| Standard | FIPS 140-3 |
|---|---|
| Overall level | 1 |
| Module type | Hardware |
| Embodiment | Multi-Chip Embedded |
| Status | Active |
| Sunset date | 9/23/2026 |
| Caveat | Interim validation |
| Vendor | Outset Medical, Inc. |
| Algorithm | ACVP Cert |
|---|---|
| AES-CBC | A2699 |
| AES-CBC | A2701 |
| AES-CCM | A2699 |
| AES-CCM | A2701 |
| AES-CTR | A2699 |
| AES-CTR | A2701 |
| AES-GCM | A2699 |
| AES-GCM | A2701 |
| Counter DRBG | A2699 |
| Counter DRBG | A2701 |
| DSA KeyGen (FIPS186-4) | A2699 |
| DSA SigVer (FIPS186-4) | A2699 |
| DSA SigVer (FIPS186-4) | A2701 |
| ECDSA KeyGen (FIPS186-4) | A2699 |
| ECDSA KeyVer (FIPS186-4) | A2699 |
| ECDSA SigVer (FIPS186-4) | A2699 |
| ECDSA SigVer (FIPS186-4) | A2701 |
| HMAC-SHA-1 | A2699 |
| HMAC-SHA-1 | A2701 |
| HMAC-SHA2-256 | A2699 |
| HMAC-SHA2-256 | A2701 |
| HMAC-SHA2-384 | A2699 |
| HMAC-SHA2-384 | A2701 |
| HMAC-SHA2-512 | A2699 |
| HMAC-SHA2-512 | A2701 |
| KAS-ECC-SSC Sp800-56Ar3 | A2699 |
| KAS-ECC-SSC Sp800-56Ar3 | A2701 |
| KAS-FFC-SSC Sp800-56Ar3 | A2699 |
| KDF SSH | A2703 |
| KDF TLS | A2699 |
| KDF TLS | A2702 |
| RSA SigVer (FIPS186-4) | A2699 |
| RSA SigVer (FIPS186-4) | A2699 |
| RSA SigVer (FIPS186-4) | A2699 |
| RSA SigVer (FIPS186-4) | A2701 |
| RSA SigVer (FIPS186-4) | A2701 |
| RSA SigVer (FIPS186-4) | A2701 |
| SHA-1 | A2699 |
| SHA-1 | A2701 |
| SHA2-224 | A2699 |
| SHA2-224 | A2701 |
| SHA2-256 | A2699 |
| SHA2-256 | A2701 |
| SHA2-384 | A2699 |
| SHA2-384 | A2701 |
| SHA2-512 | A2699 |
| SHA2-512 | A2701 |
| SHA3-256 | A2700 |
flowchart LR
%% Deterministic review-risk graph for Tablo Medical Informatics System
%% Review prompts and evidence gaps, NOT vulnerability findings.
subgraph CMVP["CMVP-disclosed clues"]
C2["[low] Firmware update / recovery<br/>/ rollback (referenced in<br/>text)<br/><i>upgrade</i>"]
C3["[low] Self-test / status surface<br/>(referenced in text)<br/><i>Self-Test<br/>Status Output</i>"]
C5["[low] Protocol / secure-channel<br/>references (may be KDF<br/>names, not a live channel)<br/><i>TLS<br/>SSH<br/>HTTPS</i>"]
C6["[low] Operating system / runtime<br/>referenced (boundary<br/>membership not asserted)<br/><i>operating system<br/>linux<br/>application</i>"]
end
subgraph Inference["Derived inference"]
I2["Possible only, trusted<br/>code is reachable through<br/>update and recovery paths."]
I3["Possible only, some<br/>services may process input<br/>before, or without,<br/>operator authentication."]
I5["Possible only, a protocol<br/>is referenced, but whether<br/>it is a live channel or<br/>only a KDF/algorithm name<br/>is unconfirmed."]
