Electronic modules often store highly sensitive information. For example, communication devices can store cryptographic keys, handhelds can store passwords and records, and embedded systems can hold sensitive algorithms or information in memory. These devices can easily fall into the wrong hands.
It is conceivable that an attack on a device or installation to obtain information may be mounted in several stages, including but not limited to: 1. Removal of covers or covers and any encapsulant; 2. Identification of the location and function of security sensors; 3. Bypassing of sensors to allow access to the next layer of protection; and so on.
Higher levels of FIPS-140 security requires not just certified cryptography but also physical protection which is needed to protect against someone tampering with, or reverse engineering the security or possibly getting access to information that is to be protected.