System Components
Chapter 1 — Architecture, components, working principles, and failure recovery chains
1.1 System Architecture
A surveillance coverage system is not a collection of isolated cameras — it is a layered infrastructure in which every component depends on the correct functioning of others. The architecture is organized into three physical zones: the Edge Zone (cameras and sensors), the Access Zone (PoE switches and fiber uplinks), and the Core Zone (VMS, NVR, storage, and management). Understanding the boundaries between these zones, the data flows that cross them, and the redundancy paths that protect them is essential before any camera is mounted or cable is pulled.
Video streams flow from cameras at the edge, encoded in H.264 or H.265, across PoE switches and fiber aggregation links to the VMS server in the core, where they are recorded, indexed, and made available for search, playback, and export. Control flows in the opposite direction: the VMS pushes configuration, recording policies, and PTZ commands back to cameras. NTP time synchronization feeds every device in all three zones to ensure forensic timestamp accuracy. UPS systems protect the core and aggregation layers against power interruptions, while grounding and surge protection at the edge protect cameras and switches from lightning-induced transients.
Figure 1.1: Deployment Boundary & Data Flow Diagram — Edge cameras connect via PoE switches to fiber aggregation, which feeds the core VMS and storage. NTP synchronizes all layers; UPS protects core and aggregation. Optional blocks include analytics servers, SIEM/SOC, access control, and lighting controllers.
The module relationships define clear responsibilities at each layer. Cameras at the edge generate encoded video streams, event metadata from built-in analytics, and health telemetry (temperature, tamper status, PoE power draw). The VMS in the core manages user permissions, recording policies, event indexing, and the playback and export workflow. Storage provides the retention capacity, write performance, and RAID resilience needed to sustain continuous recording without dropped frames. The network layer ensures VLAN segmentation to isolate CCTV traffic, sufficient bandwidth headroom for peak loads, and reliable time synchronization. The power and UPS layer ensures stable runtime for critical nodes and safe, orderly shutdown during extended outages.
Core vs. Optional vs. Supporting: Core components are cameras, mounts, PoE/access switches, aggregation/core switches, VMS/NVR, storage, NTP, and UPS for critical nodes. Optional components include analytics engines (face/plate/object), thermal cameras, multi-sensor stitching, VCA-triggered recording, and edge SD card failover. Supporting components include structured cabling, conduits, lightning arrestors, environmental enclosures, and labeling/documentation.
1.2 Components and Functions
Each component in the surveillance system has a defined set of responsibilities, inputs, outputs, and key performance indicators (KPIs). Understanding these relationships prevents the most common design errors, which typically arise from mismatched specifications — for example, selecting a camera with insufficient WDR for a backlit entrance, or sizing a PoE switch without accounting for heater and IR load at night. The table below presents the full component stack with responsibilities, KPIs, and typical mismatch risks.
Figure 1.2: System Component Stack — From camera sensor through lens, illumination, mount, housing, PoE switch, backbone, VMS/NVR, storage, and time sync. Each component is annotated with key KPIs and typical mismatch risks.
| Component | Responsibilities | Inputs | Outputs | Key KPIs | Typical Mismatch Risks |
|---|---|---|---|---|---|
| Camera Sensor + ISP | Capture, exposure control, WDR, noise reduction | Light, power, time sync | Encoded video frames | SNR, WDR dB, min lux | Over-promised sensitivity; motion blur at night |
| Lens (Fixed/Varifocal) | Defines FOV and PPM at target plane | Target distance, scene width | Image scale (PPM) | Focal length, F-number, distortion | Wrong focal length → insufficient PPM |
| IR / White Light | Night illumination for sensor | Power, trigger signals | IR or visible light output | Range (m), uniformity, power (W) | Hot spots; overexposure at close range |
| Mount / Bracket / Pole | Physical stability, angle, safety | Structure, wind load | Stable camera position | Wind load rating, vibration tolerance | Shaking image, drift, unsafe maintenance |
| Housing / Enclosure | Weather and dust protection | Ambient conditions | Protected device environment | IP rating, heater power (W) | Condensation, overheating |
| PoE Switch | Power delivery + network aggregation | AC/UPS power | PoE + Ethernet to cameras | PoE budget (W), throughput (Gbps) | PoE overload → reboot loops |
| Backbone (Fiber) | Uplink capacity and redundancy | Network design | Core connectivity | Latency (ms), redundancy paths | Single fiber cut → full zone outage |
| VMS / NVR | Recording, permissions, playback, export | Video streams, events | Archives, search results, exports | Concurrent streams, search latency | Under-sized CPU/GPU → dropped frames |
| Storage | Retention and write integrity | Continuous write IO | Read IO for playback, archive | IOPS, throughput, RAID resiliency | Disk bottleneck → dropped frames |
| Time Sync (NTP) | Forensic timestamp accuracy | External time source | Consistent timestamps across all devices | Offset (ms), redundancy | Evidence disputes due to clock drift |
1.3 Working Principles
Startup Sequence
When power is applied to the system, the startup sequence follows a defined order to ensure all dependencies are met before recording begins. Understanding this sequence is critical for commissioning and for diagnosing startup failures.
