On April 16, 2018, Microsoft made a major announcement in the IoT space with the introduction of their Azure Sphere platform. Microsoft has been supporting IoT for a long time, including Windows 10 IoT Core, which can run on devices like the Raspberry Pi. Now, they’ve taken their interest in IoT to a whole new level, or should we say a whole new platform: Azure Sphere.
The Azure Sphere platform is made core components: a new open source and secure micro controller platform, a new secure operating system, and a new cloud security platform. This is a serious investment into establishing a security model that can be applied in a common fashion to all IoT devices. All of this focus on security across the Azure Sphere platform may be related to a massive DDoS attack back in 2016, where a flaw was exploited in hundreds of thousands of internet-connectected cameras.
Hardware: The platform starts with a brand new MCU (Microcontroller Unit) architecture which acts as system on a chip (SoC). Included in the SoC are 4 Arm cores, L1 & L2 cache, integrated SRAM, Wifi, and TONS of I/O options. 1 Core is dedicated to security functions only, and cannot be accessed by the 3 user cores. 2 of the cores are dedicated to I/O. The first MCU is already in development at MediaTek, which provides a lot of information about it here. The Register also has a great summary of the Azure Sphere MCU.
Other hardware manufacturers have also partnered with Microsoft on the Azure Sphere MCU. Arm was one of the first (outside of MediaTek) to announce plans to produce Azure Sphere MCU chips.
Software: The operating system is based on Linux, which is a HUGE step for Microsoft. At this point, I can’t find any specific details about their version of Linux. It appears that it will only run on Azure Sphere MCU hardware. On the Azure Sphere introduction page, Microsoft describes the Azure Sphere OS as: “This OS is purpose-built to offer unequalled security and agility. Unlike the RTOSes common to MCUs today, our defense-in-depth IoT OS offers multiple layers of security. It combines security innovations pioneered in Windows, a security monitor, and a custom Linux kernel to create a highly-secured software environment and a trustworthy platform for new IoT experiences.”
Most likely, it requires the code running on the secure core of the Azure Sphere MCU hardware to enable to Azure Sphere Linux OS to run. That is my speculation only. I literally can find NOTHING more on this topic at Microsoft or other leading tech blogs. I can’t find a build of Azure Sphere OS that runs on Raspberry Pi (or other SBC/IoT) hardware. I cannot find where Microsoft has released the Linux kernel code for Azure Sphere OS, either. Since Microsoft has been a somewhat regular contributor to the Linux kernel, I doubt they would jeopardize that relationship by not releasing their Linux-related software under the GPL. Still, it seems odd to a Linux user of about 25 years to hear about a Major Linux release without either source or binaries available.
The Cloud: Rather than misstate Microsoft’s intentions with regards to Azure Sphere cloud, let me quote from the Azure Sphere Introduction page:
Azure Sphere Security Service: A turnkey, cloud service that guards every Azure Sphere device; brokering trust for device-to-device and device-to-cloud communication through certificate-based authentication, detecting emerging security threats across the entire Azure Sphere ecosystem through online failure reporting, and renewing security through software updates. It brings the rigor and scale Microsoft has built over decades protecting our own devices and data in the cloud to MCU powered devices.
It describes a cloud-based service to ensure security across all Azure Sphere devices.
This is exciting news, if Microsoft can pull it off. I can’t wait for more details to be released. The skeptic in me feels that this is a very grand plan. There are literally tens of billions of connected devices that Microsoft wants to improve upon (the introduction article quotes “Over 9 billion of these MCU-powered devices are built and deployed every year”). The problem Microsoft faces is that none of those devices are ever going to get “upgraded” to use Azure Sphere MCUs. Microsoft will have to drive adoption of this platform.
The biggest flaw I see in platform adoption is that the Azure Sphere MCU cost, power, and complexity levels are much higher than many other MCUs out there. Chips like the ATmega32U4 and ESP8266 are available at around $3/unit and the ATmega328 is available for around $1/unit. Pricing is yet to be announced, but unless Azure Sphere MCUs are priced below $3/unit, I don’t see manufacturers jumping on the Azure Sphere bandwagon. If their existing code cannot be easily ported to the Azure Sphere OS, I really don’t see manufacturers jumping there.
There are a number of other concerns for this platform, but we will cover them in the future. Let Microsoft work out the details of this platform with their architects and hardware partners. There is very little to say about the platform until more is known about the OS and how the 3 core platforms work together.
Here are some related links: