HSM Status Values
Each HSM administrative slot shown in a LunaCM slot listing includes an HSM status. Here are the possible values and what they mean, and what is required to recover from each one.
Indicated Status of HSM | Meaning | Recovery |
---|---|---|
OK | The HSM is in a good state, working properly. |
n/a |
Zeroized | The HSM is in zeroized state. All objects and roles are unusable. | HSM initialization is required before the HSM can be used again. "Hard init" - HSM SO and domain are gone, no authentication required. (see Note1) |
Decommissioned | The HSM has been decommissioned. |
HSM initialization is required before the HSM can be used again. "Hard init" - HSM SO and domain are gone, no authentication required. (see Note1) |
Transport Mode | The HSM is in Secure Transport Mode. | STM must be disabled before the HSM can be used. |
Transport Mode, zeroized | The HSM is in Secure Transport Mode, and is also zeroized. | STM must be disabled, and then HSM initialization is required before the HSM can be used. |
Transport Mode, Decommissioned | The HSM is in Secure Transport Mode, and has been decommissioned. | STM must be disabled, and then HSM initialization is required before the HSM can be used. |
Hardware Tamper | The HSM has been tampered. (MTK is destroyed and must be rebuilt from recovery vectors.) | Reboot the host or restart the HSM. The event is logged |
Hardware Tamper, Zeroized | The HSM has been tampered. (MTK is destroyed and must be rebuilt from recovery vectors.) The HSM is also in zeroized state. All objects and roles are unusable. |
Reboot the host or restart the HSM. The event is logged. HSM initialization is required before the HSM can be used again. HSM SO and domain are gone, no authentication required. (see Note1) |
HSM Tamper, Decommissioned | The HSM has been tampered. (MTK is destroyed and must be rebuilt from recovery vectors.) The HSM has also been decommissioned. |
Reboot the host or restart the HSM. The event is logged. HSM initialization is required before the HSM can be used again. HSM SO and domain are gone, no authentication required. (see Note1) |
NOTE1: A condition, not reported above, preserves the HSM SO and the associated Domain, while SO objects and all application partitions and contents are destroyed. In this case, HSM SO login is required to perform a "soft init". See Initializing the Luna USB HSM 7 for more information. |