ECI系统的架构在ECI规范ETSI GS ECI 001-1[1]中定义。ECI系统是 基于ECI规范ETSI GS ECI 001-2[2]中定义的要求。本文件规定了 ECI生态系统的核心功能，包括CA/DRM容器、加载程序、接口和吊销详细信息。A. 与目前部署的系统相比，ECI生态系统的主要优势和创新在于 用于加载和交换CA/DRM系统的基于软件的体系结构，避免任何可拆卸的硬件 模块。软件容器为CA或DRM内核提供了一个安全的（“沙盒”）环境 命名为ECI客户端，以及它们各自的虚拟机实例。 必要的和相关的应用 ECI客户端和ECI主机之间的编程接口（API）确保多个ECI客户端可以在 一个安全的操作环境，与CPE固件的其余部分完全隔离，并完全指定 细节ECI加载程序的任务是安装和交换一台ECI主机以及多个ECI客户端， 最初由芯片加载器加载。ECI主机和ECI客户端通过DVB数据转盘下载 在宽带接入的情况下，广播服务和/或通过基于IP的机制从服务器发送。

The architecture of the ECI system is defined in the ECI specification ETSI GS ECI 001-1 [1]. The ECI system is based on requirements as defined in the ECI specification ETSI GS ECI 001-2 [2]. The present document specifies the core functionality of an ECI Ecosystem, including CA/DRM Container, Loader, Interfaces and Revocation details. A major advantage and innovation of the ECI Ecosystem, compared with currently deployed systems, is a complete software-based architecture for the loading and exchange of CA/DRM systems, avoiding any detachable hardware modules. Software containers provide a secure ("Sandbox") environment for either CA or DRM kernels, hereafter named as ECI Clients, together with their individual Virtual Machine instances. Necessary and relevant Application Programming Interfaces (API) between ECI Clients and ECI Host ensure that multiple ECI Clients can be operated in a secure operation environment and completely isolated from the rest of the CPE firmware and are specified in full detail. The installation and exchange of an ECI Host as well as multiple ECI Clients is the task of the ECI Loader, which initially is loaded by a chip loader. ECI Host and ECI Clients are downloaded via the DVB data carousel for broadcast services and/or via IP-based mechanisms from a server in case of broadband access.