Technical Specification
ISO/IEC TS 20540:2025
Information security, cybersecurity and privacy protection — Testing cryptographic modules in their field
Reference number
ISO/IEC TS 20540:2025
Edition 2
2025-05
© ISO 2025
Technical Specification
Read sample
Published (Edition 2, 2025)

ISO/IEC TS 20540:2025

Language
Format
CHF 177
Convert Swiss francs (CHF) to your currency

Abstract

This document provides recommendations, requirements and checklists which can be used to support the specification and field testing of cryptographic modules in their field within an organization’s security system. The cryptographic modules have an overall security rating commensurate with the four security levels defined in ISO/IEC 19790:2025, to provide for:

     a wide spectrum of data sensitivity (e.g. low-value administrative data, million-dollar funds transfers, life-protecting data, personal identity information, and sensitive information used by government), and

     a diversity of application environments (e.g. a guarded facility, an office, removable media, and a completely unprotected location).

This document is limited to the security related to the cryptographic module. It does not include assessing the security of the field or application environment. It does not define techniques for the identification, assessment and acceptance of the organization’s operational risk.

This document applies to the field testers who perform the field testing for the cryptographic modules in their field and the authorizing officials of cryptographic modules.

General information

  • Status
     : Published
    Publication date
     : 2025-05
    Stage
    : International Standard published [60.60]
  • Edition
     : 2
    Number of pages
     : 44
  • Technical Committee :
    ISO/IEC JTC 1/SC 27
    ICS :
    35.030 
  • RSS updates

Life cycle

Got a question?

Check out our Help and Support

  2. Store
  3. Store
  4. ICS
  5. 35
  6. 35.030
  7. ISO/IEC TS 20540:2025