Skip to main content

Primus HSM - Firmware Update

Securosys regularly maintains the Primus HSM firmware.

With new versions of the firmware old issues are fixes, new features are rolled out and other adaptations and introduced. To best maintain your Primus HSM, the firmware should be updated whenever possible or necessary.

Firmware update requires SO activation (or Genesis role in factory default state). Primus HSMs come preinstalled with a certain firmware version. It is often beneficial to update the firmware of the HSM before fully setting it up, to take full advantage of new features.

Firmware Update Requirement

Firmware updates require a valid Maintenance & Support (M&S) contract and may be restricted based on the license type.

The zipped firmware update package needs to be downloaded from Securosys Support Portal or firmware repository (see Download). Ensure the firmware has been selected for the correct device series. Before updating, consult the firmware version release notes.

It's possible to load an official firmware release onto the Primus HSM by means of an USB device (or WebDAV storage if configured). The firmware release will be verified by the Primus HSM to ensure its authenticity. If multiple clusters are available (e.g. testing environment), start by applying the firmware update or rollback to a single non-production cluster.

General steps for updating firmware of a HA cluster:

  1. Prepare required material (firmware, Genesis role, min. Security Officers, license, other configuration files you require)
  2. Take a configuration snapshot of Master and Clone devices
  3. License Update (if required)
  4. Update a Clone device
  5. Update the Master device
  6. Update any remaining Clones
  7. License update (required if licensed features are unsupported by the previous firmware)

See Primus HSM User Guide for a best practice step-by-step guide for a HA cluster update.

Firmware Rollback

After an update, the previous firmware version is retained on your device. This allows the HSM to return to a previous firmware version. The SO can perform a rollback without providing the previous firmware on a USB storage device.

Get started withCloudHSM for free.
Other questions?Ask Sales.
Last updated on
Feedback
Need help?