Security Engineering Glossary
Definitions, pitfalls, and implementation notes for CCTV, access control, alarms, VMS/NVR, networking, and perimeter systems.
25 terms
Start Here
Essential terms for security engineering
Zero Trust Architecture(ZTA)
Physical security environments now run on IP networks, cloud services, APIs, mobile devices, and unmanaged edge hardware. Zero Trust reduces lateral movement, limits blast radius after a compromise, and makes it harder for a breach in one subsystem to expose the rest of the estate.
Perimeter Intrusion Detection System(PIDS)
PIDS matters because perimeter security should detect an intrusion attempt at the boundary, not only after the person reaches the building, equipment, or inventory. Strong PIDS design combines sensors, zones, CCTV verification, alarm transmission, and operator procedures.
SIA DC-09
As alarm systems move from PSTN to IP, protocol choice affects reliability, interoperability, and cybersecurity posture. SIA DC-09 matters when integrators need supervised, standards-based alarm transport that fits current network infrastructure.
OSDP(Open Supervised Device Protocol)
For many access-control programs, moving from Wiegand to OSDP is one of the clearest technical ways to reduce credential interception risk and improve device supervision. It also creates a cleaner foundation for stronger credentials and smarter reader behavior.
PoE(Power over Ethernet)
Many camera and edge-device problems come down to power budget, cable length, startup draw, or mismatch between endpoint requirements and switch capability. Understanding PoE prevents underpowered deployments and avoids treating power failures as mysterious network faults.
VMS(Video Management System)
Camera quality alone does not create a good surveillance operation. VMS selection affects scalability, incident workflow, permissions, integrations, evidence search, and the real cost of operating the estate over time.
NVR(Network Video Recorder)
Recording performance is where many surveillance projects succeed or fail operationally. If the NVR cannot ingest, store, or recover video reliably, the camera system may look fine on paper while still failing the business during a real event.
RTSP(Real Time Streaming Protocol)
RTSP is one of the most common practical integration points in CCTV, but weak URL handling, exposed credentials, firewall mistakes, and unsupported stream profiles can break live viewing or create security risk.
ONVIF(Open Network Video Interface Forum)
ONVIF matters because many security projects mix cameras, recorders, VMS platforms, and analytics from different vendors. A camera can advertise ONVIF support but still need profile, firmware, credential, time-sync, RTSP, event, and VMS testing before it is safe for deployment.
CBR / VBR
Bitrate strategy directly affects storage cost, uplink sizing, remote viewing quality, and how video behaves under motion-heavy conditions. Choosing the wrong mode can waste storage, overload links, or degrade usable evidence during critical events.
Contact ID
Contact ID matters when legacy alarm panels need to feed modern IP receivers, VMS, PSIM, SOC, camera-verification, or FortSense perimeter workflows. A clean event-code map helps operators distinguish burglary, tamper, trouble, restore, and test signals before dispatch.
DESFire
DESFire often becomes the practical upgrade path for organizations leaving weak legacy credentials behind. It improves security, but only when reader support, key management, issuance controls, and backend integration are implemented correctly.
GDPR(General Data Protection Regulation)
Security teams often focus on technical performance and forget that video evidence is personal data in many deployments. GDPR affects retention, access rights, lawful basis, camera placement, auditability, and vendor handling of recorded footage.
H.264
H.264 remains common because it is broadly compatible with cameras, VMS platforms, NVRs, browsers, and forensic workflows. Buyers still need to choose bitrate, frame rate, GOP, quality, and retention settings carefully instead of selecting H.264 by default.
H.265
Compression choice affects retention cost, recorder sizing, remote viewing, and client compatibility. H.265 can reduce storage and bandwidth requirements, but the gain depends on scene complexity, device support, and the decoding burden placed on the rest of the system.
LPR(License Plate Recognition)
LPR can automate gates, improve investigations, and structure vehicle events, but only if plate reads are reliable in the site’s actual conditions. Many failures blamed on software are really caused by poor scene design and unrealistic performance expectations.
MIFARE
Credential choice affects cloning risk, migration cost, reader compatibility, and long-term security posture. Many organizations still run older MIFARE credentials and need a clear path away from weak implementations without breaking operations.