I6["Possible only, a<br/>runtime/OS is referenced,<br/>but its membership in the<br/>cryptographic boundary is<br/>not established."]
end
subgraph Risk["Reviewer question"]
R2["Are update images<br/>authenticated before<br/>parsing, and are<br/>downgrade/rollback paths<br/>constrained?"]
R3["Can unauthenticated<br/>services leak state,<br/>consume resources, or<br/>transition security state?"]
R5["If a live TLS/SSH/IKE<br/>channel exists, could<br/>library CVEs apply, or is<br/>this only a<br/>KDF/documentation name?"]
R6["If the OS/runtime is<br/>in-boundary, could its<br/>CVEs be hidden by<br/>firmware-only versioning?"]
end
subgraph Evidence["Evidence needed to close"]
E2["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>update image format ·<br/>signature-before-parse<br/>proof · anti-rollback /<br/>downgrade policy"]
E3["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>pre-auth reachability<br/>matrix · rate limits and<br/>output redaction ·<br/>abuse-case tests"]
E5["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>library identity and<br/>version ·<br/>certificate-validation<br/>behaviour · protocol-CVE<br/>disposition"]
E6["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>runtime identity and<br/>config · kernel/runtime<br/>hardening profile ·<br/>patch/backport manifest"]
end
C2 --> I2 --> R2 --> E2
C3 --> I3 --> R3 --> E3
C5 --> I5 --> R5 --> E5
C6 --> I6 --> R6 --> E6
classDef clue fill:#eef3f9,stroke:#6f7f91,color:#1f3a5f;
classDef infer fill:#fff7e6,stroke:#b98500,color:#6b4e00;
classDef risk fill:#fbe9e9,stroke:#b02a2a,color:#7a1f1f;
classDef evidence fill:#e6f4ea,stroke:#1e7d34,color:#14532d;
class C2,C3,C5,C6 clue;
class I2,I3,I5,I6 infer;
class R2,R3,R5,R6 risk;
class E2,E3,E5,E6 evidence;flowchart LR
%% Deterministic clue tier for Tablo Medical Informatics System
%% confidence: high = structured record field; medium = structured but soft; low (dashed) = bare keyword hit, context unverified
subgraph CMVP["CMVP-disclosed clues (deterministic)"]
C2["[low] Firmware update / recovery / rollback (referenced in text)<br/><i>upgrade</i><br/>src: text:keyword"]
C3["[low] Self-test / status surface (referenced in text)<br/><i>Self-Test<br/>Status Output</i><br/>src: text:keyword"]
C5["[low] Protocol / secure-channel references (may be KDF names, not a live channel)<br/><i>TLS<br/>SSH<br/>HTTPS</i><br/>src: text:keyword"]
C6["[low] Operating system / runtime referenced (boundary membership not asserted)<br/><i>operating system<br/>linux<br/>application</i><br/>src: text:keyword"]
end
classDef clueHigh fill:#eef3f9,stroke:#2f6fb0,stroke-width:2px,color:#1f3a5f;
classDef clueMedium fill:#eef3f9,stroke:#6f7f91,color:#1f3a5f;
classDef clueLow fill:#f7f7f7,stroke:#999,stroke-dasharray:4 4,color:#444;
class C2,C3,C5,C6 clueLow;Outset Medical, Inc. Tablo Medical Informatics System Hardware Version: 1.0 Hardware Part Number: PN-0002824 Firmware Version: MIES 4.9.12.6269 FIPS Security Level: 1 Document Version: 1.2 Prepared for: Prepared by: Outset Medical, Inc. Corsec Security, Inc.
