This article has multiple issues. Please help improve it or discuss these issues on the talk page . (Learn how and when to remove these template messages)
|
Developer | Microsoft |
---|---|
Written in | C and others |
OS family | Unix-like (Linux) |
Working state | Current |
Source model | At least partially open source |
General availability | February 24, 2020 |
Latest release | 23.05 / June 20, 2023[1] |
Latest preview | 19.10 [2] / November 7, 2019 |
Repository | |
Platforms | ARM (MediaTek MT3620) |
Kernel type | Monolithic kernel |
License | To be determined |
Official website | azure |
Azure Sphere is an application platform with integrated communications and security features developed and managed by Microsoft for Internet Connected Devices.
The platform consists of integrated hardware built around a silicon chip: the Azure Sphere OS (operating system for Azure Sphere), an operating system based on Linux, and the Azure Sphere Security Service, a cloud-based security service. Azure Sphere security was developed based on Microsoft Research's position on the seven required characteristics of highly secure devices.
The Azure Sphere OS is a custom Linux-based microcontroller operating system created by Microsoft to run on an Azure Sphere-certified chip and to connect to the Azure Sphere Security Service. [3] [4] [5] The Azure Sphere OS provides a platform for Internet of things application development, including both high-level applications and real-time-capable applications. It is the first operating system running a Linux kernel [6] that Microsoft has publicly released and the second Unix-like operating system that the company has developed for external (public) users, the other being Xenix.
The Azure Sphere Security Service, also known as AS3, is a cloud-based service that facilitates maintenance, updates, and control for Azure Sphere-certified chips. [7] The Azure Sphere Security Service establishes a secure connection between devices and the internet or cloud services and ensures secure boot. The primary purpose of contact between an Azure Sphere device and the Azure Sphere Security Service is to authenticate the device identity, ensure the integrity and trust of the system software, and certify that the device is running a trusted code base. The service also provides a secure channel for Microsoft to automatically download and install Azure Sphere OS updates and customer application updates to deployed devices.
Azure Sphere-certified chips and hardware support two general implementation categories: greenfield and brownfield. Greenfield implementation involves designing and building new IoT devices with an Azure Sphere-certified chip. Azure Sphere-certified chips are currently produced by MediaTek. [8] In June 2019, NXP announced plans to produce a line of Azure Sphere-certified chips. In October 2019, Qualcomm announced plans to produce the first Azure Sphere-certified chips with cellular capabilities. [9] Brownfield implementation involves the use of an Azure Sphere guardian device to securely connect an existing device to the internet. Azure Sphere guardian modules are currently produced by Avnet.
MT3620 is the first Azure Sphere-certified chip and includes an ARM Cortex-A7 processor (500 MHz), two ARM Cortex-M4F I/O subsystems (200 MHz), 5x UART/I2C/SPI, 2x I2S, 8x ADC, up to 12 PWM counters and up to 72x GPIO, and Wi-Fi capability. MT3620 contains the Microsoft Pluton security subsystem with a dedicated ARM Cortext-M4F core that handles secure boot and secure system operation.
An Azure Sphere Guardian module is external, add-on hardware that incorporates an Azure Sphere-certified chip, enabling secure connectivity for an existing device to the internet. In addition to an Azure Sphere-certified chip, an Azure Sphere Guardian module includes the Azure Sphere OS and Azure Sphere Security Service. The Guardian module provides a secure method for connecting existing devices to the internet without exposing them directly. The guardian module can be connected to a device through an existing peripheral on the device and is then connected to the internet through Wi-Fi or Ethernet. The device itself is not connected directly to the network.
Pluton is a Microsoft-designed security subsystem that implements a hardware-based root of trust for Azure Sphere. It includes a security processor core, cryptographic engines, a hardware random number generator, public/private key generation, asymmetric and symmetric encryption, support for elliptic curve digital signature algorithm (ECDSA) verification for secured boot, and measured boot in silicon to support remote attestation with a cloud service, and various tampering counter-measures. [10] [11]
The Linux-based Azure Sphere OS is a platform designed for developers writing applications that use peripherals on the Azure Sphere chip. Applications can run on either the Cortex-A7 core with access to external communications or as real-time capable apps on one of the Cortex-M4 processors. Real-time capable applications can run on either bare metal or with a real-time operating system (RTOS). Developer applications can be distributed to Azure Sphere devices through the same secure mechanism as the Azure Sphere OS updates.
The following is a list of announcements and releases from Microsoft around Azure Sphere.
