💾 Archived View for gemini.bortzmeyer.org › fosdem › event-11094.gmi captured on 2022-04-29 at 01:25:42. Gemini links have been rewritten to link to archived content

View Raw

More Information

⬅️ Previous capture (2021-12-17)

-=-=-=-=-=-=-

FOSDEM event "Using OpenSPDM in Firmware as a Foundation for Secure Device Communication"

Jiewen Yao and Norbert Kamiński and xiaoyuruan

Type devroom

Starts on day 2 (2021-02-07) at 17:00 (Brussels time, UTC+1) in room Firmware (duration 00:45)

Matrix room #firmware:fosdem.org

Security Protocol and Data Model (SPDM) is a standard published by the Distributed Management Task Force (DMTF) organization Platform Management Components Intercommunication (PMCI) working group. SPDM’s vision is to resolve the long-lasting problem of compatible secure communication solution between two endpoints of embedded systems. Protocols defined by SPDM can be used for a wide range of security functionalities including authentication of hardware/firmware identities, delivering measurements, performing attestation, and establishing session keys for secure communication channels.

This presentation introduces OpenSPDM, an open-source sample implementation which implements an SPDM requester utility to validate a vendor’s responder implementation. The talk covers SPDM 1.0 device authentication and firmware measurement collection, and SPDM 1.1 session creation for data communication protection.

The audience will learn the main components of the SPDM protocol. A firmware solution builder will learn how to implement a SPDM requester to perform device authentication/attestation and create a secured session with a target device. A device builder will learn how to implement a SPDM responder for authentication/measurement requests and create a secured session to protect communications.

FOSDEM schedule page