💾 Archived View for gemini.bortzmeyer.org › fosdem › event-11094.gmi captured on 2023-03-21 at 01:06:23. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2021-12-17)
-=-=-=-=-=-=-
Jiewen Yao and Norbert Kamiński and xiaoyuruan
Type devroom
Starts on day 2 (2021-02-07) at 17:00 (Brussels time, UTC+1) in room Firmware (duration 00:45)
Matrix room #firmware:fosdem.org
Security Protocol and Data Model (SPDM) is a standard published by the Distributed Management Task Force (DMTF) organization Platform Management Components Intercommunication (PMCI) working group. SPDM’s vision is to resolve the long-lasting problem of compatible secure communication solution between two endpoints of embedded systems. Protocols defined by SPDM can be used for a wide range of security functionalities including authentication of hardware/firmware identities, delivering measurements, performing attestation, and establishing session keys for secure communication channels.
This presentation introduces OpenSPDM, an open-source sample implementation which implements an SPDM requester utility to validate a vendor’s responder implementation. The talk covers SPDM 1.0 device authentication and firmware measurement collection, and SPDM 1.1 session creation for data communication protection.
The audience will learn the main components of the SPDM protocol. A firmware solution builder will learn how to implement a SPDM requester to perform device authentication/attestation and create a secured session with a target device. A device builder will learn how to implement a SPDM responder for authentication/measurement requests and create a secured session to protect communications.