Date | Description |
---|---|
2018-05-21 | Azure Sphere Announcement [12] |
2018-09-24 | Azure Sphere services are in public preview and dev kits are broadly available [13] |
2018-10-22 | Explanation of Azure Sphere tenant concept [14] |
2018-11-05 | Upcoming Azure Sphere 18.11 release [15] |
2018-11-16 | Update 18.11 for Azure Sphere in public preview [16] |
2019-01-07 | Description of Azure Sphere secured MCU [17] |
2019-01-09 | Azure Sphere: Update to the 18.11 release [18] |
2019-02-15 | Azure Sphere 19.02 Release [19] |
2019-03-15 | Update 19.03 for Azure Sphere public preview now available for evaluation [20] |
2019-03-29 | Update 19.03 for Azure Sphere public preview now available in Retail feed [21] |
2019-04-10 | Update 19.04 for Azure Sphere public preview now available for evaluation [22] |
2019-04-24 | Update 19.04 for Azure Sphere public preview now available in Retail feed [23] |
2019-05-16 | Update 19.05 for Azure Sphere public preview now available for evaluation [24] |
2019-05-31 | Azure Sphere 19.05 Release Unlocks new features in the MT3620 [25] |
2019-06-24 | Update 19.06 for Azure Sphere public preview now available for evaluation [26] |
2019-07-08 | Update 19.06 for Azure Sphere public preview now available in Retail feed [27] |
2019-07-17 | Update 19.07 for Azure Sphere public preview now available for evaluation [28] |
2019-07-31 | The latest update to Azure Sphere (in preview) is now available in the retail feed [29] |
2019-09-25 | Azure Sphere Preview – Update 19.09 is now available for evaluation [30] |
2019-11-01 | Microsoft announces Azure Sphere will be generally available in February 2020 [31] |
2019-11-07 | Update 19.10 for Azure Sphere now available [2] |
2019-12-06 | Azure Sphere update 19.11 is now available via retail feed [32] |
2020-02-24 | Azure Sphere is now Generally Available [33] |
2020-08-20 | Azure Sphere OS 20.08 is now available via retail feed [34] |
2022-06-20 | Rust support announcement (preview) [35] |
2023-06-20 | Azure Sphere 23.05 Release [36] |
Microsoft Windows is a product line of proprietary graphical operating systems developed and marketed by Microsoft. It is grouped into families and sub-families that cater to particular sectors of the computing industry – Windows (unqualified) for a consumer or corporate workstation, Windows Server for a server and Windows IoT for an embedded system. Defunct families include Windows 9x, Windows Mobile, Windows Phone, and Windows Embedded Compact.
The Portable Operating System Interface is a family of standards specified by the IEEE Computer Society for maintaining compatibility between operating systems. POSIX defines both the system and user-level application programming interfaces (APIs), along with command line shells and utility interfaces, for software compatibility (portability) with variants of Unix and other operating systems. POSIX is also a trademark of the IEEE. POSIX is intended to be used by both application and system developers.
Trusted Computing (TC) is a technology developed and promoted by the Trusted Computing Group. The term is taken from the field of trusted systems and has a specialized meaning that is distinct from the field of confidential computing. With Trusted Computing, the computer will consistently behave in expected ways, and those behaviors will be enforced by computer hardware and software. Enforcing this behavior is achieved by loading the hardware with a unique encryption key that is inaccessible to the rest of the system and the owner.
Unified Extensible Firmware Interface is a specification that defines the architecture of the platform firmware used for booting the computer hardware and its interface for interaction with the operating system. Examples of firmware that implement the specification are AMI Aptio, Phoenix SecureCore, TianoCore EDK II, InsydeH2O. UEFI replaces the BIOS which was present in the boot ROM of all personal computers that are IBM PC compatible, although it can provide backwards compatibility with the BIOS using CSM booting. Intel developed the original Extensible Firmware Interface (EFI) specification. Some of the EFI's practices and data formats mirror those of Microsoft Windows. In 2005, UEFI deprecated EFI 1.10.
Microsoft Defender Antivirus is an antivirus software component of Microsoft Windows. It was first released as a downloadable free anti-spyware program for Windows XP and was shipped with Windows Vista and Windows 7. It has evolved into a full antivirus program, replacing Microsoft Security Essentials in Windows 8 or later versions.
Trusted Platform Module (TPM) is an international standard for a secure cryptoprocessor, a dedicated microcontroller designed to secure hardware through integrated cryptographic keys. The term can also refer to a chip conforming to the standard ISO/IEC 11889. Common uses are to verify platform integrity, and to store disk encryption keys.
Microsoft Azure, or just Azure, is the cloud computing platform developed by Microsoft. It offers management, access and development of applications and services to individuals, companies, and governments through its global infrastructure. It also provides a range of capabilities, including software as a service (SaaS), platform as a service (PaaS), and infrastructure as a service (IaaS). Microsoft Azure supports many programming languages, tools, and frameworks, including Microsoft-specific and third-party software and systems.
