SPDM Protocol Support

Computers & Servers

Security Protocol and Data Model over MCTP

What is SPDM?

SPDM (Security Protocol and Data Model) is a DMTF specification for device authentication, measurement, and attestation transported over MCTP. SPDM enables a verifier (typically a BMC or host) to authenticate managed components such as NICs, GPUs, storage controllers, and FPGAs by exchanging certificates, performing challenge-response authentication, and retrieving device measurements. SPDM is becoming a critical requirement in data center security architectures for establishing hardware root of trust. Engineers debugging platform security need SPDM decode to verify the authentication handshake, certificate chain validation, and measurement reporting between the verifier and responder devices.

SPDM Quick Reference

type Packet-based
signals MCTP transport
features DMTF device authentication and attestation

Acute Instruments Supporting SPDM

TravelLogic Series

TravelLogic Series
LA4000 Series

LA4000 Series

Ready to analyze this protocol?

See how Acute instruments capture and decode this protocol in real time. Request a demo or contact our team.

Request a Demo View Supported Products

How to Analyze SPDM with Acute Instruments

1

Connect your Acute logic analyzer to the MCTP transport interface carrying SPDM traffic.

2

Attach a ground lead to the target board's ground reference.

3

In the Acute software, select the SPDM protocol decoder and assign the transport signals to the correct input channels.

4

Configure the decoder for the MCTP transport binding.

5

Capture and view decoded SPDM messages showing GET_VERSION, GET_CAPABILITIES, NEGOTIATE_ALGORITHMS, GET_DIGESTS, GET_CERTIFICATE, CHALLENGE, and GET_MEASUREMENTS exchanges.

Frequently Asked Questions

What sample rate is required for SPDM analysis?
SPDM is carried over MCTP, so the sample rate is determined by the underlying transport. For SMBus MCTP, 2-4 MHz is sufficient. For Ethernet MCTP, follow the Ethernet PHY interface sample rate requirements. SPDM exchanges are relatively infrequent handshake events, but individual messages (particularly certificate chains) can be large, requiring adequate capture depth.
Why is my SPDM authentication handshake failing?
SPDM authentication failures commonly occur during version negotiation, algorithm negotiation, or certificate verification. Capture the full SPDM handshake sequence to identify at which step the failure occurs. Check that both the verifier and responder support a common SPDM version and algorithm set. Certificate chain errors may indicate an expired or untrusted root certificate, or that the responder's certificate does not match the expected identity.
How many channels are needed for SPDM analysis?
Channel requirements match the underlying MCTP transport. For SMBus: 2 channels. For Ethernet: 6-12 channels depending on the PHY interface. SPDM adds no physical signals beyond the MCTP transport layer.

Related Protocols

MCTP Control PLDM

Need help choosing the right instrument for your protocol? Contact our engineering team.

View Supported Products Contact Us