Azure Sphere

Last updated
Azure Sphere
Microsoft Azure.svg
Developer Microsoft
Written in C and others
OS family Unix-like (Linux)
Working stateCurrent
Source modelAt least partially open source
General
availability 		February 24, 2020;4 years ago (February 24, 2020)
Latest release 23.05 / June 20, 2023;10 months ago (June 20, 2023) [1]
Latest preview 19.10 [2] / November 7, 2019;4 years ago (2019-11-07)
Repository
Platforms ARM (MediaTek MT3620)
Kernel type Monolithic kernel
License To be determined
Official website azure.microsoft.com/en-us/services/azure-sphere/

Azure Sphere is an application platform with integrated communications and security features developed and managed by Microsoft for Internet Connected Devices.

Contents

The platform consists of integrated hardware built around a silicon chip: the Azure Sphere OS (operating system for Azure Sphere), an operating system based on Linux, and the Azure Sphere Security Service, a cloud-based security service. Azure Sphere security was developed based on Microsoft Research's position on the seven required characteristics of highly secure devices.

Azure Sphere OS

The Azure Sphere OS is a custom Linux-based microcontroller operating system created by Microsoft to run on an Azure Sphere-certified chip and to connect to the Azure Sphere Security Service. [3] [4] [5] The Azure Sphere OS provides a platform for Internet of things application development, including both high-level applications and real-time-capable applications. It is the first operating system running a Linux kernel [6] that Microsoft has publicly released and the second Unix-like operating system that the company has developed for external (public) users, the other being Xenix.

Azure Sphere Security Service

The Azure Sphere Security Service, sometimes referred to as AS3, is a cloud-based service that enables maintenance, updates, and control for Azure Sphere-certified chips. [7] The Azure Sphere Security Service establishes a secure connection between devices and the internet and/or cloud services and ensures secure boot. The primary purpose of contact between an Azure Sphere device and the Azure Sphere Security Service is to authenticate the device identity, ensure the integrity and trust of the system software, and to certify that the device is running a trusted code base. The service also provides the secure channel used by Microsoft to automatically download and install Azure Sphere OS updates and customer application updates to deployed devices.

Azure Sphere chips and hardware

Azure Sphere-certified chips and hardware support two general implementation categories: greenfield and brownfield. Greenfield implementation involves designing and building new IoT devices with an Azure Sphere-certified chip. Azure Sphere-certified chips are currently produced by MediaTek. [8] In June 2019, NXP announced plans to produce a line of Azure Sphere-certified chips. In October 2019, Qualcomm announced plans to produce the first Azure Sphere-certified chips with cellular capabilities. [9] Brownfield implementation involves the use of an Azure Sphere guardian device to securely connect an existing device to the internet. Azure Sphere guardian modules are currently produced by Avnet.

MediaTek 3620

MT3620 is the first Azure Sphere-certified chip and includes an ARM Cortex-A7 processor (500 MHz), two ARM Cortex-M4F I/O subsystems (200 MHz), 5x UART/I2C/SPI, 2x I2S, 8x ADC, up to 12 PWM counters and up to 72x GPIO, and Wi-Fi capability. MT3620 contains the Microsoft Pluton security subsystem with a dedicated ARM Cortext-M4F core that handles secure boot and secure system operation.

Azure Sphere Guardian module

An Azure Sphere Guardian module is external, add-on hardware that incorporates an Azure Sphere-certified chip and can be used to securely connect an existing device to the internet. In addition to an Azure-Sphere certified chip, an Azure Sphere Guardian module includes the Azure Sphere OS and the Azure Sphere Security Service. A guardian module is a method of implementing secure connectivity for existing devices without exposing those devices to the internet. The guardian module can be connected to a device through an existing peripheral on the device and is then connected to the internet through Wi-Fi or Ethernet. The device itself is not connected directly to the network.

