What is SPDM?

The Trust Foundation for Disaggregated, Rack-Scale Datacenters

AI datacenters are undergoing a fundamental architectural shift. What were once tightly integrated servers are now modular, disaggregated systems where racks, not servers, are the unit of deployment. Datacenter infrastructure such as compute, networking, management, power, and cooling is sourced independently and managed across a distributed control plane.

In this environment, trust can no longer be established at boot and assumed thereafter. Secure trust must be continuously verified across the full system lifecycle. SPDM is a protocol that makes this possible. It is a transport-agnostic protocol that provides a common, interoperable mechanism for hardware-based attestation, identity authentication, and secure session establishment. This enables modern datacenters to operate using verify-before-trust principles at rack and fleet scale.

Why SPDM Is Critical for Modern AI Infrastructure

Disaggregation delivers flexibility and speed, but it also introduces significant new risks. Modular systems increase the number of vendors, firmware images, management interfaces, and update paths that must be trusted. As manageability expands beyond the host CPU to board-level, rack-level, and satellite controllers, the control plane becomes the primary attack surface.

SPDM addresses this challenge by replacing implicit trust with explicit, cryptographically verified trust. Before a device can participate in management, telemetry, or privileged control functions, it must prove its identity and integrity. This shift transforms security from a static feature into an operational workflow, allowing platforms to safely scale complex, multi-vendor AI infrastructure without sacrificing predictability or uptime. As a result, attestation enabled by SPDM has become a purchasing requirement for modular servers and racks used by hyperscalers.

What SPDM Does and the Benefits It Delivers

SPDM defines standardized methods for discovering devices, authenticating identity, collecting integrity measurements, and establishing encrypted communication sessions on a continuous basis. These capabilities give datacenter operators a reliable way to determine whether a device should be trusted, and what it is allowed to do, before granting access to keys, management interfaces, or control functions.

The benefits of SPDM extend beyond initial security. By standardizing trust establishment across vendors and device types, SPDM reduces integration complexity, lowers deployment risk, and enables policy-driven automation at fleet scale. Operators gain safer updates, trusted telemetry, and deterministic control behavior across heterogeneous environments. Most importantly, SPDM enables Zero Trust architectures that are practical to deploy and operate, rather than theoretical overlays that fail at real-world scale.

SPDM at Rack Scale: From Server Security to Datacenter Zero Trust

In rack-centric architectures, trust is no longer a server-local decision. It is a platform-level decision. Every module in the rack, from accelerators and networking cards to management controllers and infrastructure endpoints, contributes to system risk.

SPDM enables attestation across all these components, allowing the rack to function as a coordinated, trusted system, rather than a collection of independently secured devices. Trust moves beyond boot-time checks and becomes a continuous, lifecycle-wide process. This approach supports safe operation, maintenance, and upgrades across compute, networking, storage, and infrastructure layers. This evolution is essential for operating high-density, liquid-cooled AI racks at scale.

How Lattice FPGAs Make SPDM Operational and Scalable

Making this continuous, rack-wide trust model practical requires a hardware foundation that can enforce SPDM consistently and independently at scale. Lattice FPGAs are ideally suited for this purpose.

• Lattice security FPGAs are designed to serve as a root of trust among devices. This hardware-rooted approach reduces attack surface, improves system resilience, and enables customers to scale attestation without introducing unpredictable software dependencies.
• Lattice FPGAs operate as an always-on, low power secure control plane that is independent of host CPUs. This allows attestation and policy enforcement to occur outside the host, even if higher-level software or firmware is compromised.
• Lattice FPGAs can implement SPDM at scale to provide the trusted silicon foundation that makes SPDM practical in real, disaggregated datacenter architectures.
• Lattice FPGAs can function as SPDM requesters or responders and establish trust for devices that cannot support the SPDM protocol natively.
• By implementing SPDM in deterministic hardware, Lattice FPGAs ensure consistent behavior, low latency, and reliable enforcement of verify-before-trust workflows across servers and racks.

Enabling Secure Lifecycle Actions With SPDM, PLDM, MCTP, and DICE

SPDM is most powerful when combined with complementary standards that enable action after trust is established. Lattice FPGAs support the full, standards‑based attestation and management stack. SPDM establishes trust and secure sessions with the following platform security and manageability protocols:

• Platform Level Data Model (PLDM) uses those secure sessions to perform platform-level actions such as firmware updates and lifecycle management.
• Management Component Transport Protocol (MCTP) provides a flexible transport layer across I2C, I3C, USB, and other physical interfaces.
• Device Identifier Composition Engine (DICE) anchors identities and measurements in immutable hardware state, ensuring trust signals remain reliable across the system lifecycle.

Together, these technologies, supported by Lattice FPGAs, enable secure updates, trusted telemetry, and deterministic management actions at rack and datacenter scale. Enforcement is handled by hardware rather than assumed by software.

Lattice FPGAs Provide Post-quantum Ready Trust for Future-proof Infrastructure

AI datacenter infrastructure is deployed for many years, while cryptographic requirements continue to evolve under increasing regulatory and geopolitical pressure. SPDM provides a natural foundation for crypto agility, but only when paired with hardware capable of supporting evolving cryptographic standards, including classical and post-quantum cryptography.

Lattice integrates CNSA 2.0-aligned, post-quantum ready cryptography directly into its Root of Trust and SPDM 1.4 implementations. This hybrid approach allows customers to deploy systems today while remaining prepared for future cryptographic transitions without redesigning platforms or breaking interoperability.