Either the power switch is in the off position, or there is no power connected to the FSM. No services are available in this state. This state is available from every other state, and can be entered using the power switch and cycling power.

The FSM's power switch is turned on. No services are available in this state. The FSM automatically transitions to the Power-On Self-Tests state.

The FSM performs a series of self-tests to ensure correct operation; these include a software integrity check, cryptographic known answer tests, and other self-tests described in the Security Policy. If the POSTs are successful, the module continues to boot, and this state automatically transfers to the "No Auth" state. If the POSTs should fail, the module transitions to the "Error" state.

This state represents an error, such as a POST failure or Conditional Self-Test Failure. The FSM halts cryptographic operations and the operator must use any of the 3 possible recovery options:

• Reset the FSM
• Reset the FSM and use the bootloader to select the valid image
• Reset the FSM and use the bootloader to zeroize the system to RMA

The FSM transitions to this state when startup has completed and the module is fully configured for FIPS mode of operation. In this state no User or Crypto Officer is logged in, and the module is in an idle state. The FSM is operational but is not providing security services or performing cryptographic functions. Cryptographic keys and security parameters are loaded, and the FSM is waiting for data or control inputs. The FSM transitions to the User state when a User is successfully authenticated or it transitions to the Crypto Officer state when a Crypto Officer is successfully authenticated.

The FSM transitions into this state when a User authenticates to the module or when an encrypted session has been initiated. After successful login, the User has access to the services defined in the Roles, Services, and Authentication section of the Security Policy.

This state is entered when an operator successfully authenticates as a Crypto Officer. A Crypto Officer may configure the FSM as defined in the Secure Operation section of the Security Policy. A Crypto Officer can re-enter the No Auth state by logging out. The Crypto Officer may return to Power On Self Tests state by rebooting the software. Physically removing power from the module will return it to the Power Off state. The Crypto Officer can transition to the Edit Configuration state to edit the running configuration and manipulate keys.

This state is entered from the Crypto Officer state with various commands to configure the FSM and enter cryptographic keys. Only a Crypto Officer may edit the configuration of the FSM. Once the configuration is complete, the new configurations are effective immediately once the configuration is activated. The FSM returns to the Crypto Officer state when the Crypto Officer has completed configuration.

The FSM is providing services without cryptographic processing (e.g., transferring plaintext calls through the FSM). In this state, the FSM is providing services with non-cryptographic processing (e.g., transferring plaintext through the module). The FSM can transition to a Bypass state when a call is received from an end point configured for non-encrypted calls.