Microsoft introduced Azure Sphere during the RSA security conference in San Francisco. It’s essentially a platform connecting microcontroller units (MCU) within Internet of Thing devices to the cloud. What’s notable about this announcement is that the operating system installed on the MCUs aren’t based on Windows 10 as you would expect, but rather a custom build of the open-source Linux operating system. That’s a first for Microsoft.
At the foundation of Microsoft’s new Azure Sphere platform is a new microcontroller unit from Microsoft that promises five times the performance of standard MCUs. The chip includes the company’s Pluton security subsystem, built-in network connectivity, a real-time processor, an application processor, memory, flash, and more. It’s a “crossover” chip that combines the benefits of ARM-based Cortex-A and Cortex-M processor cores.
Controlling this chip is Microsoft’s new Linux-based Azure Sphere operating system. It’s a four-layer platform with a security monitor on the deepest level followed by the custom Linux kernel, on-chip connectivity services, and secured application containers. This software is backed by Microsoft’s Azure Sphere Security Service in the cloud, guaranteeing certificate-based authentication, genuine software, automated updates, and so on.
But there’s a key reason why Microsoft likely went with Linux instead of its in-house baked Windows 10: Open source. According to Microsoft, Azure Sphere is “open to additional software innovation” by the open source community. It’s also open to work with any cloud, not just Microsoft’s Azure-branded platform. Even more, the chip design can be used by any manufacturer absolutely free.
“In short, it represents a critical new step for Microsoft by integrating innovation across every aspect of technology and by working with every part of the technology ecosystem, including our competitors,” says Brad Smith, Microsoft president and chief legal officer. “We believe this holistic solution will bring to IoT devices better security, resilience and developer agility than anything on the market today.”
Azure Sphere arrives after the Mirai botnet attack at the end of 2016. Hackers exploited the weak security defenses of Internet of Things devices, such as usernames and passwords that were never changed from the factory default, to install the Mirai malware. The hackers then used around 100,000 compromised internet-connected devices to flood DNS provider Dyn with overwhelming fake traffic, bringing the internet to a standstill for an entire day on the east coast.
“Routers, DVRs, CCTV cameras, and any other ‘smart’, internet-connected appliances are at risk of attack,” Symantec said at the time. “Webcams were the primary devices exploited in the Dyn attack. Additionally, many IoT devices take advantage of a feature known as Universal Plug and Play (UPnP) which opens a port on the router to allow them to be accessible from the internet.”
Thus, enter Azure Sphere: a secure, end-to-end “holistic” solution for Internet of Things devices. Dimplex plans to integrate Azure Sphere into its portfolio of products later this year, which includes electric fireplaces, electric heating, renewable energy solutions, residential heaters, thermostats, and more. Other device manufacturers are “enthused” over Azure Sphere as well, including Sub-Zero.