What is an HSM? An HSM is a Hardware Security Module, a general-purpose computing environment that withstands both physical and logical attacks and has special hardware to perform cryptographic operations and protect keys. The HSM is accessed from a host computer system using a carefully-designed set of API functions. The API functions may be generic, or they may be designed to meet the special requirements of particular industries such as banking and finance.
The device must run the programs that it is supposed to run, with confidence that those programs have not been modified. You must be able to (remotely) distinguish between the real device and application, and a clever impersonator.
The HSM must remain secure even if adversaries carry out destructive analysis of one or more devices. Many servers operate in distributed environments where it is difficult or impossible to provide complete physical security for sensitive processing. In some applications, the motivated adversary is the end user. You need a device that you can trust even though you cannot control its environment.