Hi NXP team, I'm going to develop a USB dongle with SE050F + some MCU.
One reason I chose SE050F is that it's FIPS140-2 compliant. I'm not familiar with the FIPS qualification.
Could you help explain what other work I need to do to make this whole USB dongle FIPS 140-2 compliant?
I may also build some software tools on PC to work with this USB dongle. Do I need to qualify the software tool as well?
Thanks a lot and look forward to your reply.
Thanks a lot Kan. This is helpful.
May I know what's the FIPS 140-3 element under certifying?
Hi @JimLin2023 ,
Actually it depends on what you want to achieve – everybody can say they implemented something FIPS140-2 compliant – e.g. via using certified components. Still the certification boundary is then the lower layer component and not the whole device. If you need to claim a certification of the device you still need to certify the solution – which shall be much easier when using FIPS certified components. Please note that SE050 is certified to FISP140-2 and you cannot certify the version 2 anymore as the standard evolved to version 3. We have a FIPS140-3 secure element in certification process, but this is still not completed by NIST.
Hope that makes sense,
Have a great day,
Kan
-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------