Normal Operation
During normal operation, cameras continuously encode video at the configured profile and stream it to the VMS via RTSP over the CCTV VLAN. The VMS writes streams to storage according to the recording policy (continuous, scheduled, or event-triggered), indexes events from camera analytics and external alarm inputs, and maintains audit logs of all user actions. Operators search and play back recordings using the VMS client, and export evidence clips with hash verification for chain-of-custody integrity. Periodic keyframe checks and health telemetry from cameras and switches feed the monitoring dashboard, enabling proactive fault detection before failures impact recording continuity.
Exception and Recovery Chains
Three common failure chains illustrate how component-level faults propagate through the system and how they should be diagnosed and resolved. Each chain follows the pattern: trigger event → system behavior → observable symptom → recovery action.
Chain 1: PoE Overload
Trigger: Additional cameras added without updating PoE budget. Behavior: Switch total PoE draw exceeds budget; switch disables ports to protect itself; cameras reboot; VMS shows intermittent camera offline alarms. Symptom: Recurring offline/online cycles on specific ports, especially at night when IR activates. Recovery: Rebalance PoE loads across switches, upgrade PoE class (af→at→bt) for high-draw cameras, enable per-port power limits, and validate with PoE budget calculator before adding any future cameras.
Chain 2: Night Motion Blur
Trigger: Insufficient illumination in low-lux conditions. Behavior: Camera ISP increases gain and reduces shutter speed to maintain exposure; moving subjects produce motion blur; face and plate details become unusable. Symptom: Recordings exist but are not admissible as evidence; smear trails on moving objects. Recovery: Add supplemental IR or white-light illumination, select a camera with a larger sensor or faster lens (lower F-number), enforce a minimum shutter speed in the encoding profile, and validate with a night moving-person test.
Chain 3: Storage Saturation
Trigger: Actual camera bitrates exceed the design estimate (e.g., due to high scene complexity or incorrect VBR settings). Behavior: Storage write throughput saturates; VMS drops frames to keep up; retention period shortens as oldest recordings are overwritten sooner. Symptom: "Recording gaps" in playback timeline; retention days shorter than specified. Recovery: Enforce encoding profiles with VBR caps, expand storage capacity, segregate playback and recording I/O tiers, and validate with a 72-hour sustained write test measuring actual throughput.
Design Rule: Every exception chain in this section has a corresponding acceptance test. Do not sign off on a system until each chain has been deliberately triggered in a controlled test and the recovery procedure has been verified to work within the specified time.
Component Interaction Summary
| From Component | To Component | Data / Signal | Protocol / Medium | Failure Impact |
|---|---|---|---|---|
| Camera | PoE Switch | Video stream + power request | RTSP / 802.3af/at/bt | Camera offline, no recording |
| PoE Switch | Aggregation Switch | Aggregated video streams | Fiber / 1–10 GbE | Zone-wide outage |
| Aggregation | VMS Server | All streams + management | 10 GbE / VLAN | Full recording loss |
| VMS Server | Storage | Continuous write IO | iSCSI / FC / NFS | Dropped frames, retention gap |
| NTP Server | All Devices | Time synchronization | NTP UDP/123 | Timestamp disputes in evidence |
| VMS Server | Camera | Config, PTZ, recording policy | ONVIF / HTTPS | Cameras run on last config |
| Access Control | VMS | Door events for correlation | API / dry contact | Broken incident correlation |