Real-time video is often sent via RTSP (Real-Time Streaming Protocol) or similar, which coordinates video/audio streams (typically over RTP/UDP for efficiency). In some consumer systems, video might be tunneled through HTTPS or even WebRTC for live playback in browsers. HLS (HTTP Live Streaming) and DASH (Dynamic Adaptive Streaming over HTTP) are increasingly popular for cloud-based systems that need to adapt to varying network conditions. Professional surveillance systems might employ RTMP (Real-Time Messaging Protocol) for low-latency streaming to recording servers, though this is being phased out in favor of more modern alternatives.

IoT sensors and cameras often communicate events and telemetry using lightweight IoT protocols. MQTT (Message Queuing Telemetry Transport) is widely used for pub/sub messaging from devices to IoT brokers. CoAP (Constrained Application Protocol) is another, used for simple RESTful messaging in constrained devices. MQTT's QoS (Quality of Service) levels provide delivery guarantees crucial for critical security events, while AMQP (Advanced Message Queuing Protocol) offers more robust message routing capabilities for enterprise deployments. Many systems implement Websockets to enable real-time updates to monitoring dashboards, facilitating immediate alerts when motion or anomalies are detected.

Cameras typically have administrative interfaces – whether local web dashboards or cloud APIs. These use HTTP/HTTPS or vendor-specific protocols. For instance, ONVIF-compliant cameras have a web services API for pan-tilt-zoom control, user management, etc. SOAP and REST architectures underpin most modern camera APIs, with JSON becoming the dominant data format over XML. Many enterprise-grade systems now offer GraphQL interfaces to reduce bandwidth usage by allowing clients to request only the specific data they need. Authentication for these APIs ranges from basic auth to OAuth 2.0 and JWT (JSON Web Tokens) in more secure implementations.

Many legacy IP cameras stream RTSP over the local network with no encryption, which enabled researchers to perform feed-spoofing attacks. Modern systems increasingly use TLS/SSL encryption on video feeds to prevent eavesdropping. Additional security measures include certificate pinning to prevent man-in-the-middle attacks, mutual TLS authentication where both server and client verify each other's identity, and perfect forward secrecy to ensure that session keys cannot be compromised retroactively. As surveillance systems become more connected to cloud services, zero trust architectures are being implemented that require continuous verification rather than assuming trust based on network location. Some regulated industries now mandate end-to-end encryption for all video data, even when stored locally.

Due to the high stakes, smart city infrastructure is often audited by cybersecurity teams. Ethical hackers might be hired to attempt to breach the camera network, identifying weaknesses before real adversaries do. These comprehensive assessments typically include firmware analysis, network traffic inspection, and physical security evaluations. Many municipalities require quarterly or biannual penetration tests with detailed remediation plans for any vulnerabilities discovered.

Municipal systems may adhere to government cybersecurity frameworks and policies (e.g., guidelines from national agencies on critical infrastructure security). These often include NIST Special Publications for cybersecurity, ISO 27001 standards for information security management, and sector-specific guidelines like the EU's NIS2 Directive. Smart cities typically implement multi-layered governance structures with dedicated compliance officers ensuring all surveillance systems meet or exceed these regulatory requirements.

Smart city administrators develop incident response plans for camera network attacks. This could include backup systems (patrols if cameras go down), procedures to rapidly shut off compromised segments, and public communication strategies. These plans typically feature tabletop exercises simulating various attack scenarios, predefined escalation pathways to different government agencies, and integration with broader disaster recovery planning. Many advanced smart cities also maintain redundant command centers that can assume control if the primary operations center is compromised.

The goal is resilience – ensuring the city isn't helpless if the surveillance "eyes" are temporarily blinded or manipulated. This involves implementing defense-in-depth strategies with overlapping security controls, geographically distributed backup systems, and graceful degradation pathways. Modern resilience approaches incorporate AI-powered anomaly detection to identify potential threats before they cause significant disruption. Cities often develop fail-safe mechanisms that ensure critical functions continue operating even during severe cybersecurity incidents, with predetermined thresholds for manual intervention and oversight.

