Microsoft has built its own custom Linux kernel to power "Azure Sphere," a newly launched technology that aims to better secure billions of "Internet of things" devices by combining the custom Linux kernel with new chip design, and its cloud security service.
Project Azure Sphere focuses on protecting microcontroller-based IoT devices, including smart appliances, connected toys, and other smart gadgets, Microsoft announced during the security-focused RSA Conference in San Francisco Monday.
It is basically a security package consists of three main components:
- Azure Sphere-certified microcontrollers (MCUs)
- Azure Sphere OS
- Azure Sphere Security Service
One innocent looking insecure IoT device connected to your 'secured network' would be enough to cause security nightmares. In the past, we have seen how lack of security by design led to massive DDoS attacks powered by Mirai IoT botnet.
To address such issues, Azure Sphere offers a full-fledged solution that provides the best-in-class security and a trustworthy environment for future IoT devices, and at the same time makes the life of IoT device manufactures a lot easier.
Azure Sphere Certified Microcontrollers (MCUs)
These MCUs "combines both real-time and application processors with built-in Microsoft security technology and connectivity," Microsoft explains.
"The Pluton Security Subsystem creates a hardware root of trust, stores private keys, and executes complex cryptographic operations," Microsoft said. "A new crossover MCU combines the versatility and power of a Cortex-A processor with the low overhead and real-time guarantees of a Cortex-M class processor."
"Each chip includes custom silicon security technology from Microsoft, inspired by 15 years of experience and learnings from Xbox, to secure this new class of MCUs and the devices they power," the company adds.According to Microsoft president Brad Smith, the first Azure Sphere chip, called the "MT3620," will be made by Taiwan-based MediaTek and to be available in stores worldwide by the end of the year.
The Azure Sphere chips will also be compatible with other cloud services like Google Cloud, Amazon Web Services, and Oracle Cloud.
Azure Sphere OS (Linux-based)
"Each Azure Sphere chip will include our Microsoft Pluton security subsystem, run the Azure Sphere OS, and connect to the Azure Sphere Security Service for simple and secure updates, failure reporting, and authentication," Microsoft says.It is the first time when Microsoft created hardware that is designed to run only Linux, rather than its Windows operating system.
"We are a Windows company, but what we recognized is that the best solution for a computer of this size in a toy is not a full-blown version of Windows," Smith said. "It is a custom Linux Kernel, and it is an important step for us and the industry."
Azure Sphere Security Service (Cloud-based)
The service offers device-to-device and device-to-cloud communication through certificate-based authentication to guards every Azure Sphere device.
It detects emerging security threats across the entire Azure Sphere ecosystem and also takes care of software updates.
Azure Sphere is now available in private preview, and the company will distribute software development kits to everyone interested in hacking Azure Sphere by the middle of this year. To find more details about Azure Sphere, you can head on to Microsoft Azure Sphere's blog.