Downloadable conditional access systems (DCAS) are already available, but the politics of the market are so muddled it looks like implementation of DCAS has been pushed off for yet another year.

Cable operators and their vendors had plans to have a downloadable conditional access system (DCAS) commercially ready right about now. Given how frequently DCAS has been delayed in the past, it should come as no surprise that DCAS has been delayed again, to sometime in 2009.

Part of the most recent delay is manifested in a recasting of Polycipher – the DCAS development joint venture of Comcast, Time Warner Cable, and Cox – a change that represents another short-term failure of the Polycipher project.

Implementation of DCAS has been pushed off for yet another year.

Polycipher’s first and most important goal was to create a DCAS that would satisfy a mandate from the FCC to separate conditional access (CA) from set-top boxes in a more economical way than by using CableCards.

Polycipher was unable to create a DCAS in time to head off an FCC edict that forced cable operators to deploy CableCards with every new set-top installed, starting a year ago in July. That’s old news.

The other goal of Polycipher would follow from the first; it was to break the death grip that Motorola and Cisco have on the set-top market by virtue of their duopoly position in the cable CA market.

If CA technology is broken out as a separable component of the set-top, however, then any set-top could be used, in combination with almost any CA technology, and the Motorola-Cisco set-top duopoly could be broken.

Now Polycipher is in the precarious position of relying on the very companies that have the most to lose if that second goal is met. The MSOs backing Polycipher have invited the duopolists, along with a third CA vendor, to participate on the development of the Polycipher DCAS solution.

“SA, Moto, and NDS are the experts here, and we need their expertise,” said Kevin Leddy, Time Warner Cable executive vice president of technology policy and product management.

The NDS Group provides CA and digital rights management (DRM) technology for Cablevision, as well as DirecTV and other satellite TV providers around the world.

Motorola and Cisco not only have a set-top business to protect, but along with NDS, they have also made big investments in developing CableCards.

Polycipher, with the participation of both cable operators and cable equipment vendors, will continue to develop a DCAS, Leddy said. MSOs still desire a more economical alternative to CableCards.

But cable has a number of priorities and DCAS is nowhere near the top of the list.

How did the cable industry get here, and where could it possibly be going with security? Can DCAS still graduate from a short-term disappointment to a long-term success, despite other security options?

The DCAS story starts more than a decade ago. Motorola and Cisco already had their lock on the cable equipment market with proprietary systems that married their respective headend equipment with their respective set-tops. Security technology deeply embedded in the set-tops and reiterated in the headend gear was the glue in those marriages.

But as cable grew, the consumer electronics (CE) industry began to lust after the set-top market. Meanwhile, some consumers were complaining that if they were forced to have a set-top box, they should be able buy one at retail, which consumer advocates expected would be more economical than renting. Cable operators began to daydream about a day when they wouldn’t have to buy and maintain all those boxes.

It would be possible to sell set-tops at retail if security systems were to be separated from set-top boxes. Then CE manufacturers could build boxes, and the cable operators could provide a plug-in security module or download requisite software. Consumers could buy any box they wanted.

Congress tried to make it so with the passage of the 1996 Communications Act. A provision of the Communications Act included a mandate that the cable industry separate its security technology. The Federal Communications Commission subsequently drafted rules on the specifics and commanded that cable have separable devices by 2000.

The FCC also decreed that cable would have to make available a separable security device usable by any third party by 2005.

The cable industry met the 2000 deadline. And, according to the NCTA, the CE industry failed to show – there was nothing to put the devices into.

The Consumer Electronics Association countered that the cable industry’s technology licensing provisions were unacceptable. The CEA also objected to cable’s desire to have CableLabs test CE equipment to make sure it actually worked.

There had been some animosity between the CEA and the NCTA before all this, but the separable security issue served only to escalate it.

The spat between cable and consumer electronics has centered on the CableCard, a device containing CA circuitry that could be plugged in to almost any host with an appropriate slot for it. The problem has been a lack of agreement about how CableCards would be implemented.

The crux of the CableCard argument is that CE wants the simplest, least expensive solution possible. That turns out to be a one-way implementation – one in which signals can go to the TV, but cannot come back. The technology implementation the CEA is proposing is called DCR+ (Digital Cable Ready Plus).

Cable had always argued for a two-way implementation that would ensure that signals could go to and from the TV. One-way technology automatically bars interactive applications (these would come to include video-on-demand, StartOver and ReStart, interactive advertising, and others). Two-way would support most of the newest cable products and features.

In 2004, single-stream CableCards (SCards) became available from Motorola, Cisco, and NDS. From 2004 to 2007, about 380,000 cable customers – less than one-half of one percent of all cable subscribers – requested one. During that time, only about 1 percent of all TVs sold with CableCard slots were being used with a CableCard.

And at first when they were installed, there often were technical problems. The CEA and NCTA squabbled about who was responsible for the technical problems, the low rate of adoption, and whether the cards were adequately promoted, explained, installed, etc.

Furthermore, when CE companies made products that could take a CableCard (TiVo is a notable example), the CE products themselves did not support two-way capabilities, so the two-way capabilities in CableCards was automatically mooted.

Cable and CE could not cooperate, which stymied any development of a two-way solution that cable required. Given that, the NCTA asked the FCC for one postponement after another for the integration ban deadline in 2005, and the FCC complied.

