Roadmap for Device and Driver Installation

figure of a compass, a map, and a finger pointing at the map.

To install a device and driver in the Windows operating system, follow these steps:

  • Step 1: Learn the fundamentals of device and driver installation in Windows.

    You must understand the fundamentals of device and driver installation in the Windows family of operating systems. This will help you to make appropriate design decisions and will allow you to streamline your development process. For more information, see Overview of Device and Driver Installations.

  • Step 2: Learn about driver packages and their components.

    A driver package consists of all the components that you must supply to install your device and support it under Windows. This includes an INF file and all the files that the INF file references.

    For more information, see Driver Packages and INF Files.

  • Step 3: Create a driver package for your device and drivers.

    Your driver package must provide an INF file and optionally driver files or additional software components.

    For more information about the components of a driver package, see Creating a Driver Package.

    For example driver packages, see the Toaster Sample.

  • Step 4: Test-sign your driver package during development and testing.

    Test-signing refers to using a test certificate to sign a prerelease version of a driver package for use on test computers. In particular, this allows developers to sign driver packages by using self-signed certificates, such as those the MakeCert tool generates. This capability allows developers to install and test driver packages in Windows with driver signature verification enabled.

    For more information, see Signing Drivers during Development and Test.

  • Step 5: Preproduction-sign your driver package to test with Secure Boot.

    Preproduction-signing refers to using the WHQL/WHCP preproduction certificate to sign a prerelease version of a driver package for use on retail/production systems without having to enable TESTSIGNING. This capability allows developers to test drivers with Secure Boot on before release-signing their driver package.

    For more information, see Preproduction Driver Signing and Testing.

  • Step 6: Release-sign your driver package for distribution.

    After you have tested and verified your driver package, you should release-sign the driver package. Release-signing identifies the publisher of a driver package. While this step is optional, driver packages should be release-signed for the following reasons:

    • Ensure the authenticity, integrity, and reliability of driver packages. Windows uses digital signatures to verify the identity of the publisher and to verify that the driver has not been altered since it was published.
    • Provide the best user experience by facilitating automatic driver installation.
    • Run kernel-mode drivers on 64-bit versions of Windows Vista and later versions of Windows.
    • Playback certain types of next-generation premium content.

    Driver packages are release-signed through either:

    For more information, see Signing Drivers for Public Release.

  • Step 7: Distribute your driver package.

    The final step is to distribute the driver package. If your driver package meets the quality standards that are defined in the the Windows Hardware Compatibility Program (for Windows 10/11), or the Windows Hardware Certification Program (for Windows 8/8.1 and older operating systems), you can distribute it through Microsoft Windows Update program. For more information, see Publishing a driver to Windows Update.

These are the basic steps. Additional steps might be necessary based on the installation needs of your individual device and driver.