DOCSIS

Data Over Cable Service Interface Specification is an international telecommunications standard that permits the addition of high-bandwidth data transfer to an existing cable television (CATV) system. It is used by many cable television operators to provide Internet access (see cable Internet) over their existing hybrid fiber-coaxial (HFC) infrastructure. The version numbers are sometimes prefixed with simply "D" instead of "DOCSIS" (e.g. D3 for DOCSIS 3).

DOCSIS was developed by CableLabs and contributing companies, including 3Com, ARRIS, BigBand Networks, Broadcom, Cisco, Comcast, Conexant, Correlant, Cox, Harmonic, Hitron Technologies, Intel, Motorola, Netgear, Technicolor, Terayon, Time Warner Cable, and Texas Instruments.[1][2][3]

Cross-version compatibility has been maintained across all versions of DOCSIS, with the devices falling back to the highest supported version in common between both endpoints: cable modem (CM) and cable modem termination system (CMTS). For example, if one has a cable modem that only supports DOCSIS 1.0, and the system is running 2.0, the connection will be established at DOCSIS 1.0 data rates.

In 1994, 802.14 was chartered to develop a media access control over an HFC. In 1995, Multimedia Cable Network System (MCNS) was formed. The original partners were TCI, Time Warner Cable, Comcast, and Cox. Later, Continental Cable and Rogers joined the group. In June 1996, SCTE formed the Data Standards Subcommittee to begin work on establishing national standards for high-speed data over cable plant. July 1997: SCTE DSS voted in the affirmative on document DSS 97-2. This standard is based on the well-known specification. The standard was also submitted to International Telecommunications Union Telecommunications Standardization Sector (ITU-T) and has been adopted as ITU-T J.112 Annex B.

As frequency allocation bandwidth plans differ between United States and European CATV systems, DOCSIS standards earlier than 3.1 have been modified for use in Europe. These modifications were published under the name EuroDOCSIS. The differences between the bandwidths exist because European cable TV conforms to PAL/DVB-C standards of 8 MHz RF channel bandwidth and North American cable TV conforms to NTSC/ATSC standards which specify 6 MHz per channel. The wider channel bandwidth in EuroDOCSIS architectures permits more bandwidth to be allocated to the downstream data path (toward the user). EuroDOCSIS certification testing is executed by Belgian company Excentis (formerly known as tComLabs), while DOCSIS certification testing is executed by CableLabs. Typically, customer premises equipment receives "certification", while CMTS equipment receives "qualification".

The ITU Telecommunication Standardization Sector (ITU-T) has approved the various versions of DOCSIS as international standards. DOCSIS 1.0 was ratified as ITU-T Recommendation J.112 Annex B (1998), but it was superseded by DOCSIS 1.1 which was ratified as ITU-T Recommendation Annex B (2001). Subsequently, DOCSIS 2.0 was ratified as ITU-T Recommendation . Most recently, DOCSIS 3.0 was ratified as ITU-T Recommendation J.222 (, , , ).

Note: While ITU-T Recommendation J.112 Annex B corresponds to DOCSIS/EuroDOCSIS 1.1, Annex A describes an earlier European cable modem system ("DVB EuroModem") based on ATM transmission standards. Annex C describes a variant of DOCSIS 1.1 that is designed to operate in Japanese cable systems. The ITU-T Recommendation J.122 main body corresponds to DOCSIS 2.0, J.122 Annex F corresponds to EuroDOCSIS 2.0, and J.122 Annex J describes the Japanese variant of DOCSIS 2.0 (analogous to Annex C of J.112).

DOCSIS provides great variety in options available at Open Systems Interconnection (OSI) layers 1 and 2, the physical and data link layers.

The first three versions of the DOCSIS standard support a downstream throughput with 256-QAM of up to 42.88 Mbit/s per 6 MHz channel (approximately 38 Mbit/s after overhead), or 55.62 Mbit/s per 8 MHz channel for EuroDOCSIS (approximately 50 Mbit/s after overhead). The upstream throughput possible is 30.72 Mbit/s per 6.4 MHz channel (approximately 27 Mbit/s after overhead), or 10.24 Mbit/s per 3.2 MHz channel (approximately 9 Mbit/s after overhead).

DOCSIS 3.1 supports a downstream throughput with 4096-QAM and 25 kHz subcarrier spacing of up to 1.89 Gbit/s per 192 MHz OFDM channel. The upstream throughput possible is 0.94 Gbit/s per 96 MHz OFDMA channel.[17]

Maximum raw throughput including overhead (maximum payload throughput after overhead). Tables assume 256-QAM modulation for downstream and 64-QAM for upstream on DOCSIS 3.0, and 4096-QAM modulation for OFDM/OFDMA (first downstream/upstream methods) on DOCSIS 3.1, although real-world data rates may be lower due to variable modulation depending on SNR. Higher data rates are possible but require higher order QAM schemes which require higher downstream modulation error ratio (MER). DOCSIS 3.1 was designed to support up to 8192-QAM/16,384-QAM, but only support of up through 4096-QAM is mandatory to meet the minimum DOCSIS 3.1 standards.

For DOCSIS 3.0, the theoretical maximum throughput for the number of bonded channels are listed in the table below.