New devices implement secure boot loaders that ensure only authentic, vendor-signed firmware can run on the device. This prevents malware from persisting on a camera even if an attacker tries to flash it. Multi-stage verification processes validate firmware integrity at each boot phase, creating a chain of trust from hardware to application layer.

Many IoT chipsets now include secure elements or TPM-like modules that store cryptographic keys securely. These keys can identify the device and encrypt its data. The hardware-based security features provide protection against physical tampering and side-channel attacks, ensuring credentials remain safe even if the device's main processor is compromised.

Vendors are doing away with universal default passwords. Some leaders have moved to practices like forcing the user to set a password on first use or using unique per-device credentials printed in the box. Many manufacturers now also undergo third-party security audits to identify and eliminate potential backdoors, with some implementing bug bounty programs to encourage security researchers to responsibly disclose vulnerabilities.

Future-proofing devices with the ability to receive over-the-air (OTA) updates seamlessly is now a standard ask. This allows security patches to be rolled out rapidly when new vulnerabilities emerge. Advanced update systems include rollback protection to prevent downgrade attacks, signed update packages to verify authenticity, and redundant storage to recover from failed updates without bricking the device.

Modern surveillance devices increasingly implement end-to-end encryption for both data at rest and in transit. This includes encrypted local storage for recorded footage, TLS 1.3 for API communications, and certificate pinning to prevent man-in-the-middle attacks. Some enterprise solutions now offer customer-managed encryption keys, giving organizations complete control over who can access their surveillance data.

Secure devices are designed with network segmentation capabilities, allowing them to operate in isolated VLANs separate from other business systems. Advanced implementation includes fine-grained access control lists, configurable firewall rules at the device level, and the ability to disable unused network services. This significantly reduces the attack surface by limiting what protocols and ports are exposed.

Leading manufacturers have adopted secure development practices throughout the product lifecycle. This includes threat modeling during design, static and dynamic code analysis during development, penetration testing before release, and vulnerability management post-deployment. These processes help identify and mitigate security weaknesses before devices reach customer environments.

From an architectural view, decentralization also means pushing processing and decision-making closer to the edge. An edge computing model can localize the impact of attacks (if one edge node is compromised, it might only affect its region). This architectural approach reduces latency by processing data where it's generated rather than sending everything to a central server. In security applications, this means faster threat detection and response, critical for time-sensitive situations. Edge devices can make immediate security decisions without waiting for central authorization, creating a more agile security posture.

Some propose mesh networks of cameras that can route data among themselves dynamically – if one path is compromised, data finds another route. These networks create multiple pathways for data transmission, eliminating single points of failure. Each node in a mesh network acts as both a data source and a relay point, strengthening the overall system resilience. Advanced implementations incorporate adaptive routing algorithms that continuously optimize data paths based on network conditions, bandwidth availability, and security considerations. This approach is particularly valuable in environments where traditional network infrastructure may be unreliable or vulnerable.

While complex, such self-healing networks could be more resilient to outages or targeted attacks on infrastructure (e.g., if an attacker cuts a certain fiber line, the mesh reroutes via wireless links automatically). These networks employ sophisticated algorithms to detect failures or anomalies and reconfigure themselves without human intervention. The self-healing capability extends beyond simple rerouting to include automatic firmware updates, security patch deployment, and even the ability to isolate compromised nodes. This autonomous recovery mechanism significantly reduces system downtime and minimizes the window of vulnerability during an attack. Implementation typically requires distributed intelligence across the network with nodes capable of making cooperative decisions about network topology.

A decentralized approach often involves more redundancy – multiple small storage nodes instead of one big database, multiple authentication authorities instead of one, etc. This can improve resilience. Strategic redundancy creates systems that continue functioning despite component failures or attacks. Beyond simple duplication of resources, modern redundancy strategies implement diverse technologies and mechanisms to prevent common-mode failures. For example, a comprehensive security system might employ multiple authentication methods (biometric, token-based, and knowledge-based) running on different platforms. Data redundancy can be implemented through distributed storage systems using erasure coding or blockchain technologies to ensure data integrity even when some nodes are compromised. While this approach may increase initial deployment costs, it significantly reduces recovery expenses and reputational damage from major outages.