A UEFI System with SPDM to Protect Against Unauthorized Device Connections

Computer Science > Cryptography and Security [Submitted on 7 May 2026] A UEFI System with SPDM to Protect Against Unauthorized Device Connections Ágatha de Freitas, Marcos A. Simplicio Jr, Bruno C. Albertini, Renan C. A. Alves Attackers willing to compromise computing systems can use malicious peripherals as an attack vector, threatening users that cannot verify the hardware's authenticity. To address this problem, our work uses the Security Protocol and Data Model to propose a UEFI system capable of authenticating PCIe and USB devices trying to connect with it. We also develop an open source proof-of-concept using emulation to evaluate and illustrate our proposal, which is capable of restricting the devices' connections to only those allowed, thus protecting the system against malicious peripherals. Then, using kernel virtualization features to evaluate the emulation, we collect the number of instructions and CPU cycles during boot. Our experiments reveal that, during firmware execution, the number of instructions and the number of CPU cycles increased respectively 13% and 8% on average. This processing overhead is acceptable in view of enhanced security. Institutions requiring high security levels can leverage our proof-of-concept to tailor their own system based on their own requirements. Comments: 11 pages, 4 figures Subjects: Cryptography and Security (cs.CR) Cite as: arXiv:2605.06744 [cs.CR]   (or arXiv:2605.06744v1 [cs.CR] for this version)   https://doi.org/10.48550/arXiv.2605.06744 Focus to learn more Submission history From: Ágatha Freitas [view email] [v1] Thu, 7 May 2026 14:40:26 UTC (93 KB) Access Paper: HTML (experimental) view license Current browse context: cs.CR < prev   |   next > new | recent | 2026-05 Change to browse by: cs References & Citations NASA ADS Google Scholar Semantic Scholar Export BibTeX Citation Bookmark Bibliographic Tools Bibliographic and Citation Tools Bibliographic Explorer Toggle Bibliographic Explorer (What is the Explorer?) Connected Papers Toggle Connected Papers (What is Connected Papers?) Litmaps Toggle Litmaps (What is Litmaps?) scite.ai Toggle scite Smart Citations (What are Smart Citations?) Code, Data, Media Demos Related Papers About arXivLabs Which authors of this paper are endorsers? | Disable MathJax (What is MathJax?)