Microsoft Pluton

Pluton is a Microsoft-designed security subsystem that implements a hardware-based root of trust for Azure Sphere. It includes a security processor core, cryptographic engines, a hardware random number generator, public/private key generation, asymmetric and symmetric encryption, support for elliptic curve digital signature algorithm (ECDSA) verification for secured boot, and measured boot in silicon to support remote attestation with a cloud service, and various tampering counter-measures. [10] [11]

Application development

The Linux-based Azure Sphere OS is a platform designed for developers writing applications that use peripherals on the Azure Sphere chip. Applications can run on either the A7 core with access to external communications or as real-time capable apps on one of the M4 processors. Real-time capable applications can run on either bare metal or with a real-time operating system (RTOS). Developer applications can be distributed to Azure Sphere devices through the same secure mechanism as the Azure Sphere OS updates.

Timeline

The following is a list of announcements and releases from Microsoft around Azure Sphere.

DateDescription
2018-05-21Azure Sphere Announcement [12]
2018-09-24Azure Sphere services are in public preview and dev kits are broadly available [13]
2018-10-22Explanation of Azure Sphere tenant concept [14]
2018-11-05Upcoming Azure Sphere 18.11 release [15]
2018-11-16Update 18.11 for Azure Sphere in public preview [16]
2019-01-07Description of Azure Sphere secured MCU [17]
2019-01-09Azure Sphere: Update to the 18.11 release [18]
2019-02-15Azure Sphere 19.02 Release [19]
2019-03-15Update 19.03 for Azure Sphere public preview now available for evaluation [20]
2019-03-29Update 19.03 for Azure Sphere public preview now available in Retail feed [21]
2019-04-10Update 19.04 for Azure Sphere public preview now available for evaluation [22]
2019-04-24Update 19.04 for Azure Sphere public preview now available in Retail feed [23]
2019-05-16Update 19.05 for Azure Sphere public preview now available for evaluation [24]
2019-05-31Azure Sphere 19.05 Release Unlocks new features in the MT3620 [25]
2019-06-24Update 19.06 for Azure Sphere public preview now available for evaluation [26]
2019-07-08Update 19.06 for Azure Sphere public preview now available in Retail feed [27]
2019-07-17Update 19.07 for Azure Sphere public preview now available for evaluation [28]
2019-07-31The latest update to Azure Sphere (in preview) is now available in the retail feed [29]
2019-09-25Azure Sphere Preview Update 19.09 is now available for evaluation [30]
2019-11-01Microsoft announces Azure Sphere will be generally available in February 2020 [31]
2019-11-07Update 19.10 for Azure Sphere now available [2]
2019-12-06Azure Sphere update 19.11 is now available via retail feed [32]
2020-02-24Azure Sphere is now Generally Available [33]
2020-08-20Azure Sphere OS 20.08 is now available via retail feed [34]
2022-06-20Rust support announcement (preview) [35]
2023-06-20Azure Sphere 23.05 Release [36]

See also

Related Research Articles

Microsoft Windows is a product line of proprietary graphical operating systems developed and marketed by Microsoft. It is grouped into families and sub-families that cater to particular sectors of the computing industry -- Windows (unqualified) for a consumer or corporate workstation, Windows Server for a server and Windows IoT for an embedded system. Defunct families include Windows 9x, Windows Mobile, Windows Phone, and Windows Embedded Compact.

The Portable Operating System Interface is a family of standards specified by the IEEE Computer Society for maintaining compatibility between operating systems. POSIX defines both the system and user-level application programming interfaces (APIs), along with command line shells and utility interfaces, for software compatibility (portability) with variants of Unix and other operating systems. POSIX is also a trademark of the IEEE. POSIX is intended to be used by both application and system developers.

Trusted Computing (TC) is a technology developed and promoted by the Trusted Computing Group. The term is taken from the field of trusted systems and has a specialized meaning that is distinct from the field of confidential computing. With Trusted Computing, the computer will consistently behave in expected ways, and those behaviors will be enforced by computer hardware and software. Enforcing this behavior is achieved by loading the hardware with a unique encryption key that is inaccessible to the rest of the system and the owner.

<span class="mw-page-title-main">UEFI</span> Operating system and firmware specification

Unified Extensible Firmware Interface is a specification that defines the architecture of the platform firmware used for booting the computer hardware and its interface for interaction with the operating system. Examples of firmware that implement the specification are AMI Aptio, Phoenix SecureCore, TianoCore EDK II, InsydeH2O. UEFI replaces the BIOS which was present in the boot ROM of all personal computers that are IBM PC compatible, although it can provide backwards compatibility with the BIOS using CSM booting. Intel developed the original Extensible Firmware Interface (EFI) specification. Some of the EFI's practices and data formats mirror those of Microsoft Windows. In 2005, UEFI deprecated EFI 1.10.