San Jose, CA 95134 Fairfax, VA 22033 United States of America United States of America Phone: +1 669 231-8200 Phone: +1 703 267 6050 www.outsetmedical.com www.corsec.com
Abstract This is a non-proprietary Cryptographic Module Security Policy for Tablo Medical Informatics System (firmware version: MIES 4.9.12.6269) from Outset Medical, Inc. (Outset). This Security Policy describes how Tablo Medical Informatics System meets the security requirements of Federal Information Processing Standards (FIPS) Publication 140-3, which details the U.S. and Canadian government requirements for cryptographic modules. More information about the FIPS 140-3 standard and validation program is available on the Cryptographic Module Validation Program (CMVP) website, which is maintained by the National Institute of Standards and Technology (NIST) and the Canadian Centre for Cyber Security (CCCS). This document also describes how to run the module in a secure Approved mode of operation. This policy was prepared as part of the Level 1 FIPS 140-3 validation of the module. Tablo Medical Informatics System is referred to in this document as Medical Informatics System or the module. References This document deals only with operations and capabilities of the module in the technical terms of a FIPS 140-3 cryptographic module security policy. More information is available on the module from the following sources:
| # | Section | Page |
|---|
| Item | Page |
|---|---|
| Table 1 – Security Levels | 6 |
| Table 2 – Cryptographic Module Tested Configuration | 7 |
| Table 3 – Cryptographic Algorithm Sources | 7 |
| Table 4 – Approved Algorithms Validation Certificates | 8 |
| Table 5 – Non-Approved Algorithms Allowed in the Approved Mode of Operation | 10 |
| Table 6 – Non-Approved Algorithms Allowed in the Approved Mode of Operation with No Security Claimed | 10 |
| Table 7 – Ports and Interfaces | 12 |
| Table 8 – LED Indicator | 13 |
| Table 9 – Roles, Service Commands, Input and Output | 14 |
| Table 10 – Approved Services | 15 |
| Table 12 – SSPs | 22 |
| Table 13 – Non-Deterministic Random Number Generation Specification | 25 |
| Table 14 – Acronyms | 30 |
| Figure 1 – Tablo Hemodialysis System Functions | 5 |
| Figure 2 – Tablo Medical Informatics System PN-0002824 | 10 |
| Figure 3 – Module Block Diagram (with Cryptographic Boundary) | 11 |
| Figure 4 – Status/Show Version Screen | 17 |
1. General The Outset Tablo is a dialysis machine designed from the inside out to offer a better and easier experience for patients and providers. The Outset Tablo machine creates an all-in-one solution that reduces care and infrastructure costs, expands the variety of eligible users, and enables new care delivery models. The Tablo Hemodialysis System is an automated machine designed to filtrate blood and offers multiple automated maintenance functions. It consists of a water purification system, Tablo cartridge, Non-invasive blood pressure cuff, and a two-way data communication. The Tablo Hemodialysis System is a mobile indoor unit that establishes a two-way data communication that automatically sends treatment data as well as machine performance to the Outset Tablo Cloud. The Tablo machine includes touchscreen guidance that contains animations and conversational instructions. Figure 1
The Tablo machine feature set includes inexpensive operations, direct connection to the Tablo Cloud, automated functions, and effective hemodialysis features:
The module has an overall security level of 1.
Tablo Medical Informatics System ©2024 Outset Medical, Inc.
2. Cryptographic Module Specification Tablo Medical Informatics System is a hardware module with a multi-chip embedded embodiment. The module is a single board computer (embedded within the Tablo dialysis machine) that securely protects and transmits patient data.
Table 2 below lists the module configuration(s) used for validation testing. Table 2
Table 3 lists the cryptographic algorithm sources employed by the module. Table 3
Table 4
2 This table includes vendor-affirmed algorithms that are approved but CAVP testing is not yet available.
No part of the TLS protocol, other than the KDF, has been tested by the CAVP and CMVP.
Tablo Medical Informatics System ©2024 Outset Medical, Inc.
CAVP Algorithm and Mode / Method Description / Key Size(s) / Use / function Certificate2 Standard Key Strengths A2701 AES CBC, CTR 128, 256 Encryption/decryption FIPS PUB 197 NIST SP 800-38A A2701 AES CCM 128, 256 Encryption/decryption NIST SP 800-38C A2701 AES GCM 128, 256 Encryption/decryption NIST SP 800-38D Vendor CKG - - Cryptographic key generation Affirmed NIST SP 800-133rev2 A2701 DRBG Counter-based (derivation 256-bit AES-CTR Deterministic random bit NIST SP 800-90Arev1 function
No part of the TLS protocol, other than the KDF, has been tested by the CAVP and CMVP.