MJPEG(Motion JPEG)
MJPEG matters for security design because storage, bandwidth, and VMS compatibility decisions can change the size and cost of a 30-day retention system. Buyers comparing MJPEG vs H.264 vs H.265 should calculate retention impact before procurement.
NDAA(National Defense Authorization Act)
Integrators, consultants, and end users can lose deals, fail bid requirements, or trigger remediation work if non-compliant equipment enters a project. NDAA affects vendor selection, product shortlists, and proof required for public-sector and adjacent enterprise deployments.
NTP(Network Time Protocol)
Bad timestamps create avoidable confusion during incident analysis, make cross-system correlation harder, and can weaken the value of exported evidence. Time sync errors often stay invisible until a serious event forces teams to reconstruct what happened.
NVR(Network Video Recorder)
Recording performance is where many surveillance projects succeed or fail operationally. If the NVR cannot ingest, store, or recover video reliably, the camera system may look fine on paper while still failing the business during a real event.
ONVIF(Open Network Video Interface Forum)
ONVIF matters because many security projects mix cameras, recorders, VMS platforms, and analytics from different vendors. A camera can advertise ONVIF support but still need profile, firmware, credential, time-sync, RTSP, event, and VMS testing before it is safe for deployment.
OSDP(Open Supervised Device Protocol)
For many access-control programs, moving from Wiegand to OSDP is one of the clearest technical ways to reduce credential interception risk and improve device supervision. It also creates a cleaner foundation for stronger credentials and smarter reader behavior.
Perimeter Intrusion Detection System(PIDS)
PIDS matters because perimeter security should detect an intrusion attempt at the boundary, not only after the person reaches the building, equipment, or inventory. Strong PIDS design combines sensors, zones, CCTV verification, alarm transmission, and operator procedures.
PoE(Power over Ethernet)
Many camera and edge-device problems come down to power budget, cable length, startup draw, or mismatch between endpoint requirements and switch capability. Understanding PoE prevents underpowered deployments and avoids treating power failures as mysterious network faults.
PSIM(Physical Security Information Management)
Organizations with many subsystems often suffer from swivel-chair operations, inconsistent incident handling, and poor correlation between events. PSIM can reduce operator overload and speed response when it is deployed around real workflows rather than as another dashboard.
RAID(Redundant Array of Independent Disks)
Video retention targets are expensive, and storage failure can cause evidence loss or recording interruption. RAID helps protect against some hardware failures, but teams need realistic expectations about rebuild time, redundancy limits, and overall storage architecture.
RTSP(Real Time Streaming Protocol)
RTSP is one of the most common practical integration points in CCTV, but weak URL handling, exposed credentials, firewall mistakes, and unsupported stream profiles can break live viewing or create security risk.
SIA DC-09
As alarm systems move from PSTN to IP, protocol choice affects reliability, interoperability, and cybersecurity posture. SIA DC-09 matters when integrators need supervised, standards-based alarm transport that fits current network infrastructure.
VLAN(Virtual Local Area Network)
Flat networks make troubleshooting harder, enlarge attack surface, and allow unnecessary traffic between devices that should be separated. VLAN design improves performance, reduces noise, and supports better control over surveillance and security infrastructure.
VMS(Video Management System)
Camera quality alone does not create a good surveillance operation. VMS selection affects scalability, incident workflow, permissions, integrations, evidence search, and the real cost of operating the estate over time.
WDR(Wide Dynamic Range)
A camera can have the right resolution and still miss critical evidence if contrast is handled poorly. WDR improves the odds of getting usable detail in difficult scenes, which makes it a design choice that affects evidentiary value, not just image aesthetics.
Wiegand
Wiegand exposure makes it easier to intercept or replay credential data and undermines otherwise modern access-control deployments. Understanding Wiegand risk helps organizations justify migration and avoid preserving insecure design patterns during upgrades.
Zero Trust Architecture(ZTA)
Physical security environments now run on IP networks, cloud services, APIs, mobile devices, and unmanaged edge hardware. Zero Trust reduces lateral movement, limits blast radius after a compromise, and makes it harder for a breach in one subsystem to expose the rest of the estate.