Farncombe Security Audit

Farncombe Security Audit®

The Farncombe Security Audit® is Cartesian’s independent specialist security auditing service for content owners, broadcasters, OTT providers, and technology suppliers worldwide.

Trusted and recommended by the major Hollywood studios, Cartesian is one of a select few companies worldwide who offer an auditing service that meets their rigorous standards, including the MovieLabs specification for Ultra HD and 4K content.

Farncombe Security Audit®

Security Audits - Digital Rights Management VendorCartesian’s Farncombe Security Audit® is an industry-recognized methodology for reviewing security system implementations, including materials handling, business processes, system architecture, device security, and end-to-end implementation. Our modular process allows us to tailor our reviews to individual systems.

AACS LA Authorized Robustness Consultant

In 2015, Cartesian was appointed by AACS LA as the first Authorized Robustness Consultant (ARC) able to help manufacturers ensure that the security of their next generation Ultra HD Blu-ray(TM) players meet the robustness requirements of the AACS2 Licenses for implementations of the recently-released AACS2 Specifications. The Authorized Robustness Consultant is responsible for assessing security robustness of Ultra HD Blu-ray devices.

Audit Methodology

Our audit is separated into three phases, starting with a questionnaire-based self-evaluation, followed by a readiness evaluation, and ending with an on-site security review. Cartesian is also able to offer targeted penetration testing of systems and devices to complement the security audit process.

Upon completion of an audit, businesses may choose to display the Farncombe Security Audit® shield mark on their website and publicity materials.

Minimum Security Requirements

We have established a set of Minimum Security Requirements that are compiled and maintained through dialogue with content owners and technology partners. These requirements cover end-to-end content acquisition, distribution, and consumption. Our audits assess how systems meet these requirements.

The Minimum Security Requirements cover:

Content Acquisition

  • Content Workflow
  • Physical and Cloud security
  • Electronic security
  • DRM provider robustness
  • Security strategy
  • Security organization

Content Distribution

  • Content platform security
  • Key and license management
  • Playout
  • Network evaluation
  • Multi-device policies
  • Geo-filtering

Content Consumption 

  • DRM and Conditional Access
  • Architecture
  • Implementation
  • OS hardening obfuscation
  • Provisioning
  • Risk assessment
  • Threat mitigation
  • Watermarking

Sample Farncombe Security Audit

Farncombe Security Audit® Mark

Displaying a Farncombe Security Audit® Mark indicates that a Farncombe Security Audit report is available from the auditee upon request.

Watermark Technology Testing

Digital watermarking video content has recently become part of best practices for content security because of its role in deterring and prosecuting piracy. Developed through industry stakeholder consultations, our Farncombe Security Audit® Watermark is specifically designed to assess watermark technology.

Related