As more and more smart devices are deployed, securing and managing them becomes more and more important
It sounds like the set up for a bad joke: What do a cricket bat and a coffee machine have in common? The answer is, at least after exploring the recent Microsoft Build show floor, Azure Sphere, Microsoftβs secure IoT platform that mixes silicon and software.
Weβre all aware how insecure the internet of things can be: Much of the hardware and software in use has minimal protections, and there are many cases of devices hard-coding login credentials and exposing services on the public internet; even hosting massive botnets that have taken down key internet infrastructure. As more and more smart devices are deployed, securing and managing them becomes more and more important, reducing the risk to enterprises and to the wider world.
Securing the IoT microcontroller
Building on Microsoft Researchβs Project Sopris, Azure Sphere goes beyond Soprisβs silicon to deliver a three-part solution: a secure microcontroller, a managed device operating system, and a cloud service. Itβs an essential combination; you canβt have a secure IoT platform with out all three elements. Miss one, and the result is unstable, and like a two-legged stool is easy to topple.
The initial release of Azure Sphere is based around a secured microcontroller, being developed with Mediatek. Built around a three-core MT3620 microcontroller, the first-generation Azure Sphere hardware has a primary ARM Cortex A7 core for the Sphere OS, and two Cortex M4 cores for handling controller operations.
A fourth Cortex M4F core is the heart of the Pluton security subsystem, which gives the Azure Sphere board a managed hardware route of trust that can monitor the operation of the rest of the microcontroller and ensure that itβs protected from tampering and from side-channel attacks. The security subsystem also offers secure boot capabilities, implementing security configurations in a one-time programmable e-fuse block.
Sphere OS: Microsoftβs first Linux
One of the more surprising aspects of Azure Sphere is the secure Sphere OS, Microsoftβs first shipping Linux. While Azure has been using a custom Linux in its networking hardware for some time, itβs now making an IoT-focused Linux distribution available to the public. Apps built for Sphere OS are familiar C code thatβs compiled using GCC, with an Azure Sphere plugin for both Visual Studio and Visual Studio Code. Both offer full remote debugging options, and you can access the Sphere OS command line via Visual Studio Codeβs built-in terminal.
Microsoft has been working with maker board manufacturer Seeed to produce a development board for the MT3620, with familiar Arduino-like GPIO outputs and a built-in Wi-Fi connection. Itβs not yet shipping, but you can pre-order devices expected for delivery in summer 2018. Thereβs no Bluetooth support, so youβll need to add your own interfaces for wireless connections to sensors. Youβll need to put down a $5 deposit; the first batch of controllers will cost about $90.
As microcontrollers go, the MT3620 is firmly in the mid range. Itβs more powerful than firmware-based Arduinos, but less capable than devices like the Raspberry Pi. Youβre not going to use it as a general-purpose Linux computer, and youβre also not going to deploy it in the tens of thousands. Instead, what you have is a secure endpoint for your Azure IoT implementation, able to handle inputs from many simple sensors or from a few complex devices, performing signal and device validation before delivering results to Azure Hub devices or to Axureβs IoT Suite.
The philosophy behind Azure Sphere
The first Azure Sphere silicon has a potential market of about 3 billion Wi-Fi chipsets, says Galen Hunt, whoβs been leading the Azure Sphere project at Microsoft. βA lot of initial uptake will be in home appliances, where things are mains-powered [connected to electrical outlets].β
The aim for Azure Sphere is to ensure to secure the vast majority of IoT, he says. Although Microsoft aims to sell the Azure Sphere service, it doesnβt intend to put roadblocks in the way of silicon vendors, he says. The Pluton security platform in Azure Sphere microcontrollers is licensed royalty-free, whether final products use it or not.
Hunt is well aware that, although it is more secure than current IoT platforms, Azure Sphere isnβt a complete panacea: βYou will get hacked, you will get attacked. So, you will need to update things.β The result is that Sphere needs to be a connected service to get the benefits of the complete platform.
Hunt envisions the progression of the internet of things, where βa connected device will be more secure than a disconnected device.β Connectivity gives access to more than the built-in device capabilities and services; it also gives access to cloud-hosted security tools like Microsoftβs security graph that can respond to threats as soon as they are detected. It also gives access to support life cycles. For example, Windows 10 IoT Core uses the Windows life cycle to deliver as many as ten years of security updates. For Sphere OS that security update model goes even further, with updates for the on-board security hardware, as well as ten years of OS updates and ten years of security services.
With much of the internet of things now reliant on devices that, once bought and deployed, will never be updated, Hunt is adamant that attitude must change for manufacturers and users alike. For a successful, secure future, any connected devices will need to be updated.