<span class="mw-page-title-main">Trusted Platform Module</span> Standard for secure cryptoprocessors

Trusted Platform Module (TPM) is an international standard for a secure cryptoprocessor, a dedicated microcontroller designed to secure hardware through integrated cryptographic keys. The term can also refer to a chip conforming to the standard ISO/IEC 11889.

Microsoft Azure, often referred to as Azure, is a cloud computing platform developed by Microsoft. It offers access, management, and the development of applications and services through global data centers. It also provides a range of capabilities, including software as a service (SaaS), platform as a service (PaaS), and infrastructure as a service (IaaS). Microsoft Azure supports many programming languages, tools, and frameworks, including Microsoft-specific and third-party software and systems.

<span class="mw-page-title-main">ChromeOS</span> Linux-based operating system developed by Google

ChromeOS, sometimes styled as chromeOS and formerly styled as Chrome OS, is a Linux-based operating system developed and designed by Google. It is derived from the open-source ChromiumOS, based on the Linux kernel, and uses the Google Chrome web browser as its principal user interface.

<span class="mw-page-title-main">Microsoft Build</span> Annual conference event held by Microsoft

Microsoft Build is an annual conference event held by Microsoft, aimed at software engineers and web developers using Windows, Microsoft Azure and other Microsoft technologies. First held in 2011, it serves as a successor for Microsoft's previous developer events, the Professional Developers Conference and MIX. The attendee price was (US)$2,195 in 2016, up from $2,095 in 2015. It sold out quickly, within one minute of the registration site opening in 2016.

<span class="mw-page-title-main">Windows 10</span> Tenth major release of Windows NT, released in 2015

Windows 10 is a major release of Microsoft's Windows NT operating system. It is the direct successor to Windows 8.1, which was released nearly two years earlier. It was released to manufacturing on July 15, 2015, and later to retail on July 29, 2015. Windows 10 was made available for download via MSDN and TechNet, as a free upgrade for retail copies of Windows 8 and Windows 8.1 users via the Microsoft Store, and to Windows 7 users via Windows Update. Windows 10 receives new builds on an ongoing basis, which are available at no additional cost to users, in addition to additional test builds of Windows 10, which are available to Windows Insiders. Devices in enterprise environments can receive these updates at a slower pace, or use long-term support milestones that only receive critical updates, such as security patches, over their ten-year lifespan of extended support. In June 2021, Microsoft announced that support for Windows 10 editions which are not in the Long-Term Servicing Channel (LTSC) will end on October 14, 2025.

<span class="mw-page-title-main">Windows Server 2016</span> Eighth version of Windows Server, released in 2016

Windows Server 2016 is the eleventh release of the Windows Server operating system developed by Microsoft as part of the Windows NT family of operating systems. It was developed alongside Windows 10 and is the successor to the Windows 8.1-based Windows Server 2012 R2. The first early preview version became available on October 1, 2014 together with the first technical preview of System Center. Windows Server 2016 was released on September 26, 2016 at Microsoft's Ignite conference and broadly released for retail sale on October 12, 2016. It was succeeded by Windows Server 2019 and the Windows Server Semi-Annual Channel.

Windows 10 introduced a number of new elements, including the option to use a touch-optimized interface or a traditional desktop interface similar to that of Windows 7 along with live tiles from Windows 8. However, unlike previous versions of Windows, where most, if not all, major features for that release were completed by its RTM, Windows 10 continues to receive major features and changes beyond its initial release to market. Microsoft describes Windows 10 as an "operating system as a service" that will receive ongoing updates to its features and functionality. This is supplemented with the ability for enterprise environments to receive non-critical updates at a slower pace, and to use long-term support milestones that will only receive critical updates, such as security patches, over their ten-year lifespan of support.

<span class="mw-page-title-main">Snap (software)</span> Software deployment system for Linux by Canonical

Snap is a software packaging and deployment system developed by Canonical for operating systems that use the Linux kernel and the systemd init system. The packages, called snaps, and the tool for using them, snapd, work across a range of Linux distributions and allow upstream software developers to distribute their applications directly to users. Snaps are self-contained applications running in a sandbox with mediated access to the host system. Snap was originally released for cloud applications but was later ported to also work for Internet of Things devices and desktop applications.

