DMTF’s Security Protocol and Data Model (SPDM) protocol is a widely used set of standards that enable secure communication and device authentication for platform-level security. This session will give an update on major developments by the SPDM Working Group, and where the group is going over the next year.

In the past year, DMTF has released SPDM version 1.4, the first version to support CNSA 2.0 algorithms for post-quantum cryptography. This was added to the specification in a way that maintains backwards compatibility with existing deployments and enables platforms to adopt forward-looking requirements.

The SPDM to Storage binding (version 1.0) was also released, enabling SPDM to secure a broad range of storage transports using a common command set. This release enables SPDM across a variety of storage protocols using a broadly compatible command set. 

DMTF has also released the SPDM Authorization specification, which adds access policies on top of SPDM. The authorization specification leverages the capabilities of SPDM to bring access control, credential provisioning, and policy management to modern platforms, including support for CXL.

The session will conclude with a look at the SPDM Working Group’s roadmap, including anticipated enhancements and potential new use cases.