7 No part of the SSH protocol, other than the KDF, has been tested by the CAVP and CMVP.
Tablo Medical Informatics System ©2024 Outset Medical, Inc.
OpenSSL DRBG cert. A2701 and Bouncy Castle DRBG cert. A2699) as both symmetric keys and seeds for generating asymmetric key pairs. The module’s DRBGs are seeded via entropy generated from the module’s internal entropy mechanism. The module implements the non-Approved but allowed algorithms shown in Table 5 below, in both the Tablo Medical Informatics System OpenSSL Cryptographic Library and Tablo Medical Informatics System Bouncy Castle Cryptographic Library. Table 5
The cryptographic boundary of the module is defined by the physical perimeter of the Tablo Medical Informatics System (shown in Figure 2). A logical block diagram of the module’s hardware components is provided in Figure 3 below. Figure 2
Figure 3
There are no excluded hardware or firmware components.
The module supports an Approved mode of operation only. When installed, configured, and operated according to this Security Policy, the module does not support a non-Approved mode of operation. Tablo Medical Informatics System ©2024 Outset Medical, Inc.
SD/MMC
Tablo Medical Informatics System ©2024 Outset Medical, Inc.
Physical Port Logical Interface Data That Passes Over Port/Interface SATA15 (Not in Use) I2C16 (Not in Use) I2S17 (Not in Use) SPI18 (Not in Use) CAN19 (Not in Use) HDMI20 (Not in Use) VGA21 (Not in Use) Audio (Not in Use) Table 8
HDMI
Tablo Medical Informatics System ©2024 Outset Medical, Inc.
4. Roles, Services, and Authentication The sections below describe the module’s authorized roles, services, and operator authentication methods.
The module supports a Crypto Officer (CO) role and a User role. The CO role performs cryptographic initialization or management functions and general security services. The User role performs general security services, including cryptographic operations and other approved security functions. The operator assumed a Crypto Officer role implicitly by invoking a service allocated to the Crypto Officer and assumes a User role implicitly by invoking a service allocated to the User. The module does not support multiple concurrent operators. Table 9
Descriptions of the services available to the authorized roles are provided in Table 10 below. Please note that the keys and Sensitive Security Parameters (SSPs) listed in the table indicate the type of access required using the following notation:
Service Description Approved Security Keys/SSPs Roles Access rights to Keys/SSPs Indicator Function(s) Establish SSH Session Establishes a SSH session AES (CBC, CTR, GCM) AES GCM IV User AES GCM IV
The operator can verify the module firmware version on the Tablo Status Screen: Figure 4
The module does not support authentication mechanisms; roles are implicitly selected based on the service invoked. Refer to Table 10 above for a listing of the services associated with each authorized role. ©2024 Outset Medical, Inc.
5. Software/Firmware Security All firmware components within the cryptographic boundary are verified using an integrity technique implemented within the cryptographic module itself. The module implements a CRC-32 integrity test of the module firmware. Failure of the integrity check for the module will cause the module to enter a critical error state. Tablo Medical Informatics System is not delivered to end-users as a standalone offering and is only used in conjunction with the Outset Tablo. The CO can initiate the pre-operational tests on demand by power-cycling the Outset Tablo. The module does not support firmware upgrade. In order to provision the module, the CO must first invoke the “Import Provision File” service and obtain the specified indicator that the service was executed successfully (note this step is not required to operate the module in Approved mode). ©2024 Outset Medical, Inc.
6. Operational Environment The operational environment of the module does not provide access to a general-purpose operating system (OS). The module employs a non-modifiable operational environment. The operating system offers no mechanism whereby the operator can modify software/firmware components, nor can the operator load and execute software or firmware that was not included as part of the validation of the module. The module’s operating system is Linux 4.1.15 LTS23. LTS
7. Physical Security As a multi-chip embedded module, the module is composed of production-grade components necessary to meet FIPS 140-3 level 1 physical security requirements. All components of the hardware are coated with commercial standard passivation. ©2024 Outset Medical, Inc.
