SPDM-WiD: A Tool for Inspecting Security Protocol Data Model (SPDM) Packets
Abstract
Network protocol implementations need to be tested in conjunction with good debugging tools to ensure that packets exchange follows specifications. Although packet sniffers like Wireshark can capture any packet transiting a network interface, the absence of protocol-specific dissectors makes debugging tedious and error-prone. This paper presents the SPDM-WiD (SPDM Wireshark Dissector) tool, a dissector for packet inspection of the Security Protocol Data Model (SPDM), an open communication standard for hardware and firmware authentication. Experiments carried out attest to the effectiveness of the tool and its usefulness in test scenarios for an SPDM implementation.
References
Alves, R. C. A., Albertini, B. C., and Simplicio, M. A. (2022). Securing Hard Drives with the Security Protocol and Data Model (SPDM). In Proceedings of the IEEE Computer Society Annual Symposium on VLSI (ISVLSI), pages 446–447.
Araujo Rodriguez, L. G. and Batista, D. M. (2021). Towards Improving Fuzzer Efficiency for the MQTT Protocol. In Proceedings of the IEEE Symposium on Computers and Communications (ISCC), pages 1–7.
DMTF (2019a). Management Component Transport Protocol 5 (MCTP) Base Specification. [link]. Acesso em 5/4/2024.
DMTF (2019b). Security Protocol and Data Model (SPDM) over MCTP binding specification. [link]. Acesso em 5/4/2024.
DMTF (2019c). Security Protocol and Data Model (SPDM) Specification. [link]. Acesso em 4/4/2024.
DMTF (2020). Security Protocol and Data Model (SPDM) Specification. [link]. Acesso em 4/4/2024.
DMTF (2023). Security Protocols and Data Models Working Group. [link]. Acesso em 4/4/2024.
DMTF (2024). libspdm is a sample implementation that follows the DMTF SPDM specifications. [link]. Acesso em 4/4/2024.
Hu, X. and Zhou, Y. (2022). Wireshark Packet Dissector for DL/T 860 Protocol. In Proceedings of the 4th International Conference on Electrical Engineering and Control Technologies (CEECT), pages 30–34.
Lucero, M., Parnizari, A., Alberro, L., Castro, A., and Grampín, E. (2021). Routing in Fat Trees: a protocol analyzer for debugging and experimentation. In Proc. of the IFIP/IEEE International Symposium on Integrated Network Management (IM), pages 788–792.
Ryu, J., Kim, A., Essaid, M., and Ju, H. (2022). Development of Wireshark Dissector for Ethereum Node Discovery Protocol/v5. In Proceedings of the 23rd Asia-Pacific Network Operations and Management Symposium (APNOMS), pages 1–4.
The Tcpdump Group (2024). Home — TCPDUMP & LIBPCAP. [link]. Acesso em 4/4/2024.
Velozo, F., Ferreira, T., Pacheco, E., Alves, R., Jr., M. S., Albertini, B., and Batista, D. (2023). Fuzzing para o Protocolo TLS: Estado da Arte e Comparação de Fuzzers Existentes. In Anais Estendidos do XXIII Simpósio Brasileiro de Segurança da Informação e de Sistemas Computacionais (SBSeg), pages 303–308. SBC.
Wireshark (2024a). Contrib - Wireshark Wiki. [link]. Acesso em 4/4/2024.
Wireshark (2024b). Wireshark · Go Deep. [link]. Acesso em 4/4/2024.
Araujo Rodriguez, L. G. and Batista, D. M. (2021). Towards Improving Fuzzer Efficiency for the MQTT Protocol. In Proceedings of the IEEE Symposium on Computers and Communications (ISCC), pages 1–7.
DMTF (2019a). Management Component Transport Protocol 5 (MCTP) Base Specification. [link]. Acesso em 5/4/2024.
DMTF (2019b). Security Protocol and Data Model (SPDM) over MCTP binding specification. [link]. Acesso em 5/4/2024.
DMTF (2019c). Security Protocol and Data Model (SPDM) Specification. [link]. Acesso em 4/4/2024.
DMTF (2020). Security Protocol and Data Model (SPDM) Specification. [link]. Acesso em 4/4/2024.
DMTF (2023). Security Protocols and Data Models Working Group. [link]. Acesso em 4/4/2024.
DMTF (2024). libspdm is a sample implementation that follows the DMTF SPDM specifications. [link]. Acesso em 4/4/2024.
Hu, X. and Zhou, Y. (2022). Wireshark Packet Dissector for DL/T 860 Protocol. In Proceedings of the 4th International Conference on Electrical Engineering and Control Technologies (CEECT), pages 30–34.
Lucero, M., Parnizari, A., Alberro, L., Castro, A., and Grampín, E. (2021). Routing in Fat Trees: a protocol analyzer for debugging and experimentation. In Proc. of the IFIP/IEEE International Symposium on Integrated Network Management (IM), pages 788–792.
Ryu, J., Kim, A., Essaid, M., and Ju, H. (2022). Development of Wireshark Dissector for Ethereum Node Discovery Protocol/v5. In Proceedings of the 23rd Asia-Pacific Network Operations and Management Symposium (APNOMS), pages 1–4.
The Tcpdump Group (2024). Home — TCPDUMP & LIBPCAP. [link]. Acesso em 4/4/2024.
Velozo, F., Ferreira, T., Pacheco, E., Alves, R., Jr., M. S., Albertini, B., and Batista, D. (2023). Fuzzing para o Protocolo TLS: Estado da Arte e Comparação de Fuzzers Existentes. In Anais Estendidos do XXIII Simpósio Brasileiro de Segurança da Informação e de Sistemas Computacionais (SBSeg), pages 303–308. SBC.
Wireshark (2024a). Contrib - Wireshark Wiki. [link]. Acesso em 4/4/2024.
Wireshark (2024b). Wireshark · Go Deep. [link]. Acesso em 4/4/2024.
Published
2024-05-20
How to Cite
FERREIRA, Thiago D.; FREITAS, Ágatha de; ALVES, Renan C. A.; ALBERTINI, Bruno C.; SIMPLICIO JR., Marcos A.; BATISTA, Daniel M..
SPDM-WiD: A Tool for Inspecting Security Protocol Data Model (SPDM) Packets. In: DEMO SESSION - BRAZILIAN SYMPOSIUM ON COMPUTER NETWORKS AND DISTRIBUTED SYSTEMS (SBRC), 42. , 2024, Niterói/RJ.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2024
.
p. 49-56.
ISSN 2177-9384.
DOI: https://doi.org/10.5753/sbrc_estendido.2024.3175.
