Microsoft announced the preview of Microsoft Azure Sphere at the RSA 2018 security conference this week in San Francisco this week. Microsoft Azure Sphere is a new tool designed for creating secure, Internet-connected microcontroller (MCU) powered devices.
According to the company, a MCU is a tiny chip that acts as the brain of intelligent devices and hosts the compute, storage, memory and operating system right on the device. Currently there are more than 9 billions of MCU-powered devices built and deployed each year, Microsoft said.
“Internet connectivity is a two-way street. With these devices becoming a gateway to our homes, workplaces, and sensitive data, they also become targets for attacks. Look around a typical household and consider what could happen when even the most mundane devices are compromised: a weaponized stove, baby monitors that spy, the contents of your refrigerator being held for ransom,” Galen Hunt, partner managing director of Microsoft Sphere, wrote in a post. “Azure Sphere provides security that starts in the hardware and extends to the cloud, delivering holistic security that protects, detects, and responds to threats.”
The new solution features three different components that work together: Azure Sphere certified MCUs, Azure Sphere OS, and Azure Sphere Security Service.
The MCUs combine real-time and application processors with Microsoft’s security and connectivity capabilities. Each chip in the MCU contains custom Microsoft security technology to secure it, according to the company. The first Azure Sphere chip, MediaTek MT3620, will be coming to market later this year. Microsoft explained each chip will “include our Microsoft Pluton security subsystem, run the Azure Sphere OS, and connect to the Azure Sphere Security Service for simple and secure updates, failure reporting, and authentication.”
Azure Sphere OS aims to provide security to the OS by combining security features from Windows, a security monitor, and a custom Linux kernel. The company said this combination will provide a trustworthy platform for IoT experiences.
Finally, Azure Sphere Security Service is a cloud service that looks to protect each Azure Sphere device. It uses certificate-based authentication in order to create trust for device-to-device and device-to-cloud communication. The service is able to detect security issues throughout the whole Azure Sphere ecosystem.
“Leveraging years of security experience at Microsoft, and learnings from across the tech industry, we identified The Seven Properties of Highly-Secure Devices. We identified the need for a hardware root of trust to protect and defend the software on a device. We identified the need for multiple layers of defense-in-depth, both in hardware and in software, to repel hackers even if they fully breach one layer of security. We identified the critical need for hardware, software, and cloud to work together to secure a device. Over time the Seven Properties gained traction and became the foundation for a movement within Microsoft – which ultimately brings us to today,” Hunt wrote.
Hunt expects Azure Sphere to be released by the end of this year. Dev kits will be made available in mid-2018.