According to HSM2 specification it uses a BSI TR-03110 protocol to secure data channel.
Do you know any results regarding it’s security analysis?
For example for a JavaCard SCP02 and SCP03 there is some research done:
Cryptanalysis of GlobalPlatform Secure Channel Protocols
It indicates SCP02 is not secure enough and SCP03 shall be used instead.