Microsoft Brings Linux Driven IoT Security to Azure

Redmond deploys its old nemesis Linux as the base for its Azure Sphere OS, designed to run on internet of things devices.

Christine Hall

April 20, 2018

3 Min Read
Azure Sphere OS, Microsoft, Linux
Pixaby

Microsoft has released Azure Sphere OS, a Linux distro for the internet of things. This has a lot of old school Linux advocates wondering whether that's good or bad. One website reported the story accompanied by a photo of a frozen road to hell. A Linux writer for a maintream tech site was prompted to note that Linux's creator, Linus Torvalds, had once said, "If Microsoft ever does applications for Linux it means I've won."

Evidently, Mr. Torvalds is now enjoying the spoils of victory.

Azure Sphere OS isn't a full fledged Linux distribution that might be found running on a server or the like. It's a tiny little operating system, not much more than a paired down modified kernel, designed to enable IoT devices to exchange information with the mother ship.

The word "tiny" pretty much explains why Microsoft has decided to turn to Linux instead of Windows for this project. The OS is designed to run on a new class of microcontroller chip (MCU) with limited resources, and Windows can't shrink down enough to fit. Not a surprise to anyone who's tried to shoehorn Windows onto a Raspberry Pi.

The Microsoft designed chips, all running Microsoft Linux, can go in anything from toys to "smart home" devices to edge-based industrial machinery. All contain Wi-Fi connectivity and are being offered royalty free to manufacturers. The first of these chips to come to market will be MediaTek's MT3620, a single-core ARM-A7 system that will be available later this year.

The reason behind the project is simple. Microsoft is hoping to drive some business to Azure with a solution to make IoT devices secure.

"Unlike the RTOSes common to MCUs today, our defense-in-depth IoT OS offers multiple layers of security," Galen Hunt, partner managing director at Microsoft Azure Sphere, said in a blog. "It combines security innovations pioneered in Windows, a security monitor, and a custom Linux kernel to create a highly-secured software environment and a trustworthy platform for new IoT experiences."

Also unlike the MCU OSes commonly in use, these systems will be kept secure, partly through silent security patches to the operating system, using another aspect of this new ecosystem: the Azure Sphere Security Service. This aims to increase security for "device-to-device and device-to-cloud communication through certificate-based authentication, detecting emerging security threats ... through online failure reporting, and renewing security through software updates."

According to Microsoft, devices using the Azure Sphere chips and operating system can be used on public clouds other than Azure, although it's not clear whether they would still benefit from the support provided by Azure Sphere Security Service.

Other turnkey solutions to secure IoT can be expected, especially after last year's numerous DDOS attacks of record breaking severity leveraging IoT-based botnets.

For several years security experts, notably Bruce Schneier, have pointed to something of a perfect security storm brewing in the IoT sector, where the majority of devices are minimally protected if protected at all, and are incapable of being updated to meet emerging threats. By 2020, Gartner predicts that 20.8 billion "things" will be connected to the public network.

Last year Amazon Web Services announced a similar product to Azure Sphere at its re:Invent conference. Expect Google Cloud Platform, IBM Cloud, and others to follow suit.

Azure Sphere OS isn't Microsoft's first go at developing its own Linux implementation, but it is the first time it's released a Linux product to the public. In 2015 Redmond announced that it had built and deployed Azure Cloud Switch, a Linux-based cross-platform operating system used for running data center switches and other network devices, but that product hasn't been publicly released.

 

 

About the Author

Christine Hall

Freelance author

Christine Hall has been a journalist since 1971. In 2001 she began writing a weekly consumer computer column and began covering IT full time in 2002, focusing on Linux and open source software. Since 2010 she's published and edited the website FOSS Force. Follow her on Twitter: @BrideOfLinux.

Subscribe to the Data Center Knowledge Newsletter
Get analysis and expert insight on the latest in data center business and technology delivered to your inbox daily.

You May Also Like