8. Non-Invasive Security There are currently no approved non-invasive mitigation techniques referenced in ISO/IEC 19790:2021 Annex F. ©2024 Outset Medical, Inc.
9. Sensitive Security Parameter Management The module supports the keys and other SSPs listed in Table 11
Key/SSP Strength Security Function Generation Import / Export Establishment Storage Zeroization Use & Related Name/Type and Cert. Number Keys ECDH Public All approved KAS-SSC-ECC Generated No / Yes No Plaintext in Reboot; Generation of Key P/B/K curves (Certs. A2699 internally via volatile remove power; SSH and TLS Component and A2701) approved memory session shared secrets DRBG termination TLS Session AES AES (Certs. No No / No Derived Plaintext in Reboot; Encryption and Key AES-GCM A2699 and internally volatile remove power; decryption of A2701) using the TLS memory session TLS session Master termination packets; AES AES-GCM (Cert. Secret GCM IV is used A2701) with the TLS Session key. TLS HMAC (Certs. No No / No Derived Plaintext in Reboot; Authentication Authentication A2699 and internally volatile remove power; of TLS session Key A2701) using the TLS memory session packets Master termination Secret Other SSPs SSH Password - SSH KDF (Cert. ) No No / No Preloaded Encrypted in No Password used non-volatile to authenticate memory MIES to Wi-Fi module SSH Shared - No No / No Computed Plaintext in Reboot; Derivation of Secret via DH/ECDH volatile remove power; the SSH Session shared secret memory session and computation termination authentication Keys; AES GCM IV is used with the SSH Session key. TLS Premaster - TLS 1.2 KDF No No / No Computed Plaintext in Reboot; Derivation of Secret (Cert. A2702) via DH/ECDH volatile remove power; the TLS master shared secret memory session secret computation termination TLS Master - - No No / No Derived Plaintext in Reboot; Derivation of Secret internally volatile remove power; the TLS session using the TLS memory session (AES) and Premaster termination authentication Secret via (HMAC) keys, TLS KDF and the GCM IV. AES GCM IV - AES GCM (Certs. No No / No Derived Plaintext in Reboot; Initialization A2699 and internally volatile remove power; vector for AES A2701) using the TLS memory session GCM Master termination Secret24 or generated for SSH in compliance with RFC 564725. DRBG entropy - DRBG N/A No / No Produced Plaintext in Upon module Establishment of input (Certs. A2699 internally via RAM reboot seed for and A2701) Approved CTR_DRBG entropy Upon session source termination DRBG seed - DRBG N/A No / No Established Plaintext in Upon module Generation of (Certs. A2699 internally RAM reboot random number and A2701) using entropy Upon session input string termination via DRBG DRBG ‘V’ value - DRBG Generated No / No N/A Plaintext in Upon module State value for (Certs. A2699 internally RAM reboot CTR_DRBG and A2701) within DRBG Upon session termination
24 The IV generation method complies with technique #1 (for TLS 1.2 GCM Cipher Suites) in FIPS 140-3 IG C.H. RFC 5246 defines the TLS 1.2 protocol; RFC
5288 defines the use of the AES-GCM encryption with the TLS protocol. Each IV is generated and used only within each protocol’s implementation.
25 The IV generation method complies with technique #1 (for SSHv2 protocol) in FIPS 140-3 IG C.H. Each IV is generated and used only within each
protocol’s implementation. ©2024 Outset Medical, Inc.
Key/SSP Strength Security Function Generation Import / Export Establishment Storage Zeroization Use & Related Name/Type and Cert. Number Keys DRBG ‘Key’ - DRBG Generated No / No N/A Plaintext in Upon module State value for value (Certs. A2699 internally RAM reboot CTR_DRBG and A2701) within DRBG Upon session termination
The AES-GCM IV is used in the following protocols:
The module performs all applicable key assurances for its DH and ECDH implementations as specified in section 9 of NIST SP 800-56Arev3. These tests are performed as conditional tests.
