Adopts ISO/IEC 19790:2006 to provide informative security practitioner with four increasing, qualitative levels of security requirements intended to cover a wide range of potential applications and environments. The security requirements cover cryptographic module ports and interfaces; roles, services, and authentication; finite state model; physical security; operation environment; cryptographic key management; self-tests; design assurance; and mitigation of other attacks.