Announced almost two years ago, Microsoft’s secure new Linux-based Internet of Things (IoT) platform is finally available.
“Our mission is to empower every organization on the planet to connect and create secured and trustworthy IoT devices,” Microsoft’s Halina McMaster writes. “General availability is an important milestone for our team and for our customers, demonstrating that we are ready to fulfill our promise at scale. For Azure Sphere, this marks a few specific points in our development. First, our software and hardware have completed rigorous quality and security reviews. Second, our security service is ready to support organizations of any size. And third, our operations and security processes are in place and ready for scale. General availability means that we are ready to put the full power of Microsoft behind securing every Azure Sphere device.”
Microsoft’s original Azure Sphere was about as shocking as any IoT announcement can be: For the first time, Microsoft—a long time maker of proprietary software and a long-time foe of Linux and other open sources solutions—would distribute its own version of Linux, instead of Windows, and do so on new hardware on which Windows will not run. As I noted at the time, Azure Sphere is part of a bigger movement within Microsoft to be relevant in the post-Windows world, to play a major role in the next wave of computing, which I think of as “ambient computing.”
“Azure Sphere isn’t a big story just because Microsoft intends to play a role in ambient computing,” I wrote at that time. “Of course it does. It’s a big deal because Microsoft, very explicitly, intends to play a major role at every level of the stack imaginable. It’s not just providing AI-based cloud services and an Internet of Things (IoT) software platform. It’s doing everything.”
Since that announcement, the Azure Sphere rollout has proceeded slowly and with huge gaps between pre-release milestones. But with its release today, Microsoft can now focus on what it can do for customers.
“There are four components to Azure Sphere: three of them are powered by technology and one of them is powered by people,” Microsoft Distinguished Engineer Galen Hunt says. “Those components combine to form an end-to-end solution that allows any organization that’s building or connecting devices to have the very best of what we know about making internet-connected devices secure.”
Those four components are:
Hardware. Azure Sphere-certified chipsets are built Microsoft’s hardware partners and they have the hardware root of trust that Microsoft created. “These are chips that provide a foundation of security, starting in the silicon itself, and provide connectivity and compute power for these devices,” Hunt says.
Azure Sphere OS. This OS runs on the chipsets and creates a secure software environment.
Azure Sphere security service. Microsoft’s key contribution is a security service that connects with every Azure Sphere chipset and operating system, and it works with the two to keep the device secured throughout its lifetime.
People. Microsoft regards its people and their security expertise as the fourth component of Azure Sphere. “Our team provides ongoing security monitoring of Azure Sphere devices and, actually, of the full ecosystem,” Hunt explains. “As we identify new types of attacks and new emerging security vulnerabilities, we will upgrade our operating system and the cloud services to mitigate against those new kinds of attacks. Then we will deploy updates to every Azure Sphere-based device, globally. So, we’re providing ongoing support, and ongoing security improvements for those devices.”