HSM Status Values

Each HSM administrative slot shown in a LunaCM slot listing includes an HSM status. Here are the possible values and what they mean, and what is required to recover from each one. In LunaSH, this information is displayed under HSM Details by running hsm show.

Indicated Status of HSM Meaning Recovery
OK The HSM is in a good state, working properly.
n/a  
Zeroized The HSM is in zeroized state. All objects and roles are unusable. HSM initialization is required before the HSM can be used again. "Hard init" - HSM SO and domain are gone, no authentication required. (see Note1)
Decommissioned The HSM has been decommissioned.  
HSM initialization is required before the HSM can be used again. "Hard init" - HSM SO and domain are gone, no authentication required. (see Note1)
Transport Mode The HSM is in Secure Transport Mode.   STM must be disabled before the HSM can be used.
Transport Mode, zeroized The HSM is in Secure Transport Mode, and is also zeroized. STM must be disabled, and then HSM initialization is required before the HSM can be used. 
Transport Mode, Decommissioned The HSM is in Secure Transport Mode, and has been decommissioned.   STM must be disabled, and then HSM initialization is required before the HSM can be used. 
Hardware Tamper The HSM has been tampered. (MTK is destroyed and must be rebuilt from recovery vectors.)   Reboot the host or restart the HSM. The event is logged 
Hardware Tamper, Zeroized The HSM has been tampered. (MTK is destroyed and must be rebuilt from recovery vectors.)
The HSM is also in zeroized state. All objects and roles are unusable.  

Reboot the host or restart the HSM. The event is logged.

HSM initialization is required before the HSM can be used again. HSM SO and domain are gone, no authentication required. (see Note1) 

HSM Tamper, Decommissioned The HSM has been tampered. (MTK is destroyed and must be rebuilt from recovery vectors.)  
The HSM has also been decommissioned.   

Reboot the host or restart the HSM. The event is logged.

HSM initialization is required before the HSM can be used again. HSM SO and domain are gone, no authentication required. (see Note1)

NOTE1: A condition, not reported above, preserves the HSM SO and the associated Domain, while SO objects and all application partitions and contents are destroyed. In this case, HSM SO login is required to perform a "soft init". See Initializing the HSM for more information.

For a comparison of various destruction or denial actions on the HSM, see Comparison of Destruction/Denial Actions.