{"id":"https://openalex.org/W7160858182","doi":"https://doi.org/10.48550/arxiv.2605.06744","title":"A UEFI System with SPDM to Protect Against Unauthorized Device Connections","display_name":"A UEFI System with SPDM to Protect Against Unauthorized Device Connections","publication_year":2026,"publication_date":"2026-05-07","ids":{"openalex":"https://openalex.org/W7160858182","doi":"https://doi.org/10.48550/arxiv.2605.06744"},"language":null,"primary_location":{"id":"doi:10.48550/arxiv.2605.06744","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2605.06744","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},"type":"preprint","indexed_in":["datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://doi.org/10.48550/arxiv.2605.06744","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5135900888","display_name":"\u00c1gatha de Freitas","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"de Freitas, \u00c1gatha","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5135836943","display_name":"Marcos A. Simplicio","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Simplicio, Marcos A.","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5135858372","display_name":"Bruno C. Albertini","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Albertini, Bruno C.","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"last","author":{"id":"https://openalex.org/A5135840136","display_name":"Renan C. A. Alves","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Alves, Renan C. A.","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":4,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.8321999907493591,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.8321999907493591,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10951","display_name":"Cryptographic Implementations and Security","score":0.04610000178217888,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.026499999687075615,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/emulation","display_name":"Emulation","score":0.6581000089645386},{"id":"https://openalex.org/keywords/virtualization","display_name":"Virtualization","score":0.5907999873161316},{"id":"https://openalex.org/keywords/trusted-computing-base","display_name":"Trusted computing base","score":0.5856000185012817},{"id":"https://openalex.org/keywords/pci-express","display_name":"PCI Express","score":0.565500020980835},{"id":"https://openalex.org/keywords/firmware","display_name":"Firmware","score":0.5435000061988831},{"id":"https://openalex.org/keywords/overhead","display_name":"Overhead (engineering)","score":0.4912000000476837},{"id":"https://openalex.org/keywords/leverage","display_name":"Leverage (statistics)","score":0.4659999907016754},{"id":"https://openalex.org/keywords/rootkit","display_name":"Rootkit","score":0.4413999915122986},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.43130001425743103}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7904999852180481},{"id":"https://openalex.org/C149810388","wikidata":"https://www.wikidata.org/wiki/Q5374873","display_name":"Emulation","level":2,"score":0.6581000089645386},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.6381000280380249},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.614799976348877},{"id":"https://openalex.org/C513985346","wikidata":"https://www.wikidata.org/wiki/Q270471","display_name":"Virtualization","level":3,"score":0.5907999873161316},{"id":"https://openalex.org/C147346212","wikidata":"https://www.wikidata.org/wiki/Q5492632","display_name":"Trusted computing base","level":4,"score":0.5856000185012817},{"id":"https://openalex.org/C64270927","wikidata":"https://www.wikidata.org/wiki/Q206924","display_name":"PCI Express","level":3,"score":0.565500020980835},{"id":"https://openalex.org/C67212190","wikidata":"https://www.wikidata.org/wiki/Q104851","display_name":"Firmware","level":2,"score":0.5435000061988831},{"id":"https://openalex.org/C2779960059","wikidata":"https://www.wikidata.org/wiki/Q7113681","display_name":"Overhead (engineering)","level":2,"score":0.4912000000476837},{"id":"https://openalex.org/C153083717","wikidata":"https://www.wikidata.org/wiki/Q6535263","display_name":"Leverage (statistics)","level":2,"score":0.4659999907016754},{"id":"https://openalex.org/C10144332","wikidata":"https://www.wikidata.org/wiki/Q14645","display_name":"Rootkit","level":3,"score":0.4413999915122986},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.43130001425743103},{"id":"https://openalex.org/C2781045450","wikidata":"https://www.wikidata.org/wiki/Q254569","display_name":"Backdoor","level":2,"score":0.4307999908924103},{"id":"https://openalex.org/C2776831232","wikidata":"https://www.wikidata.org/wiki/Q966812","display_name":"Trusted