Notes on certifications
If you are concerned about the validation of certifications for products Dinamo, this page has some information that may be useful for your decision and planning.
Context
Dinamo HSMs are certified under the ICP-Br MCT-7 and FIPS 140-2 standards. The validation process with these standards is time-consuming and expensive, so we tend to ship our products with some periodicity according to the expiration date of each standard.
The validated unit is the equipment (hardware and firmware) on a self-contained border.
You can check the portal for each standard or contact Dinamo to check the latest status of any of our products.
HSMs currently have three operating modes: Non-Restricted(NRM), Restricted 1(RM1) and Restricted 2(RM2). The RM1 operating mode follows all the security directives and restrictions related to the ITI MCT-7 and NIST FIPS 140-2 L3 standards. The RM2 operating mode follows all the security directives and restrictions related to the NIST FIPS 140-2 L3 standard. In NRM mode, the HSM enables certain algorithms and functionalities not provided for in the standards relating to restricted modes.
Commitment Relationship
As a general practice, when a product receives one of the certifications and our customers invest in that version of the product, we try to continue supporting that version even as the state of the art advances. Thus, as the HSM Dinamo product line is improved (newer versions of software and firmware are continually being released), it is our general practice to make the frozen version available for as long as possible to customers who wish to use exactly the certified version; and to offer the latest versions to customers who do not require strict compliance with the certification.
To communicate and integrate with the HSM, Dinamo provides a set of interfaces. These are APIs and libraries that are not part of the scope of the FIPS and ICP-Br standards, but are necessary for you to be able to use the HSM in your applications. These libraries and APIs are commonly referred to as client software.
The release of new client software versions has no impact on existing firmware versions, as we strive to maintain backward compatibility between client software and firmware versions. However, some of the new features and functionalities being implemented in the client software may depend on new firmware versions. Updating the client software without updating the firmware has no impact on the current environment, but may mean that some new features in the client software are not available until the firmware is also updated.
It is therefore clear that if you need to maintain strict compliance with the certified versions, you will not be able to take advantage of any fix or functional improvement that has a firmware component, since it is the combination of hardware and firmware that is evaluated.
Newer product features that depend on the latest firmware cannot be accessed without updating it, which would invalidate the HSM 's strict compliance with the requirements of the standards - it would no longer be the exact certified version. One example is when new encryption algorithms are added, they are implemented in the firmware. The client software may allow you to request the new algorithm, but if you keep an older firmware that doesn't implement it, the response would naturally be an error message, such as invalid algorithm.
NOTE: Because of the way certification standards work, a product must leave our factory with the certified firmware version. If you already have a Dinamo device with the appropriate hardware, you can't simply apply an update and achieve compliance with the standard. Naturally, any competing product faces the same restrictions.
What are the options?
If you absolutely need certified equipment, because your organization's rules require it or because your customers demand it, you must use a certified firmware version.
If you simply prefer the peace of mind associated with impartial third-party confirmation that we meet certain rigorous standards with our product - but also demand the latest features or algorithms, consider the following possibility: you can accept that there is some halo effect associated with all our equipment and firmware versions, because we follow the same procedures in our design, testing, supply, manufacturing and other forms of handling.
In other words, we believe that any version of the products we manufacture will meet the standards if sent for validation.