The u.trust GP HSM Se‑Series is a next‑generation, high‑performance Hardware Security Module designed to serve as a scalable and crypto‑agile root of trust for a wide range of applications, combining secure hardware with the SecurityServer firmware that powers all cryptographic operations. The HSM hardware—available as PCIe modules or LAN appliances—provides tamper‑resistant protection, FIPS 140‑2 Level 3 certification, high throughput (up to 40,000 RSA‑2048 signatures per second), and support for up to 31 isolated containers to enable true multi‑tenancy. This hardware foundation works in tandem with SecurityServer, which is the secure firmware layer that runs inside the HSM. While the hardware ensures physical and cryptographic robustness, SecurityServer provides the operational environment, including cryptographic APIs (such as PKCS#11), key management, policy enforcement, and the execution framework for custom extensions via an SDK. In essence, the Se‑Series is the physical trusted platform, and SecurityServer is the secure operating layer enabling cryptographic functionality. Together, they provide a flexible, scalable, and future‑proof solution with support for custom algorithms, application separation through containerization, and readiness for post‑quantum cryptography.
