The present disclosure relates to system updates to computing systems, including hardware security modules (HSMs), and more specifically, to controlling application of such updates via a security structure which contains segments identifying revoked updates.
HSMs, such as secure cards or cryptographic cards come in a variety of form factors (e.g., Peripheral Component Interconnect Express (PCIe) cards, external devices). These HSMs are self-contained physical computing systems which can securely process data and cryptographic functions for data encryption and digital signing, secure storage of signing keys, or custom cryptographic applications. These custom cryptographic applications may include financial applications (such as blockchain), Public Key Infrastructure applications, smart card applications, and/or custom proprietary solutions. Features of such HSMs include the ability to remain secure from both physical and logical attacks to continue operating as intended, without unauthorized modification.