Online Upgrade and Switching Scheme for Set-Top Box Ecosystem

Amid the fierce competition landscape of the set-top box (STB) industry, various ecosystem manufacturers, including Google, operators, content providers, CA/DRM vendors, and middleware vendors, engage in a dynamic game of cooperation and competition. They form multiple ecosystem factions, each relying on different software operating systems to capture their respective market share. Operators, driven by their individual circumstances and commercial interests, continually adapt their ecosystem choices. Therefore, there is a growing need for STBs to support online upgrade and switching between different ecosystems, which has become a crucial requirement for operators.

Requirement

The STB ecosystem is categorized based on operating systems, primarily including AndroidTV, AOSP, RDK-V, and Linux/Ecos. From the operator's perspective, a comparison of the advantages and disadvantages of each ecosystem is given in Table 1.

Operators make dynamic choices for the ecosystem based on their own circumstances and business interests. For example, some operators initially choose AOSP but later opt for AndroidTV to incorporate premium content and service from Google. They hope that existing AOSP STBs can be online upgraded and switched to the AndriodTV system. Similarly, when bidding for new products, some operators repeatedly weigh the choices between RDK-V and AndroidTV, expecting STBs to support seamless online upgrade and switching between the two ecosystems. The ability of STBs to support online ecosystem upgrade and switching has gradually become an important requirement for operators.

Solution

The process of online ecosystem upgrade and switching goes through the following three steps.

• System version upgrade and switching: Upgrade from AOSP to AndroidTV, or switching between RDK and AndroidTV.
• Key data update and switching: Due to varying storage partition and formatting requirements for key management (such as attestation key and widevine key) in different systems like AOSP, AndroidTV and RDK-V, keys cannot be reused across systems. Therefore, it is essential to download and set new keys online based on the new system.
• System version and key upgrade and switching completed: After the new system starts up, users can follow the on-screen setup wizard and enter the Launcher to use the system.

To enable ecosystem upgrade and switching, STB hardware configuration needs to fulfill certain requirements. For example, a 4K STB powered by AndroidTV requires a minimum memory of 2GB. Therefore, when upgrading a 4K STB from AOSP to AndroidTV, it is necessary to ensure that its memory is equal to or greater than 2GB.

The following is a step-by-step explanation of online upgrade and switching from AOSP to AndroidTV.

System Version Upgrade and Switching

The imaging partition of old and new systems needs to be planned and designed. As shown in Fig. 1, the front shared partitions (green) need to be offset and size consistent, while non-shared partitions (blue and orange) do not require offset and size consistency.

The upgrade program of the old system is responsible for downloading and saving the new system upgrade package to the cache partition. It also performs signature and integrity verification on the upgrade package. If the verification is successful, it triggers the old system to enter recovery or bootloader mode to overwrite the image data for upgrade to the new system. The apps and data formats vary greatly between the old system and the new one. Therefore, when upgrading to the new system, the user data partition will be automatically formatted. This means that any apps and data downloaded and installed by the user in the old system will be cleared. When the new system starts up, it will automatically guide the user through the setup wizard.

• Key Data Update and Switching

After Google approves the project of upgrading AOSP to AndroidTV, the new keys (such as attestation key and widevine key) provided by Google are downloaded online and written into existing commercial STBs. The specific steps are as follows:

—Step 1: Import the new keys provided by Google to the secured key tool server, encrypt these keys on that server, and generate encrypted key files with the corresponding encryption device identifiers of STBs as the file names (Fig. 2). Upload the encrypted key files to the key management & provision server in a secure channel. This task needs to be completed before starting the system upgrade.

—Step 2: The STB carries the encrypted device identifier and requests the key management & provision server to download the corresponding key file (Fig. 3).

—Step 3: The key management & provision server processes the STB request. After successful verification, it locates the corresponding key file based on the device identifier and returns it to the STB (Fig. 3).

—Step 4: The STB utilizes a secure application to write obtained new keys into TEE with the expected level of security, and then triggers a system reboot (Fig. 4).

• New System Setup Wizard

The new system will automatically enter the setup wizard after it starts up. When the user finishes the relevant setup wizard, the new system will enter the Launcher normally, and the whole process of online upgrade and switching between the old and new systems has been completed.

To ensure the safety and reliability of online key updates during the ecosystem upgrade and switching process, the following design requirements are of great importance.

—Use a secure TEE configuration mechanism to replace the keys in the old system and configure new system keys.

—Establish a reliable mechanism for uploading and downloading keys.

—Build a retry mechanism for reliable key configuration.

—Develop an interactive user interface (UI) for end users, helping them understand and complete the upgrade process.

—Ensure uninterrupted usage of critical applications like Launcher, YouTube, Netflix, and Amazon Prime in the new system.

Value

With the support of STBs for online ecosystem upgrade and switching, operators have the flexibility to choose desired ecosystems while maximizing their ROI on fixed assets. This not only drives the rapid growth and prosperity of ecosystems such as Google and RDK-V but also empowers operators to navigate ecosystem choices with confidence. ZTE, as a pioneer in the industry, has adopted this advanced technical scheme and successfully facilitated the upgrade and switching from AOSP to AndroidTV for millions of STB devices in the existing network of the AMX project in Mexico. This achievement signifies a win-win outcome for all parties involved.