Networking Today and the Threat from "Bad Actors"
It's difficult to go a day without hearing a news story about some catastrophic data breach on one network or another. As the Internet of Things connects us and our devices together, work must be done to prevent bad actors from permeating to the heart of our networks. Pathway Connectivity is a market leader in entertainment networks and we want to help our friends and our competitors alike build more secure networks.
The proliferation of networking equipment in entertainment venues has increased the likelihood of unauthorized access to an entertainment network. This may be caused by a connection, intended or accidental, to the Internet. It may also be caused by a security breach of a wireless network required for use of a console remote focus application.
Download the article written by Robert Bell for the Winter 2020 issue of Protocol magazine called Cybersecurity: Legal Requirements push toward good practice. This article describes ssACN and other efforts Pathway Connectivity is doing to ensure your facility and productions are safe from malicious acts.
Pathway Secure Streaming ACN
"Secure Streaming ACN" or "ssACN" is a new protocol using much of ANSI E1.31, but adds a layer of authentication. Receiving devices, like Pathport DMX/RDM gateways, share a secret with known controllers in the venue to verify the data source before driving the lighting rig. A cryptographic hash message is added to each E1.31 packet, verifying the authenticity of the source and the sequence of the data. Any invalid packets are ignored; only the correct lighting data is used during your performances.
Tools from Pathway Connectivity to help developers
Read the full Pathway white paper by clicking the link in the Downloads section to the right.
Anyone familiar with E1.31 will understand that implementing ssACN is not a large engineering task. It's essentially using a standard, readily available algorithm called Blake2s and adding a "postamble" to the standard sACN packet.
Download the ssACN View application for either Windows (64-Bit only) or MacOS using the link in the Downloads section to the right. This application is built on the open-source app sACN View (see https://sacnview.org), and will allow sending, receiving and monitoring of Pathway's Secure sACN for testing purposes.
We have created a project on git-hub (https://github.com/Pathway-Connectivity) with a modified version of sACNView so you can download and compile the code yourself. Additionally, there is a dissector for Wireshark to aid in understanding the document. The two images below show what ssACN packets look like in the standard release of Wireshark and with the dissector written by Pathway Connectivity.
Windows (64-Bit Only):