5.6 Upgrade the HSM Module Firmware

This step shows how to upgrade HSM module firmware (not the SEE Machine firmware). The firmware upgrade might be necessary in the following cases:

  • The HSM module has a firmware revision that is not supported by the FlashProExpress version used (see the M-HSM Release Notes for the supported revisions).
  • The user wants to switch to another revision of Microchip-supported firmware.
  • Microchip issues a security advisory.
Note:

If the M-HSM has any active programming jobs, they are disabled through the firmware upgrade. Also, the firmware upgrade erases NVRAM and any information about module association with the Security World. The following steps show how to upgrade the firmware of the HSM module and restore the HSM module on the M-HSM server:

  1. Read the important notes in section Upgrade HSM Module Firmware regarding the firmware upgrade procedure and firmware revisions compatibilities. If the firmware upgrade is initiated by a Microchip security advisory, the instructions in the advisory shall supersede the instructions in this guide.
  2. Terminate any active job(s) and forward job end certifier to the U-HSM.

    Read important information regarding overbuild protection during HSM module maintenance operations in section Overbuild Protection During Module Maintenance.

  3. Upgrade the HSM module firmware.

    HSM module firmware upgrade instructions are provided in section Upgrade HSM Module Firmware.

  4. Restore the module association with the Security World.

    Follow the instructions provided in section Add the HSM Module to the Security World.

  5. Start the M-HSM server.

    Follow the instructions provided in section Start the M-HSM Server and confirm successful server startup.

  6. Resubmit new programming jobs, if necessary.