Sphere of Influence

Microsoft’s Azure Sphere: a Security System for an IoT World

After decades of development, major PC and smartphone platforms now have security features built into their cores. But in the new environment of smart connected devices, such features have often been added as an afterthought. Product innovation has outpaced security concerns and, in many cases, security capabilities have been designed down to a budget. Now millions of everyday consumer and industrial products are potentially vulnerable to hack attacks.

Microsoft’s new Azure Sphere is a solution developed by the software giant to address these growing hazards. It consists of several new intelligent security tools and technologies designed to enable enterprises to safeguard their data and networks against today’s biggest threats, and to address emerging threats aimed at Internet of things (IoT) and network edge devices.

Microsoft announced Azure Sphere last week at the RSA conference in San Francisco. This is the first initiative from the Redmond company to create a comprehensive system for securing connected devices. Azure Sphere includes three components that work together to protect and power devices at the edge of the network: a tiny chip called a microcontroller that integrates into smart products; an operating system that can run devices safely; and security software that operates on the cloud to monitor devices for hacking vulnerabilities.

The announcement gives Microsoft a unique position in the IoT market, and is a motivation for the firm to get its technology into a large number of devices sold by other companies.

The microcontroller chips run Microsoft’s new operating system, Azure Sphere OS. The company has built a custom Linux kernel for this operating system, which makes its new IoT service its first-ever Linux-based customer product. Azure Sphere OS combines multiple layers of security intended to further defend smart products from attack. It’s an update to the kind of real-time operating systems that today’s microcontrollers often use. The role of the Azure Sphere Security Service is to act as a “turnkey, cloud service” that protects devices and allows for communication between devices and to the cloud.

Rather than manufacturing the chips, Microsoft is working with MediaTek to bring its microcontrollers to market. Microsoft will certify that the silicon meets its standards. MediaTek is working on getting its first compatible chip, the MT3620, ready for broad availability in 2018.

Microsoft expects the first wave of devices compatible with Azure Sphere to be available by the end of 2018, with development kits arriving during the middle of the year.

Azure Sphere could offer an attractive option for companies making connected devices. It’s certainly one of the earliest attempts to provide end-to-end security in IoT systems, which typically involve four or five different providers, and we applaud Microsoft for this.

If successful, Azure Sphere could provide Microsoft with a powerful control point in the young IoT environment. However, as we’ve seen with Intel and its open-source Enhanced Privacy ID, building a large community of users for the technology may not be straightforward or fast. It will take some years before we can assess if Azure Sphere bears fruit for Microsoft.

Sign up to our free Daily Insight service here.