As more devices are connected to the internet, there is an equally growing concern about security. Internet of Things (IoT) devices often prioritize cost or convenience ahead of security and this has lead to a massive increase in botnets that take advantage of them. You might see a connected fridge as convenient for reminding you when you're out of eggs, but a hacker may see it as a perfectly inconspicuous way to send out spam or flood a website.
To combat this growing risk, Microsoft is launching its own three-pronged solution called Azure Sphere. It will consist of a secured microcontroller, a secure operating system, and a secure cloud environment. Microsoft is basing this security platform on seven key principles.
The first part of Azure Sphere is the Secured MCU. This chip is designed in-house by Microsoft and focuses on safeguarding encryption keys. Microsoft will make them available royalty-free to manufacturers down the road for better integration. The MCUs feature ARM Cortex-A processors, flash storage, memory, network connectivity, and Microsoft's Pluton security module.
Azure Sphere OS is the first Linux distribution Microsoft has ever developed. It is based on the Linux kernel and is designed to run on low-power devices. Code on the OS will run in isolated containers along with an underlying security monitor to verify system integrity.
The last piece is Azure Sphere Security Service. This is a cloud-based service that will push out software updates, detect security vulnerabilities, and maintain secure communications between all aspects of the Azure Sphere.
The platform will become available through development kits later this year with the hope of launching full devices by the end of the year. It is currently being tested in a closed preview.
