Designing Secure ST 2110 Systems

Endrit Vorfaj, Carmela Troncoso

The broadcast industry's transition from Serial Digital Interface (SDI) to SMPTE ST 2110 IP infrastructure offers flexibility but introduces significant security threats. This paper addresses these challenges by proposing comprehensive best practice guidelines tailored to ST 2110 environments, leveraging the European Broadcasting Unio (EBU) Technology Pyramid for Media Nodes. We identify unique vulnerabilities, including the critical dependency on Precision Time Protocol (PTP) and the lack of native stream authentication. To mitigate these risks, the proposed framework integrates multilayered controls: robust network segmentation, secure Advanced Media Workflow Association (AMWA) Networked Media Open Specifications (NMOS) protocols, continuous monitoring, and device hardening. Furthermore, we explore the application of Zero Trust Architecture (ZTA) to reduce the attack surface in distributed workflows. This paper provides broadcast engineers with actionable technical guidance to evolve from traditional perimeter models to a modern Zero Trust approach, ensuring the benefits of IP media production are realized without compromising operational integrity.

Print ISSN: 1545-0279
Electronic ISSN: 2160-2492
Published: 2026-01
Content type: Original Research
Keywords: smpte st 2110, ip media, broadcast security, cybersecurity, zero trust architecture, ebu tech 3371
DOI: 10.5594/JMI.2026/YOXS1352