The Federal Information Processing Standard, FIPS 140, is an umbrella regulation, defining several levels of system-level certification. For systems vendors, the most important certifications are defined by the Cryptographic Module Validation Program (CMVP). Modules (or whole systems when those systems are smaller) are certified as a combination of specific hardware and software that defines a cryptographic boundary. The degree to which the module protects secrets within its cryptographic boundary against hardware and software attacks determines whether the certification is achieved at level 1, 2, 3 or 4.
NXP embedded processors are not cryptographic modules in the NIST definition, as they cannot function until they are combined with other components and software. As a result, the certification of ‘cryptographic correctness’ is performed at the algorithm level through NIST’s Cryptographic Algorithm Validation Program (CAVP). Testing is conducted at NIST authorized 3rd party labs, and certificates are posted on the NIST website.
Nearly all PowerQUICC, QorIQ, Qonverge, and C29x products with crypto acceleration contain certified implementations. See FSLNISTCAVP for a
complete list of certificates and associated devices.