ChromeOS, sometimes styled as chromeOS and formerly styled as Chrome OS, is a Linux distribution developed and designed by Google. It is derived from the open-source ChromiumOS, based on the Linux kernel, and uses the Google Chrome web browser as its principal user interface.
Microsoft Build is an annual conference event held by Microsoft, aimed at software engineers and web developers using Windows, Microsoft Azure and other Microsoft technologies. First held in 2011, it serves as a successor for Microsoft's previous developer events, the Professional Developers Conference and MIX. The attendee price was (US)$2,195 in 2016, up from $2,095 in 2015. It sold out quickly, within one minute of the registration site opening in 2016.
Windows 10 is a major release of Microsoft's Windows NT operating system. It is the direct successor to Windows 8.1, which was released nearly two years earlier. It was released to manufacturing on July 15, 2015, and later to retail on July 29, 2015. Windows 10 was made available for download via MSDN and TechNet, as a free upgrade for retail copies of Windows 8 and Windows 8.1 users via the Microsoft Store, and to Windows 7 users via Windows Update. Windows 10 receives new builds on an ongoing basis, which are available at no additional cost to users, in addition to additional test builds of Windows 10, which are available to Windows Insiders. Devices in enterprise environments can receive these updates at a slower pace, or use long-term support milestones that only receive critical updates, such as security patches, over their ten-year lifespan of extended support. In June 2021, Microsoft announced that support for Windows 10 editions which are not in the Long-Term Servicing Channel (LTSC) will end on October 14, 2025.
Windows Server 2016 is the twelfth release of the Windows Server operating system developed by Microsoft as part of the Windows NT family of operating systems. It was developed alongside Windows 10 and is the successor to the Windows 8.1-based Windows Server 2012 R2. The first early preview version became available on October 1, 2014 together with the first technical preview of System Center. Windows Server 2016 was released on September 26, 2016 at Microsoft's Ignite conference and reached general availability on October 12, 2016.
Snap is a software packaging and deployment system developed by Canonical for operating systems that use the Linux kernel and the systemd init system. The packages, called snaps, and the tool for using them, snapd, work across a range of Linux distributions and allow upstream software developers to distribute their applications directly to users. Snaps are self-contained applications running in a sandbox with mediated access to the host system. Snap was originally released for cloud applications but was later ported to also work for Internet of Things devices and desktop applications.
Windows 10 is a major release of the Windows NT operating system developed by Microsoft. Microsoft described Windows 10 as an "operating system as a service" that would receive ongoing updates to its features and functionality, augmented with the ability for enterprise environments to receive non-critical updates at a slower pace or use long-term support milestones that will only receive critical updates, such as security patches, over their five-year lifespan of mainstream support. It was released in July 2015.
Windows Subsystem for Linux (WSL) is a feature of Microsoft Windows that allows developers to run a Linux environment without the need for a separate virtual machine or dual booting. There are two versions of WSL: WSL 1 and WSL 2. WSL is not available to all Windows 10 users by default. It can be installed either by joining the Windows Insider program or manually via Microsoft Store or Winget.
Mongoose OS is an Internet of Things (IoT) Firmware Development Framework available under Apache License Version 2.0. It supports low power, connected microcontrollers such as: ESP32, ESP8266, TI CC3200, TI CC3220, STM32. Its purpose is to be a complete environment for prototyping, development and managing connected devices.
Microsoft, a technology company historically known for its opposition to the open source software paradigm, turned to embrace the approach in the 2010s. From the 1970s through 2000s under CEOs Bill Gates and Steve Ballmer, Microsoft viewed the community creation and sharing of communal code, later to be known as free and open source software, as a threat to its business, and both executives spoke negatively against it. In the 2010s, as the industry turned towards cloud, embedded, and mobile computing—technologies powered by open source advances—CEO Satya Nadella led Microsoft towards open source adoption although Microsoft's traditional Windows business continued to grow throughout this period generating revenues of 26.8 billion in the third quarter of 2018, while Microsoft's Azure cloud revenues nearly doubled.
Ampere Computing LLC is an American fabless semiconductor company based in Santa Clara, California that develops processors for servers operating in large scale environments. Ampere also has offices in: Portland, Oregon; Taipei, Taiwan; Raleigh, North Carolina; Bangalore, India; Warsaw, Poland; and Ho Chi Minh City, Vietnam.
Azure Linux, previously known as CBL-Mariner, is a free and open-source Linux distribution that Microsoft has developed. It is the base container OS for Microsoft Azure services and the graphical component of WSL 2.
Azure Maps is a suite of cloud-based, location-based services provided by Microsoft as part of the company's Azure platform. The platform provides geospatial and location-based services via REST APIs and software development kits (SDKs). The service is typically used to integrate maps or geospatial data into applications.
{{cite web}}
: CS1 maint: numeric names: authors list (link)