Windows 10 is a major release of the Windows NT operating system developed by Microsoft. Microsoft described Windows 10 as an "operating system as a service" that would receive ongoing updates to its features and functionality, augmented with the ability for enterprise environments to receive non-critical updates at a slower pace or use long-term support milestones that will only receive critical updates, such as security patches, over their five-year lifespan of mainstream support. It was released in July 2015.

<span class="mw-page-title-main">Windows Subsystem for Linux</span> Compatibility layer for running Linux binary executables natively on Windows

Windows Subsystem for Linux (WSL) is a feature of Microsoft Windows that allows developers to run a Linux environment without the need for a separate virtual machine or dual booting. There are two versions of WSL: WSL 1 and WSL 2. WSL is not available to all Windows 10 users by default. It can be installed either by joining the Windows Insider program or manually via Microsoft Store or Winget.

Mongoose OS is an Internet of Things (IoT) Firmware Development Framework available under Apache License Version 2.0. It supports low power, connected microcontrollers such as: ESP32, ESP8266, TI CC3200, TI CC3220, STM32. Its purpose is to be a complete environment for prototyping, development and managing connected devices.

Microsoft, a technology company historically known for its opposition to the open source software paradigm, turned to embrace the approach in the 2010s. From the 1970s through 2000s under CEOs Bill Gates and Steve Ballmer, Microsoft viewed the community creation and sharing of communal code, later to be known as free and open source software, as a threat to its business, and both executives spoke negatively against it. In the 2010s, as the industry turned towards cloud, embedded, and mobile computing—technologies powered by open source advances—CEO Satya Nadella led Microsoft towards open source adoption although Microsoft's traditional Windows business continued to grow throughout this period generating revenues of 26.8 billion in the third quarter of 2018, while Microsoft's Azure cloud revenues nearly doubled.

Azure Virtual Desktop (AVD), formerly known as Windows Virtual Desktop (WVD), is a Microsoft Azure-based system for virtualizing its Windows operating systems, providing virtualized desktops and applications securely in the cloud. It is aimed at enterprise customers rather than at individual users.

<span class="mw-page-title-main">Ampere Computing</span> American fabless semiconductor company

Ampere Computing LLC is an American fabless semiconductor company based in Santa Clara, California that develops processors for servers operating in large scale environments. Ampere also has offices in: Portland, Oregon; Taipei, Taiwan; Raleigh, North Carolina; Bangalore, India; Warsaw, Poland; and Ho Chi Minh City, Vietnam.

<span class="mw-page-title-main">Azure Linux</span> Microsoft open source operating system

Azure Linux, previously known as CBL-Mariner, is a free and open-source Linux distribution that Microsoft has developed. It is the base container OS for Microsoft Azure services and the graphical component of WSL 2.

Azure Maps is a suite of cloud-based, location-based services provided by Microsoft as part of the company's Azure platform. The platform provides geospatial and location-based services via REST APIs and software development kits (SDKs). The service is typically used to integrate maps or geospatial data into applications.

