In modern software based cryptographic modules, zeroisation is made considerably more complex by issues such as virtual memory and compiler optimization (computer science)s.

A commercial cryptographic module is also commonly referred to as a Hardware Security Module.

An example of a Security Level 1 cryptographic module is a personal computer (PC) encryption board.

Security requirements cover 11 areas related to the design and implementation of a cryptographic module.

Within most areas, a cryptographic module receives a security level rating (1-4, from lowest to highest), depending on what requirements are met.

An overall rating is issued for the cryptographic module, which indicates:

If cryptographic modules were to be signed in multiple locations, using multiple keys is a reasonable approach.

User agencies desiring to implement cryptographic modules should confirm that the module they are using is covered by an existing validation certificate.

Level 1 indicates that the cryptographic module supports the lowest level of acceptable security.

Security Level 1 allows the cryptographic module to be executed using an unevaluated operating system.