STMicroelectronics has announced that its STSAFE-TPM Trusted Platform Module (TPM) has achieved FIPS 140-3 certification, making it one of the first standardized cryptographic modules on the market to receive this certification.
The newly certified TPM platforms, including ST33KTPM2X, ST33KTPM2XSPI, ST33KTPM2XI2C, ST33KTPM2I, and ST33KTPM2A, provide encryption asset protection to meet security and regulatory requirements for critical information systems. These modules target applications such as PCs, servers, connected IoT devices, and high-security medical equipment and infrastructure. The ST33KTPM2I is specifically designed for long-lifecycle industrial systems, while the ST33KTPM2A, branded as STSAFE-V100-TPM, features AEC-Q100 automotive-grade certification.
FIPS 140-3 is the latest version of the Federal Information Processing Standards (FIPS) cryptographic module specification, replacing FIPS 140-2. Laurent Degauque, Director of Security and Connectivity Marketing at STMicroelectronics, noted, “All FIPS 140-2 certifications will expire in September 2026. Our TPM is already FIPS 140-3 certified, enabling it to be used in new product designs, allowing customers to develop secure, interoperable devices and extend the lifespan of their products and certificates.”
The STSAFE-TPM products support use cases such as secure boot, remote/anonymous authentication, and secure storage with an expanded 200kB of user memory. Each product also supports secure firmware updates, enabling the addition of new cryptographic algorithms, such as post-quantum cryptography (PQC), ensuring encryption technology remains cutting-edge.
STSAFE-TPM modules comply with several industry security standards, including the Trusted Computing Group (TCG) TPM 2.0, Common Criteria EAL4+ (having passed the most stringent vulnerability analysis, AVA_VAN.5), and now FIPS 140-3 Level 1 and Physical Security Level 3 certifications. They offer standardized cryptographic services as defined by TCG, supporting up to 384-bit ECDSA and ECDH encryption algorithms, up to 4096-bit RSA encryption (including key generation), up to 256-bit AES algorithms, and SHA1, SHA2, and SHA3 algorithms, all compatible with FIPS 140-3 certified software stacks.
STMicroelectronics also provides configuration services to load device keys and certificates, reducing total solution cost and time to market while ensuring supply chain security.
