Quality requires transparency BUT Host Security Modules require secrecy

Transparency means it is possible to visibly demonstrate every step of the process.

It is possible to solve this dilemma if we realize that HSM usage can be divided into two phases:

Research and Development (Transparent) – Production (Secret)

This can be achieved if we implement the following usage scenario:

HSM Emulator for Research and Development AND the real HSM for Production

HSM Specification is verifiably correct since iterative development is possible

HSM can be thoroughly tested by parallel running with the Emulator

Application code can be tested as soon as it is written

HSM specification is 100% correct first time, no misunderstandings no delays

HSM firmware coding is normally in C, so the emulator code is in C; there is virtually no effort for the firmware developers, so there is a faster turnaround

HSM Test is very fast because it can be fully automated

HSMs are not available to the test teams, so no master keys compromised

You know that it will be right first time because you can prototype

Emulation of a variety of HSMs and Firmware, this can be switched by console command.

Range of Standard Host and Console Commands available

Bespoke commands can be implemented in days

Host Interfaces. Multithreaded IP (TCP & UDP) and $RECEIVE available

Loadable Master Key and HSM Configuration Files

Large Cryptographic Library

Full Cryptographic Trace available as standard, with tools for real time capture.

Console Terminal Emulator Programs for: UDP/IP and $RECEIVE.

Host Command Scripted Driver Programs for: TCP/IP and $RECEIVE