary upsides include the limited to no costs in terms of future upgrade
massive content offering via Google services like and maintenance. The downside is high upfront
Play Store and increased user engagement with project costs and longer timelines due to custom
advanced interaction methods like Chromecast and launcher development, integration of multiscreen
the Google Assistant built-in. All of this comes at a interaction, voice interaction features and others.
relatively low level of complexity and effort thanks Staying away from regular maintenance upgrades
to the reuse of several pre-built components in the leaves the operation vulnerable to security flaws.
Android TV stack. Those wanting to differentiate Managing expectations of subscribers that choose
the UX can leverage the Operator Tier launcher this Android STB proposition expecting a high
including white-label offerings. Additionally, well- number of apps and games like that on the Google
specified hardware with regular Android updates Play Store will be a challenge for the operator.
extends the lifecycle of the STB with increasing
monetization opportunities.
Comparing the approaches to Android
Easy to customize Launcher / Home Screen
Access to a world of Apps & Games
Can block competitor apps on the STB
Easy to integrate Voice interaction
Easy to integrate Google Cast
Low STB hardwares cost
Additional certifications & compliance
Ease of integrating DVB/IPTV stack
Complete Operator control on STB software update
Easy to integrate CA for linear content
Easy to integrate DRM for on demand content
Availability of Android feature updates
Legend definition
Recommended
Sub-optimal
Not Recommended
Page 8CONCLUSION
Providing a top-notch user experience is a key to success in today’s pay-TV operations. Television viewers
expect a user-friendly interface or home screen on STBs that mirrors the experience they’re used to on other
devices like smartphones and tablets. Moreover, they want access to more than just linear and on-demand
content. There’s an entire world of apps and games that can be explored and enjoyed on TV screens.
Operators are competing with OTT apps like Netflix, Amazon Prime, HBO, Discovery, iFlix and Maxdome and
facing an increase in cord-cutters and cord-nevers. Android enables them to offer a host of services to
end-users and tap into new revenue opportunities. It is not easy to jump from a broadcast infrastructure to
full IP overnight, therefore a lot of new service introductions using Android-based hybrid STBs are expected
in the near future.
The choice of Android AOSP versus Android TV should be aligned with the operator’s business strategy
and the total cost of ownership. The previous section summarizes the implications of each approach from
a short-term and long-term perspective. Considerations around user experience and branding, end-user
engagement and churn, future monetization opportunities, project complexity, time to market and content
security must be carefully weighed to reach a decision.
To be competitive, operators today need to launch new services and features quickly and provide a next-gen
user experience. Ultimately, Android TV enables them to do that, offering a shorter time to market for new
offerings compared with AOSP, more advanced features e.g., voice interaction and gaming and access to a
world of content by offering over 3000 apps in the Google Play Store. Innovations can be rolled out without
STBs being vulnerable to security threats.
Conax offers a unique approach for Android that separates the linear content from the Android environment
leveraging advanced separation technology provided by Conax Lynx. Combined with the multi-DRM
functionality of Conax Contego, our world-leading content protection platform, we simplify content security
operations for operators and ease the migration to hybrid Android STBs.
About the Whitepaper
This paper was written based on research with multiple industry stakeholders who develop Android set-
top-box solutions, combined with Conax’s in-house expertise in providing security to Android STBs for pay-
TV operators. We would like to give a special thanks to the team from Google for providing input and for
participating in the review process.
Page 9Interested in becoming a Conax partner? Contact: partner@conax.com
Request a demo or visit from us? Contact: info@conax.com
Need more information on Conax solutions ?
www.conax.com info@conax.com T: +47 22405200
About Conax
A Kudelski Group company, Conax is a leading global specialist in total service protection for digital
TV and entertainment services via broadcast, broadband and connected devices. Based on the Conax
Contego security back-end, Conax’ future-ready technology offers modular, fast-time-to-market solutions
that enable easy entry into a world of secure multiscreen, multi-DRM and IPTV content delivery and secures
rights for premium content delivery to a range of devices over new hybrid network combinations.
Headquartered in Oslo, Norway, Conax technology enables secure content revenues
for 425 operators in 85 countries globally.
For more information, please visit www.conax.com and follow us on Twitter and LinkedIn.You can also read