Computing","level":2,"score":0.41179999709129333},{"id":"https://openalex.org/C2780385302","wikidata":"https://www.wikidata.org/wiki/Q367158","display_name":"Protocol (science)","level":3,"score":0.40209999680519104},{"id":"https://openalex.org/C2778579508","wikidata":"https://www.wikidata.org/wiki/Q722192","display_name":"System call","level":2,"score":0.3993000090122223},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3617999851703644},{"id":"https://openalex.org/C553261973","wikidata":"https://www.wikidata.org/wiki/Q14579","display_name":"Linux kernel","level":2,"score":0.36010000109672546},{"id":"https://openalex.org/C507366226","wikidata":"https://www.wikidata.org/wiki/Q42378","display_name":"USB","level":3,"score":0.3287999927997589},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.3172999918460846},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.3165999948978424},{"id":"https://openalex.org/C74193536","wikidata":"https://www.wikidata.org/wiki/Q574844","display_name":"Kernel (algebra)","level":2,"score":0.3091000020503998},{"id":"https://openalex.org/C2777407602","wikidata":"https://www.wikidata.org/wiki/Q1888932","display_name":"Mandatory access control","level":4,"score":0.3000999987125397},{"id":"https://openalex.org/C33884865","wikidata":"https://www.wikidata.org/wiki/Q1254335","display_name":"Cryptographic protocol","level":3,"score":0.2786000072956085},{"id":"https://openalex.org/C193519340","wikidata":"https://www.wikidata.org/wiki/Q891179","display_name":"Data loss","level":2,"score":0.2678999900817871},{"id":"https://openalex.org/C18762648","wikidata":"https://www.wikidata.org/wiki/Q42213","display_name":"Work (physics)","level":2,"score":0.25270000100135803},{"id":"https://openalex.org/C13062989","wikidata":"https://www.wikidata.org/wiki/Q651531","display_name":"Application virtualization","level":5,"score":0.2517000138759613}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.48550/arxiv.2605.06744","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2605.06744","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"doi:10.48550/arxiv.2605.06744","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2605.06744","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},"sustainable_development_goals":[{"score":0.7051571011543274,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"Attackers":[0],"willing":[1],"to":[2,35,48,61,75,91,149],"compromise":[3],"computing":[4],"systems":[5],"can":[6,145],"use":[7],"malicious":[8,84],"peripherals":[9],"as":[10],"an":[11,55],"attack":[12],"vector,":[13],"threatening":[14],"users":[15],"that":[16],"cannot":[17],"verify":[18],"the":[19,29,72,81,93,97,113,118],"hardware's":[20],"authenticity.":[21],"To":[22],"address":[23],"this":[24],"problem,":[25],"our":[26,65,147],"work":[27],"uses":[28],"Security":[30],"Protocol":[31],"and":[32,44,63,101,117,126],"Data":[33],"Model":[34],"propose":[36],"a":[37],"UEFI":[38],"system":[39,82,153],"capable":[40,69],"of":[41,70,99,115,120,137],"authenticating":[42],"PCIe":[43],"USB":[45],"devices":[46],"trying":[47],"connect":[49],"with":[50],"it.":[51],"We":[52],"also":[53],"develop":[54],"open":[56],"source":[57],"proof-of-concept":[58,148],"using":[59,87],"emulation":[60],"evaluate":[62,92],"illustrate":[64],"proposal,":[66],"which":[67],"is":[68,133],"restricting":[71],"devices'":[73],"connections":[74],"only":[76],"those":[77],"allowed,":[78],"thus":[79],"protecting":[80],"against":[83],"peripherals.":[85],"Then,":[86],"kernel":[88],"virtualization":[89],"features":[90],"emulation,":[94],"we":[95],"collect":[96],"number":[98,114,119],"instructions":[100,116],"CPU":[102,121],"cycles":[103,122],"during":[104,110],"boot.":[105],"Our":[106],"experiments":[107],"reveal":[108],"that,":[109],"firmware":[111],"execution,":[112],"increased":[123],"respectively":[124],"13%":[125],"8%":[127],"on":[128,155],"average.":[129],"This":[130],"processing":[131],"overhead":[132],"acceptable":[134],"in":[135],"view":[136],"enhanced":[138],"security.":[139],"Institutions":[140],"requiring":[141],"high":[142],"security":[143],"levels":[144],"leverage":[146],"tailor":[150],"their":[151,156],"own":[152,157],"based":[154],"requirements.":[158]},"counts_by_year":[],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2026-05-12T00:00:00"}