With Azure Sphere, Microsoft laces an IoT package of certified chips, a special operating system and a security service from the cloud – and opts for Linux instead of Windows.

Secure IoT chips for home, office, and factory

A new Internet of Things package called Azure Sphere was presented by Microsoft at the RSA conference. It consists of three components: Certified Azure Sphere Microcontrollers (MCUs), the Azure Sphere OS operating system, and the Azure Sphere Security Service cloud service.

The MCUs are the heart of every IoT system: no matter if they are smart toasters or industrial 4.0 assembly lines, they integrate the necessary processor, memory and control components in a small format. Microsoft does not manufacture the MCUs for Azure Sphere itself but blanks those from third-party manufacturers. The latter must pay attention to seven points, which should constitute a “Highly Secure Device”. The start will be made during the year 2018 MediaTek with the MT3620. The Group plans to provide related developer kits by the middle of the year.

By contrast, the operating system comes from our own home. Microsoft promises that they have developed it “specifically for Internet-connected devices”. And although the corporation emphasizes that the security mechanisms came from Windows, the system is based on a modified Linux. The IoT applications themselves run separately from the kernel and communication services in containers, while an underlying security monitor monitors the access and integrity of the system.

Add to that a cloud service for security: Azure Sphere Security Service is designed to minimize the customer’s workload and ensure communication between the IoT systems and between them and applications in the cloud. He is also responsible for security updates – collecting device error reports to detect threats early.

First, device manufacturers are testing the package in a Private Preview before Azure Sphere-equipped devices are due to be released by the end of 2018. Microsoft has not yet announced what it will be in concrete terms – rather, the group hopes for all IoT areas.

Microsoft Azure Sphere is based on three components:

Components of Azure Sphere

1. Azure Sphere Microcontrollers:

The MCUs combine real-time and application processors with integrated Microsoft security technology and connectivity. The first Azure Sphere chip, MediaTek MT3620, will be available during the 2018 calendar year.

2. Azure Sphere OS:

Designed specifically for Internet-connected devices, Azure Sphere OS provides multi-layered security features based, among other things, on security intelligence from the development of Windows and Linux.

3. Azure Sphere Security Service:

The turnkey cloud service protects every Azure Sphere device. Certificate-based authentication ensures secure device-to-device and device-to-cloud and back-to-back communication. The service also collects bug reports and provides continuous security updates.

Azure Sphere provides an open platform for deploying networked devices and is also deeply integrated with the Microsoft Azure services and the Visual Studio development environment.

Business Model

Turnover makes Microsoft sell the turnkey service that includes the Azure Sphere OS. The connection to the Microsoft cloud promises under certain circumstances, the sale of other services. Thus, manufacturers of IoT gadgets using Microsoft’s offer must worry less about the security of their devices when connected to the Internet.

Microsoft, together with customers and partners, has identified seven features that work together to provide the best possible protection against attacks from the Internet, the “ Seven Properties of Highly Secure Devices “:
  1. Hardware-based cryptography keys and device identity,
  2. small Trusted Computing Base (TCB),
  3. multi-level security levels,
  4. Isolation,
  5. Certificate-based authentication,
  6. renewable security of the entire system and
  7. Error reports.
Microsoft Azure Sphere is based on three components:
  • Azure Sphere Microcontrollers: The MCUs combine real-time and application processors with integrated Microsoft security technology and connectivity. The first Azure Sphere chip, MediaTek MT3620, will be available during the 2018 calendar year.
  • Azure Sphere OS: Designed specifically for Internet-connected devices, Azure Sphere OS provides multi-layered security features based, among other things, on Windows and Linux security intelligence.
  • Azure Sphere Security Service: The turnkey cloud service protects every Azure Sphere device. Certificate-based authentication ensures secure device-to-device and device-to-cloud and back-to-back communication. The service also collects bug reports and provides continuous security updates.
Azure Sphere provides an open platform for deploying networked devices and is also deeply integrated with the Microsoft Azure services and the Visual Studio development environment.

Microsoft hopes to kill two birds with one stone. From the very beginning, a secure “new” Internet of Things is certainly a top priority and, of course, more business for your own cloud services and web offers. For this, the group must include the policy. Who brings unsecured devices into the network, which must adhere to the consequences. Only then will manufacturers spend the extra cents per device to keep Cybergangster out. The question will be whether all competitors will sit down and jointly adopt standards. For this, some would have to jump over their own shadow. Like Microsoft: “After 43 years,” says Microsoft veteran Smith, visibly moved, “this is the first time we’ve been distributing our own Linux distribution.