Until 2006, when the FCC decided enough was enough and damn the details; it had been 10 years since the Communications Act had been passed, and the cable industry would have to distribute set-top boxes with separate CableCards starting July, 2007.

But CableCards aren’t the whole of the situation. A critical corollary issue is the former OpenCable Application Platform (OCAP), which earlier this year was renamed tru2way for reasons that become obvious in the context of the CableCard spat.

The cable industry proposed CE manufacturers adopt OCAP as an alternative to DCR+. OCAP would make CE products truly two-way (tru2way – get it?).

By the way, CableLabs is to certify any two-way CE products, a notion the CE industry continues to oppose.

CableLabs has since made the testing process about as easy as it could and still use the word “test” with a straight face, but the CEA remains adamantly against CableLabs testing on principle.

CE industry resistance is slowly eroding, however. TiVo had been supplying its DVRs to DirecTV, but by 2005 that relationship was souring. TiVo wanted desperately to get its DVR technology in with another large service provider, and ended up getting a deal with Comcast. For the longest time, that deal appeared to be a non-starter, but last year, Comcast certified TiVo’s OCAP/tru2way software.

Korean operators were among the first to embrace tru2way, and late in 2006, two of the largest Korean CE manufacturers, LG and Samsung, agreed to develop tru2way products.

“We need a global strategy. It has to be standards based, which means things like tru2way, Java, MHP,” said Stephen Goldstein, Samsung Electronics America’s director, business development. “TiVo makes it plain that they are no longer a box company, they’re a software company. But boxes are important to us. Whatever we need to do to sell more, we will do that.”

Panasonic eventually followed suit, and days ago, at the very end of May, so did Sony.

All the while the disagreements raged about whether CableCards would be unidirectional or bidirectional, and who was supporting those capabilities, and how, the cable industry was simultaneously arguing that the CableCard itself was a problem. A better, less expensive, and – by the way, two-way – solution would be a DCAS. Not coincidentally, tru2way is a prerequisite for cable’s DCAS.

The prospect of a DCAS figured in to the case the cable industry made to the FCC to keep putting off the 2005 deadline for an integration ban.

But the industry had to actually produce a DCAS; the integration ban could not be postponed forever.

In 2007, an operation called Beyond Broadband Technology announced it had developed a low-cost open standard set-top with a downloadable security system.

BBT’s CEO Bill Bauer, and its COO Tony Swain, said they’ve got first silicon on the set-top chip, and have a headend controller that will work with the set-tops. BBT has also lined up a service provider to field test the system starting this month or next.

The BBT DCAS was the impetus for a significant decision from the FCC. It had never been clear whether the FCC would accept DCAS as a viable means of satisfying the separable security mandate.

When BBT introduced its DCAS, the FCC issued a public notice that DCAS does in fact satisfy that mandate, and noted that BBT’s DCAS was an example. Nonetheless, there’s confusion about the FCC’s approval.

Widevine developed a DCAS called Widevine Cypher that it first deployed six years ago, and is now being used by scores of service providers around the world, among them Sprint. Widevine has requested from the FCC a similar notice stating that its DCAS satisfies the separable security mandate.

Widevine’s request for a notice states that “several of Widevine’s prospective customers have expressed an unwillingness to purchase the Widevine Cypher technology due to the lack of a public notice finding Widevine’s Cypher to be compliant with Common Reliance Mandate.” The Common Reliance Mandate is another reference to the integration ban.

An FCC spokesman told CED that the approval from the notice that mentions BBT applies to any DCAS.

Motorola and Cisco also have DCAS schemes, though each requires use of its own CA systems, which just keeps MSOs locked in to products from one or the other.

All of these alternatives have to contend with a DCAS whose development several major MSOs have invested in.

In 2006, Comcast, TWC, and Cox decided that if they wanted a DCAS – one that did not come from Motorola or Cisco – they would have to do it themselves.

The three funded a project that would be managed by Polycipher. The result would be a chipset and related technology that could be integrated into almost any product. The target date for introduction was 2008.

The integration ban in July of 2007 changed the situation. It became clear to the partners in Polycipher that their DCAS was not going to be ready by the deadline.

The argument had always been that putting CableCards in every box would be too expensive, which might lead one to expect that the integration ban would increase the sense of urgency to get DCAS done, but no.

In practice, the percentage of set-tops installed with separable security is still small, and the costs are not mounting yet, TWC’s Leddy explained.

Given that the pain level associated with CableCards is still fairly low, operators are paying attention instead to more pressing matters, such as rolling out more HD, and preparing for the digital transition in February 2009.

But if DCAS is a lower priority, it is still a priority, Leddy said. CableCards, he said, “are still a huge waste of money and resources. They’ll cost the industry $600 million a year. It’s naïve to think anyone can just absorb that.”

But maybe the amount cable has to absorb will be less, and perhaps tolerable. Theoretically, with volume, the cost of CableCards will come down. If that happens, that’s just one more factor that may diminish the urgency to switch to some DCAS scheme.

One other possibility would be if CE companies start making products that incorporate all the functions of a set-top, basically subsuming the set-tops and eliminating them as standalone products.

A third possibility would be if cable were to adopt DRM technologies from companies such as Microsoft or Real Networks. The whole reason to have CA, and the possible migration to DCAS, is that content owners demand the security. But if DRM provides that security, all bets might be off.

“Owners of content have gotten comfortable with DRM,” Leddy observed. The cable industry could adopt DRM technology. “It’s far cheaper for us.”