References

  1. "What's new in Azure Sphere". learn.microsoft.com/. Microsoft.
  2. 1 2 "Update 19.10 for Azure Sphere now available". azure.microsoft.com. November 7, 2019. Retrieved November 7, 2019.
  3. Speed, Richard. "Now that's old-school cool: Microsoft techies slap Azure Sphere IoT chip in an Altair 8800". www.theregister.com.
  4. Staff, Ars (April 16, 2018). "Microsoft's bid to secure the Internet of Things: Custom Linux, custom chips, Azure". Ars Technica.
  5. "Microsoft's chip push continues with Azure Sphere: Securing gadgets with chips and Linux".
  6. "Linux Is Microsoft's OS of Choice for Internet of Things Devices". Digital Trends. April 17, 2018.
  7. richcalaway. "Terminology - Azure Sphere". docs.microsoft.com. Retrieved 2022-08-05.
  8. "Azure Sphere". Archived from the original on 2018-06-14. Retrieved 2018-04-18.
  9. "Qualcomm to build Azure Sphere chips with Cellular connectivity". build5nines.com. October 23, 2019. Retrieved October 23, 2019.
  10. Team, Microsoft 365 Defender Threat Intelligence (2020-11-17). "Meet the Microsoft Pluton processor – The security chip designed for the future of Windows PCs". Microsoft Security Blog. Retrieved 2022-11-26.{{cite web}}: CS1 maint: numeric names: authors list (link)
  11. vinaypamnani-msft. "Microsoft Pluton as Trusted Platform Module (TPM 2.0)". learn.microsoft.com. Retrieved 2022-11-26.
  12. "Azure Sphere". azure.microsoft.com. May 21, 2018. Retrieved May 21, 2018.
  13. "Azure Sphere services are in public preview and dev kits are broadly available". azure.microsoft.com. September 24, 2018. Retrieved September 24, 2018.
  14. "Background on Azure Sphere tenant concept". azure.microsoft.com. May 21, 2018. Retrieved May 21, 2018.
  15. "Upcoming Azure Sphere 18.11 release". azure.microsoft.com. November 5, 2018. Retrieved November 5, 2018.
  16. "Update 18.11 for Azure Sphere in public preview". azure.microsoft.com. November 16, 2018. Retrieved November 16, 2018.
  17. "Azure Sphere - Anatomy of a secured MCU". azure.microsoft.com. January 7, 2019. Retrieved January 7, 2019.
  18. "Azure Sphere: Update to the 18.11 release". azure.microsoft.com. January 9, 2019. Retrieved January 9, 2019.
  19. "Azure Sphere 19.02 Releas". azure.microsoft.com. February 15, 2019. Retrieved February 15, 2019.
  20. "Update 19.03 for Azure Sphere public preview now available for evaluation". azure.microsoft.com. March 15, 2019. Retrieved March 15, 2019.
  21. "Update 19.03 for Azure Sphere public preview now available in Retail feed". azure.microsoft.com. March 29, 2019. Retrieved March 29, 2019.
  22. "Update 19.04 for Azure Sphere public preview now available for evaluation". azure.microsoft.com. April 10, 2019. Retrieved April 10, 2019.
  23. "Update 19.04 for Azure Sphere public preview now available in Retail feed". azure.microsoft.com. April 24, 2019. Retrieved April 24, 2019.
  24. "Update 19.05 for Azure Sphere public preview now available for evaluation". azure.microsoft.com. May 16, 2019. Retrieved May 16, 2019.
  25. "Azure Sphere 19.05 Release Unlocks new features in the MT3620". azure.microsoft.com. May 31, 2019. Retrieved May 31, 2019.
  26. "Update 19.06 for Azure Sphere public preview now available for evaluation". azure.microsoft.com. June 24, 2019. Retrieved June 24, 2019.
  27. "Update 19.06 for Azure Sphere public preview now available in Retail feed". azure.microsoft.com. July 8, 2019. Retrieved July 8, 2019.
  28. "Update 19.07 for Azure Sphere public preview now available for evaluation". azure.microsoft.com. July 17, 2019. Retrieved July 17, 2019.
  29. "The latest update to Azure Sphere (in preview) is now available in the retail feed". azure.microsoft.com. July 31, 2019. Retrieved July 31, 2019.
  30. "Azure Sphere Preview—Update 19.09 is now available for evaluation". azure.microsoft.com. September 25, 2019. Retrieved September 25, 2019.
  31. "Azure Sphere will be generally available in February 2020". azure.microsoft.com. November 1, 2019. Retrieved November 1, 2019.
  32. "Azure Sphere update 19.11 is now available via retail feed". azure.microsoft.com. December 6, 2019. Retrieved December 6, 2019.
  33. "A secure foundation for IoT, Azure Sphere now generally available". azure.microsoft.com. February 24, 2020. Retrieved February 24, 2020.
  34. "Azure Sphere OS version 20.08 is now available". azure.microsoft.com. August 20, 2020. Retrieved August 21, 2020.
  35. "Previewing Rust on Azure Sphere". TECHCOMMUNITY.MICROSOFT.COM. 2022-06-21. Retrieved 2022-06-21.
  36. jws (2023-08-08). "What's new - Azure Sphere". learn.microsoft.com. Retrieved 2023-10-18.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.