Expertise & Past Work

I provide specialist support for organisations developing products that require FIPS 140‑3 or related security certifications. My work spans hardware, firmware and software cryptographic modules across a wide range of industries.

Areas of Expertise

• FIPS 140‑3 preparation and documentation
• Module boundary definition and security level selection
• Entropy source and DRBG analysis
• Algorithm compliance and design review
• Finite State Model development
• Self‑test and integrity mechanism design
• Operational environment and platform considerations
• Readiness assessments before lab engagement
• Liaison with accredited test laboratories

Industry Experience

I have supported clients in sectors including:

• Telecommunications and network infrastructure
• Embedded systems and industrial platforms
• Network security appliances
• Hardware security modules (HSMs)
• Software cryptographic libraries
• IoT and edge devices

Typical Engagements

Examples of the types of work I undertake include:

• Preparing complete FIPS 140‑3 documentation packages
• Reviewing entropy sources and producing supporting analysis
• Advising engineering teams on compliant module design
• Supporting transitions from FIPS 140‑2 to FIPS 140‑3
• Working with labs during testing and CMVP review
• Providing targeted guidance on specific problem areas

Approach

My approach is practical, standards‑driven and focused on helping engineering teams deliver compliant, testable designs. I aim to reduce uncertainty, streamline preparation and ensure that documentation and design choices align with current CMVP expectations.

Get in Touch

If you would like to discuss how I can support your project, you can reach me at contact@rycombe.com.