Intel® Secure Device Onboard (Intel® SDO)

Leverage a hardware-based identity to enable simple and trusted automatic IoT device onboarding using device management services.

Get Started

Use this manufacturing toolkit to enable Intel® gateways and MCU-class devices to automatically connect for the first time with any remote management service enabled with Intel® SDO.

Integrate Intel® SDO with your supply chain management applications and extend ownership with our REST and Java* APIs.

Implement the Device Management Service SDK to enable seamless onboarding experiences with cloud and enterprise IoT management services.

Solutions Overview & Implementation Steps


1. Connect a device enabled with Intel® Enhanced Privacy ID (Intel® EPID) to a manufacturing station.
2. Initialize a device to enable Intel® SDO capabilities and generate credential data.
3. Ship devices and extend ownership credentials with a customer's public key.


1. Receive devices and ownership credentials from the ODM or OEM.
2. Import and verify ownership credentials.
3. Ship devices and extend ownership credentials to customers.


1. Provide public key when purchasing devices.
2. Prepare the base image for the device.
3. Import and verify ownership credentials.
4. Transmit the ownership credentials to a device management platform.


1. Enable the transfer of ownership protocol services.
2. Integrate data import requirements into the device management platform.
3. Import ownership credentials from the customer or system integrator.


1. Turn on the devices and connect them to the internet.
2. Log on to the management console.
3. Verify that the devices are successfully onboarded.

Get Started with Intel® SDO

Learn how Intel® SDO is enabled by manufacturers, supply chain partners, and device management services.

Protect the Supply Chain with Credentials

An IoT device risks being breached by malicious entities (such as malware) unless a life cycle security model is enacted. You can now access a set of APIs that integrates a trusted chain of ownership into your inventory management and e-commerce workflows.

Here's how it works:

  • Devices are built with device credentials.
  • Manufacturers sell devices and send their ownership credentials to distributors.
  • Distributors sell devices to solution providers after signing public keys from the system integrator during the ordering process.
  • System integrators sign public keys from customers during the ordering process.
  • Manifests allow manufacturers to safely extend device ownership (while it is still boxed) via PKI-based key exchanges and signatures.