I've been thinking about whether the 2013 Mac Pro's Ivy Bridge CPU might be different from the others in some way... and it turns out, it is! CVE-2020-0543 (SRBDS) affects most Ivy Bridge CPUs, but not the Xeon E5 series used by the 2013 Mac Pro. For this CVE, Intel provided microcode updates for Haswell and later, but not Ivy Bridge.
Perhaps Apple doesn't want to officially support Macs that have Intel CPU flaws which (more or less) cannot be mitigated. For all I know (since I'm not a lawyer), this could be some legally driven thing. By the way, this would also explain why Apple decided not to officially support Catalina on the 2012 Mac Pro. In that case, the vulnerability was Microarchitectural Data Sampling (MDS).
This still doesn't explain the Late 2013 iMacs, but with that one exception, Apple's choice of models they're supporting in Big Sur now appears to me to be logically consistent and not arbitrary. The goal seems to me to be: avoid supporting Mac models with known unmitigated Intel CPU flaws in any new macOS release. (I almost wrote "support all Macs without known unmitigated Intel CPU flaws as of the OS's release date" but in reality it's probably a little more complicated than that, even if that is basically the result in the end.)