Microsoft introduces Azure Sphere, which consists of a low-cost, Microsoft-adapted MediaTek chip, a Linux kernel-based operating system and security through software updates.
The platform rests on three pillars. One is a microcontroller. According to Microsoft, it lacks sufficient security functions in existing microcontrollers, such as compartmentalization certificate-based authentication, renewable security such as software updates and reporting. To accomplish this, Microsoft has, together with MediaTek, modified an existing ARM Cortex-M4 chip with Wi-Fi and bluetooth, the MT7687 and gave the result the name Sopris.
Among other things, an extra cpu for security, a cryptographic engine, a hardware-based rng and storage for keys have been added to the microcontroller for a complete root of trust . Microsoft is going to license the design for free, so that other chipmakers can get started.
The mcu works in combination with Sphere OS. This is an operating system based on Microsoft’s own Linux kernel, the company of which makes the code available under an open source license. Applications work in containers on the operating system for security purposes. Microsoft already has an operating system for internet-of-things, Windows IoT but that requires considerably more powerful hardware to run smoothly.
The third pillar of the platform is Azure Sphere Security Service, an online service for authentication, software updates and security vulnerability detection.