Secure Build & Release

Signed at build. Governed across the lifecycle.

OnBoard™ IoT Security (OBIS) integrates firmware signing and SBOM binding directly into CI/CD workflows — producing governed release artifacts that enter the Product Workspace ready for provisioning, OTA operations, and compliance tracking.

Book a Demo
Release Operations

Governed release integrity inside CI/CD.

Governance: Release governance becomes part of the CI/CD workflow itself — with signing integrity, SBOM binding, and authorization policies enforced before artifacts move into provisioning and OTA operations.
Compatibility: Signature formats remain compatible with secure boot verification chains across major chipset ecosystems, allowing governed artifacts to move directly into provisioning and OTA workflows.
Operational continuity: Existing build systems remain unchanged while OBIS governs signing integrity, SBOM binding, and release authorization.
Jenkins
GitHub Actions
GitLab CI
Key Sovereignty

Delegate the signing capability to partners. Keep the key.

OEMs often require ODM partners to build and sign firmware inside distributed CI/CD environments. OBIS delegates signing authorization without exposing the signing key itself. Multiple parties can produce OEM-authorized releases while the cryptographic root of trust remains centrally governed.

SBOM Integrity

Bound at build. Not bolted on later.

Standards-based binding: OBIS captures SBOMs during CI/CD and cryptographically binds them to governed firmware artifacts using industry-standard formats including CycloneDX and SPDX.
Lifecycle continuity: This means firmware and SBOM remain cryptographically linked through factory provisioning, OTA distribution, vulnerability monitoring, and compliance reporting. There is no scenario where the firmware is at one version and the SBOM is at another, or where an SBOM is missing entirely and must be reconstructed after the fact.
Governed artifacts: The SBOM becomes part of the governed release artifact itself — cryptographically linked at build time and carried through provisioning, OTA operations, and vulnerability response.
Get Started

Built for governed release operations at scale.

Discuss your CI/CD architecture, signing model, SBOM workflows, and provisioning requirements with the OBIS engineering team.

Book a Demo
Contact Us
Building digital trust infrastructure for connected devices and credentials — backed by 13 years of expertise in digital credentials and cryptographic systems.
IoT Security
OverviewSecure Build & ReleaseFactory ProvisioningSBOM & VulnerabilitySecure Update & OTACompliance & DisclosureMatterGoogle Cast
Mobile Credentials
OverviewTransitAccessDigital Car Key
Resources
OverviewBlogCase Study
Company
About UsPartners
Privacy PolicyTerms Of ServiceCookie Policy
© 2026 Shanghai Snowball Digital Intelligence Technology Co., Ltd. All rights reserved.
EN
|
ZH