In order to zeroize all keys and CSPs present within the module, the operator shall decommission the module by performing the following steps:
Table 12 below specifies the module’s entropy sources. RFC
Table 12
10. Self-Tests Both pre-operational and conditional self-tests are performed by the module. Pre-operational tests are performed between the time a cryptographic module is powered on or instantiated (after being powered off, reset, rebooted, cold-start, power interruption, etc.) and before the module transitions to the operational state. Conditional selftests are performed by the module during module operation when certain conditions exist. The following sections list the self-tests performed by the module, their expected error status, and the error resolutions.
The module performs the following pre-operational self-test(s):
The module performs the following conditional cryptographic algorithm self-tests (CASTs):
The CO can initiate the pre-operational self-test (as well as the conditional CASTS) on demand for periodic testing of the module by power-cycling the Tablo machine. The LED will blink 2 times to indicate that self-tests are running.
Upon failure of any self-test, the module will set an internal flag and enter a critical error state. In this state, the module will no longer perform cryptographic services or output data over the data output interfaces. For any subsequent request for cryptographic services, the module will return a failure indicator. To recover, the module must be reinitialized by power-cycle of the Tablo machine. If the pre-operational self-tests complete successfully, then the module can resume normal operations. If the module continues to experience self-test failures after reinitializing, then the module will not be able to resume normal operations, and the CO should contact Outset Medical, Inc. for assistance. ©2024 Outset Medical, Inc.
11. Life-Cycle Assurance The sections below describe how to ensure the module is operating in its validated configuration. Module operators shall follow all guidance provided guidance in this section to ensure the module is operating in a compliant manner. Operating the module without following this guidance (including the use of undocumented services) will result in non-compliant behavior and is outside the scope of this Security Policy.
The Medical Informatics System is delivered to the end user contained within the larger Outset Tablo machine, and there are no further installation procedures required by the operator.
No initialization steps are required to be performed by end-users.
No setup steps are required to be performed by end-users.
There are no specific management activities required of the CO role to ensure that the module runs securely. However, if any irregular activity is noticed or the module is consistently reporting errors, then Outset Customer Support should be contacted. Module operators can view the module’s operational status via the Tablo machine GUI.
The following list provides guidance for the User role:
There are no known CVEs associated with the cryptographic module. ©2024 Outset Medical, Inc.
12. Mitigation of Other Attacks This section is not applicable. The module does not claim to mitigate any attacks beyond the FIPS 140-3 Level 1 requirements for this validation. ©2024 Outset Medical, Inc.
13. Acronyms and Abbreviations Table 13 provides definitions for the acronyms and abbreviations used in this document. Table 13
Term Definition GMAC Galois Message Authentication Code GPC General-Purpose Computer HMAC (keyed-) Hash Message Authentication Code KAS Key Agreement Scheme KAT Known Answer Test KTS Key Transport Scheme KW Key Wrap KWP Key Wrap with Padding MD Message Digest NIST National Institute of Standards and Technology OCB Offset Codebook OFB Output Feedback OS Operating System PBKDF Password-Based Key Derivation Function PCT Pairwise Consistency Test PKCS Public Key Cryptography Standard PSS Probabilistic Signature Scheme PUB Publication RC Rivest Cipher RNG Random Number Generator RSA Rivest Shamir Adleman SHAKE Secure Hash Algorithm KECCAK SHA Secure Hash Algorithm SHS Secure Hash Standard SP Special Publication TLS Transport Layer Security XEX XOR Encrypt XOR XTS XEX-Based Tweaked-Codebook Mode with Ciphertext Stealing ©2024 Outset Medical, Inc.
Prepared by: Corsec Security, Inc.
Fairfax, VA 22033 United States of America Phone: +1 703 267 6050 Email: info@corsec.com http://www.corsec.com