. home.aspx

NEWS

home.aspx
   


Microsoft Announces Commercial Availability of Azure Sphere Solutions for IoT Devices

February 24, 2020 / Rashmi Singh
SHARESHARESHARE

At a Glance:


  • Microsoft announced public availability of Microsoft’s Azure Sphere after several years of testing and previews.

  • Microsoft supplied a reference architecture for the "microcontroller units," and it gets used in Azure Sphere chips that are built by Microsoft's hardware partners.

  • Another striking feature of the Azure Sphere family is its ability to add protections for older IoT devices via Guardian Modules.

About two years ago, to help enterprises secure their data and networks against growing cyber-attacks, Microsoft introduced Azure Sphere. A new intelligent security tools and technologies for the Internet of Things (IoT) and edge devices, powered by its own custom version of Linux. It is a program to better secure the 41.6 billion internets for things (IoT) devices expected to be connected to the internet by 2025. Now, following a lengthy preview, the tech giant this week, is launching Azure Sphere in general availability.


It's been almost two years since Azure Sphere was first introduced, but Microsoft's announcement claimed that Azure Sphere's "software and hardware have completed rigorous quality and security reviews" with its release at the GA stage. The Azure Sphere aims to create an overall trusted environment for deploying and using IoT devices, which is somewhat of a tall order. Possibly, it's taken a little longer for Azure Sphere to get out the door because of its various hardware, software, and services components.


Microsoft’s integrated security solution for IoT devices and equipment—is widely available for the development and deployment of secure, connected devices. Azure Sphere’s general availability milestone couldn’t be timelier. From consumer device hacking and botnets to nation state-driven cyberterrorism, the complexity of the landscape is accelerating. And as we expand our reliance on IoT devices at home, in our businesses and even in the infrastructure that supports transit and utilities, cybersecurity threats are increasingly real to individuals, businesses, and society at large.

Galen Hunt Distinguished Engineer and Managing Director, Azure Sphere.

Eligible customers will be able to sign up in the coming days. Azure Sphere doesn’t have ongoing fees associated with it, but there’s a one-time cost for a chip (as little as less than $8.65) that includes access to all of Sphere’s components, plus OS updates for the lifetime of the chip. Alternatively, developers can license Visual Studio and Microsoft’s Azure IoT services to develop apps for Sphere “more efficiently, according to Azure IoT CVP Sam George.


We live in an increasingly connected world. At Microsoft, we are committed to providing a trusted, easy-to-use platform that allows our customers and partners to build seamless, smart, and secure solutions regardless of where they are in their IoT journey.



Sam George, Corporate Vice President of Azure IoT at Microsoft


Azure Sphere Elements

The Azure Sphere family consists of four basic elements:


1. Certified chips for devices, built by hardware partners.
2. Microsoft's own custom-built Linux operating system for those chips called Azure Sphere OS.
3. The Azure Sphere Security Service, a service running from Microsoft's datacenters that gathers data on the security status of IoT devices and delivers automated updates to those devices.
4. The Azure Sphere security team at Microsoft, which helps identify and address IoT device security threats.


Microsoft supplied a reference architecture for the "microcontroller units," and it gets used in Azure Sphere chips that are built by Microsoft's hardware partners. The first dedicated Azure Sphere chip launched in 2018 was the MediaTek MT3620, which came with an onboard security system called Pluton.


"A microcontroller, for anybody who is not familiar, is a single-chip computer that has a processor, and storage, memory, and IoT capabilities," explained Galen Hunt, Distinguished Engineer and managing director of Azure Sphere, in a Microsoft-produced Q&A on Azure Sphere.


Another notable aspect of the Azure Sphere family is its ability to add protections for older IoT devices via Guardian Modules. These Guardian Modules are part of Azure Sphere chips and support connections to the Azure Sphere Security Service for security checks and automated patching.


"The guardian module is a very small device -- no larger than the size of a deck of cards -- built around an Azure Sphere chip," Hunt explained in the Q&A.


Learn More: SAP and Microsoft bring IoT data to the core of the business applications


Microsoft used its Windows Update Service model for Azure Sphere. It supports updating "billions of devices, globally, per hour," Hunt explained. Security oversight is also enabled through the use of the Azure Security Center for IoT portal, he added.


An Azure Sphere device gets more than 10 years of patch and updates support from Microsoft. For instance, this Azure announcement stated that "every Azure Sphere device comes with over 10 years of security and OS updates."


Azure Sphere's Origins


Azure Sphere started as a Microsoft Research project to bring a high level of security to industrial and household devices at a low cost. Microsoft first worked with MediaTek to modify one of its microcontrollers to that end. The idea was to address seven proprieties required of all networked devices. Those properties, according to a Microsoft Research paper, included:

• The hardware-based root of trust
• A small trusted computing base
• Defense-in-depth
• Compartmentalization
• Certificate-based authentication
• Security renewal
• Failure reporting

Azure Sphere’s general availability milestone couldn’t be timelier. From consumer device hacking and botnets to nation state-driven cyberterrorism, the complexity of the landscape is accelerating. And as we expand our reliance on IoT devices at home, in our businesses and even in the infrastructure that supports transit and utilities, cybersecurity threats are increasingly real to individuals, businesses, and society at large. From its inception in Microsoft Research to general availability today, Azure Sphere is Microsoft’s answer to these escalating IoT threats.


Microsoft wanted IoT devices to have unique identities, based in hardware, using private keys that were inaccessible to the software. The defense-in-depth concept, based on the Xbox gaming console, according to Hunt, aims to keep devices protected if there's a software-layer breach. Signed certificates using cryptographic keys were to be used instead of passwords. Software was to be updated automatically, and any failures would get reported to the manufacturers.


General Availability


Currently, Azure Sphere is supported by MediaTek's MT3620 chip, which is "available in volume today," Hunt indicated.


Other hardware partners are currently building Azure Sphere chips. Microsoft had announced a partnership with NXP back in June on building an Azure Sphere chip that will add "much larger compute capabilities" than MediaTek's chip, Hunt explained. In October, Qualcomm announced plans to build a "cellular native Azure Sphere chip," he added.


Learn More: Azure Sphere Microsoft’s answer to escalating IoT threats reaches general availability

Microsoft aims to make IoT devices trusted with the GA release of Azure Sphere.
"The opportunity to release a brand-new product that addresses crucial and unmet needs is rare," stated Halina McMaster, a Microsoft principal group program manager, in the announcement. "Azure Sphere is truly unique, our product brings a new technology category to the Microsoft family, to the IoT market, and the security landscape."


Microsoft and Azure Sphere are helping organizations confidently and securely take advantage of the opportunities enabled by IoT.