Linux Inside Azure Sphere on the Horizon


Azure Sphere will be generally available in Feb 2020, Microsoft announced at the IoT Solutions World Congress on Monday. Its scheduled arrival highlights Microsoft’s readiness to fulfill its promise for better Internet of Things device security at scale, company officials said.

Microsoft first introduced Azure Sphere in 2018, opting to use its own version of a Linux operating system instead of Windows 10 to drive its new Azure Sphere OS to securely connect Internet of Things devices.

Security is one of the leading barriers to IoT adoption. Microsoft hopes to lock down IoT device security with its cloud-based delivery solution.

The number of connected devices is expected to reach 20 billion in 2020.

Microsoft expects IoT adoption to accelerate to provide connectivity to hundreds of billions of devices. Such massive growth would increase the stakes for unsecured devices.

Enterprise customers would buy at least 70 percent more IoT devices if their concerns about cybersecurity were addressed, suggests research from Bain & Company.

Microsoft sees its mission as empowering organizations to create and connect secure, trustworthy IoT devices in order to encourage innovation.

Azure Sphere is a platform connecting microcontroller units embedded within IoT devices connected to the cloud. The platform operates a new MCU crossover class that combines both real-time and application processors with built-in Microsoft security technology and connectivity. Each chip includes custom silicon security technology Microsoft developed.

“The Azure Sphere system leverages IoT security by embedding hardened chips with a Linux OS, building in security to the devices’ manufacturing rather than making it an afterthought,” noted Gabe Turner, director of content at Security Baron.

The chip is an extension of the i.Mx8 applications processor series optimized for power and performance, specifically for artificial intelligence graphics and an improved user interface experience overall, he told LinuxInsider.

The new Azure Sphere-certified chips are based on Microsoft’s 15 years of experience with Xbox, to secure this new class of MCUs and the devices they power.

High Impact for IoT Security

In essence, with Azure Sphere Microsoft is productizing security for IoT-enabled or connected devices, said Charles King, principal analyst at Pund-IT.

Since the platform includes a custom microcontroller, a high-level operating system, and a services platform, manufacturers can use Azure Sphere to enable and support IoT functions in a wide variety of products, from smart speakers to major appliances to factory equipment, he noted.

“That should improve the value, safety and security of those products and make them more attractive to consumers and businesses,” King told LinuxInsider.

Given Microsoft’s size and market footprint, Azure Sphere may help bring some order to an IoT market that is complex and somewhat fractious, especially when it comes to security products and protocols, he suggested. Over time, manufacturers and developers may come to see Azure Sphere as a safe choice for securely enabling IoT.

Linux Leverage

Azure Sphere leverages a custom Linux-based kernel. The kernel runs in supervisor mode, along with a boot loader, and is tuned for the flash and RAM capabilities of the Azure Sphere MCU.

The kernel provides a surface for preemptable process execution, and the driver model exposes MCU peripherals to OS services and applications. Its relative lightness and ability to support targeted processes make Linux a great choice for Azure Sphere, King pointed out.

Silicon Delivers

Microsoft plans to deliver on its Azure Sphere mission through several strategic investments and partnerships. Partnering with silicon leaders is a key part of that plan.

The company has forged three key partnerships to lock down IoT security:

  • MediaTek’s MT3620, the first Azure Sphere certified chip produced, is designed to meet the needs of the more traditional MCU space, including in WiFi-enabled scenarios.
  • NXP Semiconductors delivered a new Azure Sphere certified chip as an extension of its i.MX 8 high-performance applications processor series optimized for performance and power, to bring greater compute capabilities that support advanced workloads from artificial intelligence and graphics.
  • Qualcomm delivered the first cellular-enabled Azure Sphere chip With ultra-low-power capabilities for greater freedom to securely connect anytime, anywhere.

Hardware Connectivity

A diverse hardware ecosystem will simplify the process of connecting enterprise equipment, noted Microsoft. Guardian modules will make it easier to bring existing hardware online without risking and jeopardizing mission-critical equipment. Guardian modules plug into existing physical interfaces on equipment and can be deployed with common technical skill sets that require no device redesign.

The deployment is fast, does not require equipment to be replaced before its end of life, and quickly pays for itself, according to Microsoft. The first guardian modules are available from Avnet and AI-Link.

Using the right developer tools for better apps helps solve IoT connectivity issues. Microsoft began that effort last month when it released its SDK preview for Visual Studio. Microsoft soon will have an SDK for Linux and support for Visual Studio Code.

The company has made it quicker and simpler to develop, deploy and debug Azure Sphere apps since then. A set of samples and solutions on GitHub provide easy building blocks for developers to get started.

Microsoft is working on ways to help manufacturers secure and service their connected devices by leverage existing code running on a Real-Time Operating Systems (RTOS) or bare-metal. One approach is to enable the M4 core processors embedded in the MediaTek MT3620 chip.

This makes it easy to enhance MCU code to send and receive data via the protection of a partner app running on the Azure Sphere OS. It can be updated seamlessly in the field to add features or to address issues.

Jack M. Germain

Jack M. Germain has been an ECT News Network reporter since 2003. His main areas of focus are enterprise IT, Linux and open source technologies. He has written numerous reviews of Linux distros and other open source software.Email Jack.

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

More by Jack M. Germain
More in Software

LinuxInsider Channels