Microsoft intros triple lock to secure IoT devices at the network edge
Microsoft has announced a new platform to secure ‘internet of things’ (IoT) devices. Dubbed Azure Sphere, it layers in three levels of enhanced IoT security, in its chip, operating system (OS) and cloud.
Most significantly, Microsoft has introduced a new “cross-over class” of chip, or microcontroller unit (MCU), that introduces in-built IoT security to its real-time and application processors. The MCU, a chip the size of a thumbnail, functions as the brain of the device, hosting the compute, storage, memory, and an operating system right on the device. More than nine billion MCU-powered IoT devices are built and deployed each year, it said
The custom silicon features in Microsoft’s new Azure Sphere certified chips are “inspired by 15 years of learnings”, including from its Xbox gaming consoles. The attendant OS, meanwhile, combines security innovations pioneered in its Windows platform with an IoT security monitor and a custom Linux kernel to achieve a more secure IoT environment.
Its new cloud service brokers trust between devices and cloud environments through certificate-based authentication, and detects emerging security across the entire IoT ecosystem, according to its maker. Microsoft said it was bringing its experience at protecting its own devices and data in the cloud to bear upon MCU-based IoT devices.
The most significant challenge for the IoT is device security; devices represent the weakest link in the stack. Familiar failings from the IT space are hobbling the nascent IoT market – a glance at top IoT security vulnerabilities shows this to be the case. The same errors and oversights from IT security keep appearing, invariably linked with identity authentication, transport encryption and physical security.
Galen Hunt, partner managing director for Azure Sphere at Microsoft, commented: “In the next decade, nearly every consumer gadget, every household appliance, and every industrial device will be connected to the internet. These will also become more intelligent. The companies that manufacture these devices will have an opportunity to reimagine everything and fundamentally transform their businesses with new product offerings, new customer experiences, and differentiate against competition with new business models.”
The first Azure Sphere chip, the MediaTek MT3620, will come to market in volume this year, said Microsoft. Further chipset makers will launch Azure Sphere chips in due course, it said. Microsoft is licensing its silicon security technologies royalty-free to keep manufacturing costs down and stimulate broader uptake.
Hunt said: “We’ve created a revolutionary new generation of MCUs. These chips have network connectivity, unequalled security, and advanced processing power to enable new customer experiences. Each Azure Sphere chip will include our Microsoft Pluton security subsystem, run the Azure Sphere OS, and connect to the Azure Sphere Security Service for simple and secure updates, failure reporting, and authentication.”
In a blog post, Hunt pointed to the potential damage hackers cause with “weaponised” IoT devices, whether attached to everyday items in the home, or industrial equipment in factories. “It’s of paramount importance that we proactively address this emerging threat landscape with solutions that can keep pace as connected MCUs ship in billions of new devices ever year,” he said, referencing also the 2016 Mirai botnet attack, which “knocked the US east coast off the internet for a day”.
Azure Sphere is currently in beta testing with partners. Microsoft expects the first wave of Azure Sphere devices to be on shelves by the end of 2018, with developer kits available in the summer.