[Blog] Trust Is No Longer Assumed: Why SPDM Is Redefining Secure Infrastructure

Every major shift in datacenter architecture moves certain security capabilities from nice-to-have to non-negotiable. As systems become more disaggregated, platforms more modular, and firmware delivery increasingly network-based, traditional trust assumptions no longer hold.

Hardware is sourced across vendors. Devices are updated and replaced continuously. Systems are expected to evolve over long operational lifetimes rather than remain static. In this environment, trust cannot be assumed at boot and carried forward indefinitely. It must be established and re-verified at every stage, from boot through runtime.

This shift is driving adoption of the Security Protocol and Data Model, or SPDM, from specification to foundational infrastructure requirement. SPDM delivers significant value to platform engineers and security architects through its transport-agnostic design and its decoupling of firmware from hardware-specific security implementations, enabling the design of a unified security architecture across all buses. However, operationalizing SPDM at scale depends on where and how it is implemented within the system architecture.

From Implicit Trust to Provable Trust
Traditional platform security relied on secure boot and firmware protection, assuming that once a device started in a known-good state it could be trusted to operate safely. That approach aligned with monolithic systems and tightly controlled supply chains.

Modern datacenters look very different. Rack‑scale architectures, accelerator‑heavy platforms, and globally sourced components have significantly expanded the attack surface. Devices are added, updated, and replaced continuously, often across multiple vendors and lifecycle stages.

SPDM addresses this shift by replacing implicit trust with explicit, cryptographically verified trust. Devices must prove identity and firmware integrity before participating in management, telemetry, or control functions. To be effective at scale, this verification must be enforced by system components that operate independently of the software they are validating, rather than relying on assumptions embedded in the host environment.

For hyperscalers and large infrastructure operators, this capability has moved from future planning to a present-day requirement.

From Protocol to Prerequisite: The Rise of SPDM
Several security protocols address parts of the device trust problem. PCIe® IDE secures individual links, CXL security operates within a specific interconnect domain, and proprietary attestation schemes exist across vendors.

What sets SPDM apart is scope and standardization. It is the only transport-agnostic, open DMTF standard built to handle both device authentication and firmware measurement across heterogeneous, multi-vendor environments, which is exactly what modern datacenter fleets demand.

Industry frameworks have converged on this. The Open Compute Project's S.A.F.E. (Security Appraisal Framework and Enablement) initiative defines how operators continuously appraise the security posture of infrastructure at fleet scale, and SPDM is the attestation mechanism it relies on. For infrastructure operators, this means SPDM compliance is no longer just a component-level feature; it is a prerequisite for participating in industry-aligned, fleet-scale trust architectures.

The question, then, is not whether to deploy SPDM, but how to anchor it effectively in hardware.

Why Attestation Changes How Systems Operate
SPDM is not limited to compliance or reporting. It directly influences system behavior.

Attestation allows platforms to determine whether a device should be permitted to operate at all. Devices that fail authentication or integrity checks can be isolated before they affect system stability or security. Enforcing these decisions reliably requires an always-on control point that can gate access to privileged functions, even when host software is unavailable or compromised.

SPDM also ensures that management and lifecycle operations occur over authenticated, encrypted channels. Configuration changes, updates, and control actions are permitted only after trust has been verified, rather than relying on administrative credentials alone.

In rack-scale architectures, these trust decisions are no longer isolated to individual devices. SPDM enables platforms to treat the rack as a coordinated system, enforcing verify-before-trust principles consistently across accelerators, controllers, and infrastructure components throughout the system lifecycle.

Where Trust is Anchored Matters
As SPDM adoption increases, architectural questions around trust placement become more important. Some approaches implement attestation primarily in software, layered on general-purpose processors. While functional, this model depends on the environment it is intended to validate.

Anchoring trust in hardware provides stronger isolation and earlier enforcement. Lattice takes this path by embedding SPDM capabilities into programmable, low power FPGAs designed for system control and platform management. Operating as an always-on, hardware-based control plane, these devices establish and enforce trust independently of host CPUs and higher-level software.

Because Lattice FPGAs support both SPDM requester and responder roles, they can not only prove their own integrity but also validate the devices around them. This allows them to establish trust for components that do not natively support SPDM, extending verify-before-trust workflows across mixed and multi-vendor environments. Trust can be extended across servers, subsystems, and racks, rather than stopping at a single component.

Programmable Trust Enables Long-Term System Evolution
Modern infrastructure is designed for long operational lifetimes. Over that time, cryptographic standards, threat models, and regulatory requirements change. Security architectures must account for this reality at the system level rather than treating trust as a fixed, one-time design choice.

Programmable platforms provide a practical way to address this challenge. Lattice solutions are built for crypto agility, with support for hybrid classical and post-quantum approaches and the ability to update security capabilities in the field, including alignment with current SPDM specifications such as SPDM 1.4. These updates preserve deterministic, hardware-enforced behavior while adapting to new requirements.

Post-quantum readiness is a clear example of why this flexibility matters. Infrastructure deployed today will remain operational as quantum-resistant standards are introduced and mandated. Retrofitting trust mechanisms after deployment increases cost and risk. Designing for cryptographic evolution from the outset aligns more closely with how datacenter platforms are deployed and maintained.

SPDM handles authentication and attestation, verifying that devices are what they claim to be and that firmware has not been tampered with. PFR (Platform Firmware Resilience) addresses resilience and recovery – detecting, protecting against, and recovering from firmware attacks. These are separate functions, but together they cover the full security lifecycle of a platform component.

Lattice FPGAs are one of the few hardware platforms that support both natively. By anchoring SPDM-based attestation and PFR-based resilience in the same programmable, always-on silicon, and aligning both with emerging guidance such as CNSA 2.0, Lattice enables a security architecture that is not just verified at boot, but protected and recoverable over the full operational lifetime of the system.

FPGAs Enable Scalable Trusted Infrastructure
Datacenter security is moving toward a new baseline where trust is continuously established, verified, and enforced across the system.

SPDM provides the mechanism. Industry frameworks like OCP S.A.F.E. define the architecture it operates within. Hardware roots of trust determine its effectiveness. Programmable, always-on hardware is what allows that mechanism to scale across real datacenter lifecycles.

By delivering programmable, post‑quantum‑ready trust anchored in silicon, Lattice is helping define what secure, scalable infrastructure looks like in a world where trust must be proven every day, not assumed once.

Contact us to learn more about SPDM-based hardware attestation with Lattice FPGAs, and visit our security solutions page to explore how Lattice enables secure, scalable datacenter control.