When creating an application, which requires sensitive capabilities (AllFiles, DRM, TCB), it recommend to package the sensitive part of the application to an embedded sis. This should be taken into account already when designing the application's architecture. When the application is ready to be Symbian Signed, you should submit the embedded sis for certification first. The submission happens via Symbian Signed. Then, you'll get the certified package back and use it in your final delivery, which you submit for testing and certification.
Embedded sis is recommend to be used, whenever it is architecturally feasible. Especially it is a good option when the part, which is in embedded sis, is not suppose to change. When the sensitive part has been certified once, you can use it when upgrading your application without needing to get approval from the manufacturer again. This will speed be up the certification process and save money. The requirement is that an application with an embedded sis is tested against Symbian Signed and additional Nokia test criteria for once and for upgrades, only Symbian Signed tests will be done.
Embedded sis is not suitable for types of applications, e.g. for FEPs. What are your experiences of embedded sis? Does it fit well to your application's architecture?
Embeddeding sis file can be done by adding the following syntax in the .pkg file:
Here is an example: