Powering the Intelligent Edge
In the next decade, nearly every consumer gadget, every household appliance, and every industrial device will be connected to the Internet. These connected devices will also become more intelligent with the ability to predict, talk, listen, and more.
The companies who manufacture these devices will have an opportunity to re-imagine everything and fundamentally transform their businesses with new product offerings, new customer experiences, and differentiate against competition with new business models.
All these everyday devices have in common a tiny chip, often smaller than the size of your thumbnail, called a microcontroller (MCU). The MCU functions as the brain of the device, hosting the compute, storage, memory, and an operating system right on the device. Over 9 billion of these MCU-powered devices are built and deployed every year. For perspective, that’s more devices shipping every single year than the world’s entire human population. While few of these devices are connected to the Internet today, within just a few years, this entire industry, all 9 billion or more devices per year, is on path to include connected MCUs.
Internet connectivity is a two-way street.
With these devices becoming a gateway to our homes, workplaces, and sensitive data, they also become targets for attacks. Look around a typical household and consider what could happen when even the most mundane devices are compromised: a weaponized stove, baby monitors that spy, the contents of your refrigerator being held for ransom. We also need to consider that when a device becomes compromised, it’s not just a problem for the owner, it can also become a problem for society. A device can disrupt and do damage on a larger scale. This is what happened with the 2016 Mirai botnet attack where roughly 100,000 compromised IoT devices were re-purposed by hackers into a botnet that effectively knocked the U.S. East Coast off the Internet for a day. It’s of paramount importance that we proactively address this emerging threat landscape with solutions that can keep pace as connected MCUs ship in billions of new devices ever year.
In 2015 a small team within Microsoft Research began exploring how to secure this vast number of MCU-powered devices yet to come online. Leveraging years of security experience at Microsoft, and learnings from across the tech industry, they identified The Seven Properties of Highly-Secure Devices. The Microsoft Team identified the need for a hardware root of trust to protect and defend the software on a device. They identified the need for multiple layers of defense-in-depth, both in hardware and in software, to repel hackers even if they fully breach one layer of security. Microsoft identified the critical need for hardware, software, and cloud to work together to secure a device. Over time the Seven Properties gained traction and became the foundation for a movement within Microsoft – which ultimately brings us to today.
So what is Azure Sphere?
Microsoft has adopted a combined approach through Azure Sphere which uses hardware, software and the cloud to secure internet-connected devices. The following are the three components used in it:
Azure Sphere certified microcontrollers (MCUs)
First is the new class of microcontrollers (MCUs) that combines both real-time and application processors with built-in Microsoft security technology and connectivity. The company will provide this powerful microprocessor’s design to chip manufacturers for free.
Azure Sphere OS
A new operating system, Azure Sphere, is Microsoft’s first Linux-based OS that will run on the chips. This customized Linux kernel will provide a secure platform through its Windows-inspired security features that can be scaled down to run on smaller systems.
Azure Sphere Security Service
The system is integrated with an Azure Sphere cloud service that will detect security issues, update software with security patches and facilitate a secure connection between devices and the cloud.
Latest posts by Peter Kivuti (see all)
- You need to pay attention to cyber security - April 7, 2019
- Banking Trojan Trickbot New Tricks - January 10, 2019
- Internet-facing endpoints are exposing businesses worldwide to a botnet which is now being used in targeted ransomware campaigns: Phorpiex worm - January 10, 2019