FIPS 140-2

Federal Information Processing Standard


FIPS 140-2 is the de-facto standard to certify cryptography implemented in ICT products. This certification is “table stakes” to sell into most US Federal accounts. FIPS 140-2 has also proliferated into other verticals, like healthcare (HIPAA) and the financial industry. Over the last few years, FIPS 140-2 validations have become complicated and convoluted. You need an experienced laboratory in order to ensure a successful validation. This is where Acumen’s experience and the process driven approach helps. We engage early, and adopt risk mitigating processes where by non-compliance is identified early on, fixes are discussed and planned, testing methodology is defined in advance to allow your test teams to plan accordingly and schedule is tracked religiously to ensure our progress is in step with your development and test plans.

Service Offerings:

  • Gap Analysis and Strategy Workshop
  • Design Consulting
  • Documentation Development
  • Evaluation Services
  • Post-Certification Support


Algorithm testing is an important step of the FIPS module validation process. While it is the most objective part of the validation process, it does require specialized tools and skills to execute. Acumen has developed an algorithm testing tool that makes it easy to perform these tests. Our test harness is designed to support and interface with a wide variety of product types and we are confident we can test pretty much any product you send our way.