WASHINGTON—It’s time for broadcasters to confirm that their stations are up and running with the latest in EAS updates.

As it stands today, EAS participants are required to not only receive Common Alert Protocol messages from IPAWS but also configure their systems to reject all CAP-formatted EAS messages that include an invalid digital signature. Now, an effort to maintain compliance with commonly accepted security standards, FEMA is also taking the next step of removing support for older methods by requiring the use of an updated TLS 1.2 protocol to access FEMA’s IPAWS server, said Sage Alerting Systems and the Society of Broadcast Engineers. 

TLS, or Transport Layer Security, is cryptographic protocol providing communications security over networks and is often used for internet communications.

To acquire and verify IPAWS CAP alerts, a broadcaster’s EAS alerting equipment must be upgraded with the TLS 1.2 update prior to Nov. 8, 2019.

The move is one of several rule changes put in place by the Federal Communications Commission and the Federal Emergency Management Agency to improve EAS security to ensure that messages are received smoothly and accurately.

According to Sage, the TLS 1.2 protocol is now part of a September 2019 update called Rev95. Certain ENDEC systems qualify for a free update; older systems will need to purchase an update via a distributor.

SBE cautioned in its blog that after the switchover on Nov. 8, older versions of the ENDEC software will not be able to receive CAP messages from IPAWS. “This will render the station in violation of FCC rules concerning EAS monitoring and logging,” SBE said.

For Gorman-Redlich systems, the SBE reported that stations operating with E-prom V 9.5.8 will remain compliant with the changes. For Digital Alert Systems DASDEC/One-Net systems, those units operating with software versions 3.1 or 4.0 will remain compliant.

In addition to the CAP format changes, the SBE said the FCC also recently changed EAS rules to refine the time window within which an alert message is valid and added a new false EAS alert reporting rule.