I hope you can pull it off... Would be a good service to offer.

What is the purpose of that certificate? DCPs are decrypted by the media block. If it’s an external MB there is link encryption which is decrypted by the Enigma. So what does this other thing do? If it fails does that just eliminate playback of encrypted DCPs, any DCP, or shut down the entire projector?

The non replacable battery maintains the DCI certificate. The replacable battery maintains the clock, just like on any computer motherboard. If the certificate battery fails it shuts down the equipment until the ICP is replaced. The old ICP is not salvagable. Also, T.I. did not intend that battery ever be replaced. Just that it will last a minimum number of years which was either 10 or 12. There are projectors I installed all the way back to a month after S-2 NEC was available, so they are going on about 11 or 12 years now. The ICP is a ~$3500.00 plus board, just so you know. I have had two fail. One had a bad super capacitor and the other at a drive in where the screen tower took a lightening hit. They are pretty easy to replace using the T.I. control software. Next time you have a tech there have him save your current ICP settings as that makes replacement way less time consuming.

The projector itself has to be on the "Trusted Device List." Believe it or not, if the content creators want to tie a key to not only a server but a projector, they would use the ICP certificate. The certificate is what allows it to be on the TDL.

The server's TDL device is either the Enigma (SDI) or the IMB...it is never the storage unit. Believe it or not, for Dolby Atmos, the CP850 or CP950A have to have their own keys as they must have the same security as other devices as they are also looking at the encrypted stream.

For this reason, NEC's official line is that you should send them a new copy of a projector's CSV certificate whenever you upgrade the software/firmware, replace a card, and/or reset the installation date. Presumably, this is so that if if the studios ever do start to configure their encryption such that KDMs reference the ICP as well as the media block, NEC can provide them with up-to-date data on projectors in the field. I have done this ever since receiving the instructions from NEC via my boss, but have formed the impression that most other techs don't bother.

Leo, I believe your impressions are correct.