Azure Sphere is an application platform with integrated

communication Communication is commonly defined as the transmission of information. Its precise definition is disputed and there are disagreements about whether Intention, unintentional or failed transmissions are included and whether communication not onl ...

s and security features developed and managed by

Microsoft Microsoft Corporation is an American multinational corporation and technology company, technology conglomerate headquartered in Redmond, Washington. Founded in 1975, the company became influential in the History of personal computers#The ear ...

for Internet Connected Devices. The platform consists of integrated hardware built around a

silicon Silicon is a chemical element; it has symbol Si and atomic number 14. It is a hard, brittle crystalline solid with a blue-grey metallic lustre, and is a tetravalent metalloid (sometimes considered a non-metal) and semiconductor. It is a membe ...

chip: the Azure Sphere OS (

operating system An operating system (OS) is system software that manages computer hardware and software resources, and provides common daemon (computing), services for computer programs. Time-sharing operating systems scheduler (computing), schedule tasks for ...

for Azure Sphere), an operating system based on

Linux Linux ( ) is a family of open source Unix-like operating systems based on the Linux kernel, an kernel (operating system), operating system kernel first released on September 17, 1991, by Linus Torvalds. Linux is typically package manager, pac ...

, and the Azure Sphere Security Service, a cloud-based security service. Azure Sphere security was developed based on

Microsoft Research Microsoft Research (MSR) is the research subsidiary of Microsoft. It was created in 1991 by Richard Rashid, Bill Gates and Nathan Myhrvold with the intent to advance state-of-the-art computing and solve difficult world problems through technologi ...

's position on the seven required characteristics of highly secure devices.

Azure Sphere OS

The Azure Sphere OS is a custom

-based microcontroller operating system created by

to run on an Azure Sphere-certified chip and to connect to the Azure Sphere Security Service. The Azure Sphere OS provides a platform for

Internet of things Internet of things (IoT) describes devices with sensors, processing ability, software and other technologies that connect and exchange data with other devices and systems over the Internet or other communication networks. The IoT encompasse ...

application development, including both high-level applications and real-time-capable applications. It is the first operating system running a

Linux kernel The Linux kernel is a Free and open-source software, free and open source Unix-like kernel (operating system), kernel that is used in many computer systems worldwide. The kernel was created by Linus Torvalds in 1991 and was soon adopted as the k ...

that Microsoft has publicly released and the second Unix-like operating system that the company has developed for external (public) users, the other being

Xenix Xenix is a discontinued Unix operating system for various microcomputer platforms, licensed by Microsoft from AT&T Corporation. The first version was released in 1980, and Xenix was the most common Unix variant during the mid- to late-1980s. T ...

Azure Sphere Security Service

The Azure Sphere Security Service, also known as AS3, is a cloud-based service that facilitates maintenance, updates, and control for Azure Sphere-certified chips. The Azure Sphere Security Service establishes a secure connection between devices and the internet or cloud services and ensures secure boot. The primary purpose of contact between an Azure Sphere device and the Azure Sphere Security Service is to authenticate the device identity, ensure the integrity and trust of the system software, and certify that the device is running a trusted code base. The service also provides a secure channel for Microsoft to automatically download and install Azure Sphere OS updates and customer application updates to deployed devices.

Azure Sphere chips and hardware

Azure Sphere-certified chips and hardware support two general implementation categories: greenfield and brownfield. Greenfield implementation involves designing and building new IoT devices with an Azure Sphere-certified chip. Azure Sphere-certified chips are currently produced by MediaTek. In June 2019, NXP announced plans to produce a line of Azure Sphere-certified chips. In October 2019,

Qualcomm Qualcomm Incorporated () is an American multinational corporation headquartered in San Diego, California, and Delaware General Corporation Law, incorporated in Delaware. It creates semiconductors, software and services related to wireless techn ...

announced plans to produce the first Azure Sphere-certified chips with cellular capabilities. Brownfield implementation involves the use of an Azure Sphere guardian device to securely connect an existing device to the internet. Azure Sphere guardian modules are currently produced by Avnet.

Microsoft Pluton

Pluton is a Microsoft-designed security subsystem that implements a hardware-based root of trust for Azure Sphere. It includes a security processor core, cryptographic engines, a hardware

random number generator Random number generation is a process by which, often by means of a random number generator (RNG), a sequence of numbers or symbols is generated that cannot be reasonably predicted better than by random chance. This means that the particular ou ...

, public/private key generation, asymmetric and symmetric encryption, support for elliptic curve digital signature algorithm (ECDSA) verification for secured boot, and measured boot in silicon to support remote attestation with a cloud service, and various tampering counter-measures.

References

External links