Abstract

Zynq UltraScale+ MPSoC: A FIPS 140-3 Primer (WP543)

Document ID
WP543
Release Date
2024-08-28
Revision
1.0.1 English

The high level of integration, hardware and software programmability, wide range of built-in security features, and extensive supporting documentation make the AMD Zynq™ UltraScale+™ MPSoC ideal for use in cryptographic modules that are certified under the FIPS 140-3 security standard.

In 2019, the Secretary of Commerce approved Federal Information Processing Standards Publication (FIPS) 140-3 Security Requirements for Cryptographic Modules. FIPS 140-3 supersedes FIPS 140-2 and is the new gold standard for products that employ cryptography to protect sensitive but unclassified information. Examples of sensitive information are financial and health records. The transition to the new standard has started and in 2026, the National Institute of Standards and Technology (NIST) will require cryptographic products purchased by federal agencies to be FIPS 140-3 certified. Two programs used in FIPS 140-3 validation are the Cryptographic Module Validation Program (CMVP) and the Cryptographic Algorithm Validation Program (CAVP). Developing a FIPS 140-3 certified product requires that an original equipment manufacturer (OEM) use an independent test lab for CMVP and CAVP certification. This white paper is a primer on the FIPS 140-3 certification of a product that uses Zynq UltraScale+ MPSoCs.