diff --git a/project/ble_peripheral/ble_app_bladder_patch/system/security/ble_quick_security.c b/project/ble_peripheral/ble_app_bladder_patch/system/security/ble_quick_security.c
index 07ed623..9eed181 100644
--- a/project/ble_peripheral/ble_app_bladder_patch/system/security/ble_quick_security.c
+++ b/project/ble_peripheral/ble_app_bladder_patch/system/security/ble_quick_security.c
@@ -20,6 +20,22 @@ static struct {
     bool bonds_delete_pending;
 } m_state = {0};
 
+static const char * sec_error_name(pm_sec_error_code_t error)
+{
+    switch (error) {
+        case PM_CONN_SEC_ERROR_PIN_OR_KEY_MISSING:
+            return "PIN_OR_KEY_MISSING";
+        case PM_CONN_SEC_ERROR_MIC_FAILURE:
+            return "MIC_FAILURE";
+        case PM_CONN_SEC_ERROR_DISCONNECT:
+            return "DISCONNECT";
+        case PM_CONN_SEC_ERROR_SMP_TIMEOUT:
+            return "SMP_TIMEOUT";
+        default:
+            return "UNKNOWN";
+    }
+}
+
 /**
  * @brief Initialize BLE security
  */
@@ -102,8 +118,9 @@ void ble_security_quick_pm_handler(pm_evt_t const *p_evt)
     
     // DEV mode: do not forward security failure events to SDK handler (prevent disconnect)
     if (m_state.dev_mode && p_evt->evt_id == PM_EVT_CONN_SEC_FAILED) {
-        DBG_PRINTF("Security failed: error=%d\r\n",
-                  p_evt->params.conn_sec_failed.error);
+        DBG_PRINTF("Security failed: error=%d (%s)\r\n",
+                  p_evt->params.conn_sec_failed.error,
+                  sec_error_name(p_evt->params.conn_sec_failed.error));
         DBG_PRINTF("DEV: Ignoring sec failure, keeping connection\r\n");
         return;
     }
@@ -129,8 +146,9 @@ void ble_security_quick_pm_handler(pm_evt_t const *p_evt)
             break;
 
         case PM_EVT_CONN_SEC_FAILED:
-            DBG_PRINTF("Security failed: error=%d\r\n",
-                      p_evt->params.conn_sec_failed.error);
+            DBG_PRINTF("Security failed: error=%d (%s)\r\n",
+                      p_evt->params.conn_sec_failed.error,
+                      sec_error_name(p_evt->params.conn_sec_failed.error));
 
             if (m_state.dev_mode) {
                 // DEV mode: ignore security failure, keep connection
@@ -138,6 +156,20 @@ void ble_security_quick_pm_handler(pm_evt_t const *p_evt)
                 break;
             }
 
+            if (p_evt->params.conn_sec_failed.error == PM_CONN_SEC_ERROR_DISCONNECT) {
+                // The peer/link already disconnected before security finished.
+                // There is no live connection to repair; BLE_GAP_EVT_DISCONNECTED
+                // will restart advertising.
+                DBG_PRINTF("Security ended by disconnect; waiting for reconnect\r\n");
+                break;
+            }
+
+            if (p_evt->params.conn_sec_failed.error == PM_CONN_SEC_ERROR_SMP_TIMEOUT) {
+                // The SDK cannot start another SMP procedure on this link.
+                pm_handler_disconnect_on_sec_failure(p_evt);
+                break;
+            }
+
             if (p_evt->params.conn_sec_failed.error == PM_CONN_SEC_ERROR_PIN_OR_KEY_MISSING) {
                 // Key missing: attempt re-pairing, fall back to disconnect on failure
                 err_code = pm_conn_secure(p_evt->conn_handle, true);