ENTERTAINMENT NETWORK SECURITY
The Importance of a Secure System
Why is Networking Security So Important?
As directors and producers worry about the actors on the stage, manufacturers like Pathway strive to mitigate threats from bad actors entering the theatre uninvited. Some productions deal with security by building a big wall around their insecure legacy systems, but in this day and age of IoT connectivity, it is becoming more and more difficult to remain an island. A single laptop connected to the copper entertainment network that joins a WiFi access point is the hole in the dyke that could bring down your entire production.
How is Pathway Connectivity Compliant?
Compliant Pathway Connectivity Products
Any device that is capable of connecting to the Internet, either directly or indirectly, and is assigned an IP address is at risk. To take the risk and worry away, we ensure that any of our products with an Ethernet port have additional Security and are compliant with Title 1.81.26 of the California Civil Code.
These Pathway Connectivity products include:
Overview of Security Domains
Opting Out of Security
The ACME Data Bomb
For Developers Implementing Pathway ssACN
Cybersecurity Reference Article: Legal Requirements Push Toward Good Practice (published 2020 in ESTA’s Protocol Magazine)
Security features that are appropriate to the nature and function of the device.
Tools for Developers
Pathway Secure Streaming ACN
"Pathway Secure Streaming ACN" or "ssACN" is a new protocol using much of ANSI E1.31, but adds a layer of authentication. Receiving devices, like Pathport DMX/RDM gateways, share a secret with known controllers in the venue to verify the data source before driving the lighting rig. A cryptographic hash message is added to each E1.31 packet, verifying the authenticity of the source and the sequence of the data. Any invalid packets are ignored; only the correct lighting data is used during your performances.
Anyone familiar with E1.31 will understand that implementing ssACN is not a large engineering task. It's essentially using a standard, readily available algorithm called Blake2s and adding a "postamble" to the standard sACN packet.
Download the ssACN View application for either Windows (64-Bit only) or MacOS using the link in the Downloads section below. This application is built on the open-source app sACN View (see https://sacnview.org), and will allow sending, receiving and monitoring of Pathway's Secure sACN for testing purposes.
We have created a project on git-hub (https://github.com/Pathway-Connectivity) with a modified version of sACNView so you can download and compile the code yourself.
There is a dissector for Wireshark version 3.5.0 or higher to aid in understanding the document. The two images below show what ssACN packets look like in the standard release of Wireshark and with the dissector written by Pathway Connectivity.
ssACN View Downloads