IoT Day - Introducing Azure Sphere
2 likes201 views
Azure Sphere is a new solution from Microsoft that provides highly secured, connected microcontroller units (MCUs). It consists of specialized MCU chips secured by Microsoft technology, a secured operating system, and cloud security services. The solution aims to address security issues that have affected IoTs by implementing seven key properties for security, including hardware root of trust, small trusted computing base, and failure reporting. It offers long-term security updates through 2028. Microsoft is working with partners to implement Azure Sphere's security technology into their chips to help manufacturers create secure, connected devices.
IoT Day - Introducing Azure Sphere
- 1. Azure Sphere A New Solution for Creating Highly-Secured, Connected MCU Device Mirco Vanini Naples, December 10th 2018
- 3. Follow the agenda, the speakers & vote the sessions!
- 4. Agenda ▪ Digital Trasformation ▪ Opportunity | Risk ▪ The 7 Properties ▪ Azure Sphere o MCU o OS o Cloud o DevKit
- 5. Digital Trasformation A microcontroller (MCU for microcontroller unit, or UC for μ-controller) is a small computer on a single integrated circuit.
- 7. Digital Trasformation Fewer than 1% of MCU are connected today !
- 9. Opportunity
- 10. Risk The Mirai Botnet (aka Dyn Attack), Oct 2016: Largest IoT DDoS attack. Large portions of the internet going down, including Twitter, the Guardian, Netflix, Reddit and CNN. Affected devices: Webcams and DVR players. The Jeep Hack, July 2015: A team of researchers was able to take total control of a Jeep SUV by exploiting a firmware update vulnerability. The Hackable Cardiac Device from St.Jude, Jan. 2017: The vulnerability provided access to drain the battery, change heartbeat pace and to trigger shocks. The TRENDnet Webcam Hack, Jan. 2012. Access to camera and microphone over TCP/IP. The Printer Hack to catch fire, Nov. 2011: Made the fuser overheat, causing the paper in the printer to catch fire.
- 11. The internet security battle Microsoft has been fighting it for decades so they have some experience to share. Also on hardware side! Example X-BOX • XBOX: Hacked within weeks Standard Intel x86 system • XBOX 360:Hacked within 3,5 month HW hack to compromise the bus • XBOX One: Not hacked until today also thanks to in-chip bus firewalls
- 12. Beginning
- 13. Highly-secured connected devices require 7 properties Hardware Root of Trust Is your device’s identity and software integrity secured by hardware? Small Trusted Computing Base Is your device’s TCB protected from bugs in other code? Defense in Depth Does your device remain protected if a security mechanism is defeated? Dynamic Compartments Can your device’s security protections improve after deployment? Certificate-Based Authentication Does your device use certificates instead of passwords for authentication? Failure Reporting Does your device report back about failures and anomalies? Renewable Security Does your device’s software update automatically? Silicon OS Cloud http://aka.ms/7properties
- 14. Azure Sphere SECURITY Every device built with Azure Sphere is secured by Microsoft. For its 10 year lifetime. PRODUCTIVITY © Microsoft Corporation The Azure Sphere developer experience shortens OEM time to market. OPPORTUNITY Azure Sphere empowers OEMs to create new customer experiences and business models. Azure Sphere empowers manufacturers to create highly- secured, connected MCU devices
- 15. End-to-end solution for securing MCU powered devices Secured MCUs A new class of crossover Azure Sphere MCUs, from our silicon partners, with built-in Microsoft security technology provide connectivity, high performance, and a secured hardware root of trust. Secured Operating System The highly-secured Azure Sphere IoT OS combines the best of Microsoft and OSS technologies to create a trustworthy platform for new IoT experiences. Secured by our Cloud Service The Azure Sphere Security Service guards every Azure Sphere device; it protects your devices and customers, detects emerging threats, and proactively responds.
- 16. Today, only Azure Sphere provides all 7 Properties for secured IoT
- 17. History Project started in 2014 in Microsoft Research, now part of AI&R division Started working on prototype chip and OS in 2015 Established “seven properties of highly secured devices” Ran a “security challenge” based on prototype chip (Sopris) and OS in 2017 Actively working with partners and customers for production in 2018
- 18. Azure Sphere MCU Secured With built-in Microsoft security technology i.e. I/O bus firewalls including the Pluton Security Subsystem Performance With built-in Cortex-A processors Delivers significantly greater performance vs. similar traditional MCU Connected With built-in networking
- 19. Azure Sphere Silicon Partners Microsoft is working with other suppliers to implement the Azure Sphere Pluton Security Core into their HW
- 20. Azure Sphere OS Secure Application Sandboxes Compartmentalize code for agility, robustness & secu On-chip Cloud Services Provide update, authentication, and connectivity Custom Linux kernel Empowers agile silicon evolution and reuse of code Security Monitor Guards integrity and access to critical resources
- 21. Azure Sphere OS | Basic Architecture
- 22. Azure Sphere Cloud Security Service The Azure Sphere Security Service connects and protects every Azure Sphere device Protects your devices and your customers with certificate-based authentication of all communication Detects emerging security threats through automated processing of on-device failures Responds to threats with fully automated on-device updates of OS Allows for easy deployment of software updates to Azure Sphere powered devices
- 23. Azure Sphere and Visual Studio Modernize MCU development with Azure Sphere and Visual Studio Simplify development Focus your device development effort on the value you want to create Streamline debugging Experience interactive, context-aware debugging across device and cloud Collaborate across your team Apply tool-assisted collaboration across your entire development organization Simplify Azure connect Connect your Azure Sphere devices quickly and easily to Azure IoT
- 24. Azure Sphere is open Open to any MCU manufacturer We are licensing our Pluton security subsystem royalty free for use in any chip* Open to any cloud Azure Sphere devices are free to connect to Azure or any other cloud, proprietary or public for application data Open to any innovation MCU manufacturers are free to innovate with our GPL’d OSS Linux kernel code base * Azure Sphere branding requires an Azure Sphere chip with Azure Sphere OS and Azure Sphere Security Service
- 25. Getting started An Azure Sphere development kit A PC running Windows 10 Anniversary Update or later Visual Studio 2017 Enterprise, Professional, or Community, version 15.7 or later Download the Azure Sphere SDK for Visual Studio Preview. > Azure Sphere Developer Command Prompt Preview > Visual Studio Tools Preview for Azure Sphere > Open VPN TAP driver > Azure Sphere Device Communication Service The current SDK does not support all features of the MT3620 hardware. The following are not yet supported: - 2 x ARM Cortex-MA with FPU - ADC, I2C, I2S, PWM and SPI peripheral interfaces (GPIO and UART are supported) - Wi-Fi 802 11a (b/g/n are supported)
- 26. Azure Sphere MT3620 Development Kit
- 28. Demo Azure Sphere MT3620 Development kit Rotary Angle Sensor Buzzer Blue LED Button Temp&Humi Sensor(SHT31) OLED Display 1.12'' V2
- 29. Recap Azure Sphere is not a single chip but a security solution / technology built with a combination of a special microcontroller, a special operating system and the corresponding cloud services. Azure Sphere is a high- value, cost effective solution, secured by Microsoft. The solution today contains: Azure Sphere Chip MT3620 Azure Sphere Security Services for 10 years Azure Sphere IoT OS with 10 years of on-device updates
- 31. Contact Mirco Vanini Microsoft® MVP Windows Development AllSeen Alliance - AllJoyn® Ambassador Open Connectivity Foundation - OCF® Ambassador www.proxsoft.it info@proxsoft.it @MircoVanini