Note that the number of channels a cable system can support is dependent on how the cable system is set up. For example, the amount of available bandwidth in each direction, the width of the channels selected in the upstream direction, and hardware constraints limit the maximum amount of channels in each direction. Also note that, since in many cases, DOCSIS capacity is shared among multiple users, most cable companies do not sell the maximum technical capacity available as a commercial product, to reduce congestion in case of heavy usage.

Note that the maximum downstream bandwidth on all versions of DOCSIS depends on the version of DOCSIS used and the number of upstream channels used if DOCSIS 3.0 is used, but the upstream channel widths are independent of whether DOCSIS or EuroDOCSIS is used.

A DOCSIS architecture includes two primary components: a cable modem located at the customer premises, and a cable modem termination system (CMTS) located at the CATV headend. Cable systems supporting on-demand programming use a hybrid fiber-coaxial system. Fiber optic lines bring digital signals to nodes in the system where they are converted into RF channels and modem signals on coaxial trunk lines.

A typical CMTS is a device which hosts downstream and upstream ports (its functionality is similar to the digital subscriber line access multiplexer (DSLAM) used in a digital subscriber line (DSL) system). While downstream and upstream communications travel on a shared coax line in the customer premises, and connect to a single F connector on the cable modem, it is typical for the CMTS to have separate F connectors for downstream and for upstream communication. This allows flexibility for the cable operator. Because of the noise in the return (upstream) path, an upstream port is usually connected to a single neighborhood (fiber node), whereas a downstream port is usually shared across a small number of neighborhoods. Thus, there are generally more upstream ports than downstream ports on a CMTS. A typical CMTS has four or six upstream ports per downstream port.

Before a cable company can deploy DOCSIS 1.1 or above, it must upgrade its hybrid fiber-coaxial (HFC) network to support a return path for upstream traffic. Without a return path, the old DOCSIS 1.0 standard still allows use of data over cable system, by implementing the return path over the plain old telephone service (POTS). If the HFC is already "two-way" or "interactive", chances are high that DOCSIS 1.1 or higher can be implemented.

The customer PC and associated peripherals are termed customer-premises equipment (CPE). The CPE are connected to the cable modem, which is in turn connected through the HFC network to the cable modem termination system (CMTS). The CMTS then routes traffic between the HFC and the Internet. Using the CMTS, the cable operator (or Multiple Service Operators — MSO) exercises full control over the cable modem's configuration; the CM configuration is changed to adjust for varying line conditions and customer service requirements.

DOCSIS 2.0 is also used over microwave frequencies (10 GHz) in Ireland by Digiweb, using dedicated wireless links rather than HFC network. At each subscriber premises the ordinary CM is connected to an antenna box which converts to/from microwave frequencies and transmits/receives on 10 GHz. Each customer has a dedicated link but the transmitter mast must be in line of sight (most sites are hilltop).[20]

The DOCSIS architecture is also used for fixed wireless with equipment using the 2.5–2.7 GHz Multichannel Multipoint Distribution Service (MMDS) microwave band in the U.S.

DOCSIS includes media access control (MAC) layer security services in its Baseline Privacy Interface specifications. DOCSIS 1.0 used the initial Baseline Privacy Interface (BPI) specification. BPI was later improved with the release of the Baseline Privacy Interface Plus (BPI+) specification used by DOCSIS 1.1 and 2.0. Most recently, a number of enhancements to the Baseline Privacy Interface were added as part of DOCSIS 3.0, and the specification was renamed "Security" (SEC).

The intent of the BPI/SEC specifications is to describe MAC layer security services for DOCSIS CMTS to cable modem communications. BPI/SEC security goals are twofold:

BPI/SEC is intended to prevent cable users from listening to each other. It does this by encrypting data flows between the CMTS and the cable modem. BPI and BPI+ use 56-bit Data Encryption Standard (DES) encryption, while SEC adds support for 128-bit Advanced Encryption Standard (AES). The AES key, however, is protected only by a 1024 bit RSA key, which offers roughly 80 bits of security as the weakest link[21] All versions provide for periodic key refreshes (at a period configured by the network operator) in order to increase the level of protection.

BPI/SEC is intended to allow cable service operators to refuse service to uncertified cable modems and unauthorized users. BPI+ strengthened service protection by adding digital certificate based authentication to its key exchange protocol, using a public key infrastructure (PKI), based on digital certificate authorities (CAs) of the certification testers, currently Excentis (formerly known as tComLabs) for EuroDOCSIS and CableLabs for DOCSIS. Typically, the cable service operator manually adds the cable modem's MAC address to a customer's account with the cable service operator;[22] and the network allows access only to a cable modem that can attest to that MAC address using a valid certificate issued via the PKI. The earlier BPI specification (ANSI/SCTE 22-2) had limited service protection because the underlying key management protocol did not authenticate the user's cable modem.

Security in the DOCSIS network is vastly improved when only business critical communications are permitted, and end user communication to the network infrastructure is denied. Successful attacks often occur when the CMTS is configured for backwards compatibility with early pre-standard DOCSIS 1.1 modems. These modems were "software upgradeable in the field", but did not include valid DOCSIS or EuroDOCSIS root certificates.