How Microsoft Addresses Security in Azure Sphere – The 7 Pillars of IoT Security

by | Jan 28, 2020

Jon Hallsten, CEO of Hallsten Innovations, discusses how IoT security is not just a trivial matter of devices being hacked and gives a high-level description of how Microsoft has architected security in their IoT product, Azure Sphere. Hallsten puts forth a very thoughtful argument, with examples of DDOS (distributed denial-of-service) attacks and that IoT security breaches will have much more serious consequences than just taking over the functionality of the devices.

Microsoft's implementation is hard to ignore, in fact, I recommend that all IoT security architects and IoT product builders study the security implementation in Microsoft Azure Sphere in greater detail. The reason is that Microsoft is one of the few players in the industry who have tirelessly taken hackers and security challenges head-on since the MS-DOS days in the 1980s to date, and they must have incorporated their learnings by now with this IoT security architecture.

Hallsten gives a high-level account of the 7 pillars of IoT security built into Microsoft Azure Sphere:
  1. Hardware Root of Trust
  2. Certificate-Based Authentication
  3. Small Trusted Computing Base
  4. Defense in Depth
  5. Compartmentalization
  6. Failure Reporting
  7. Renewables Security

It seems Azure Sphere is designed with security first in mind for an internet-connected network of devices. I think all IoT solutions should follow the security first philosophy and one should budget for security exclusively in their IoT projects. Going further into the article, Hallsten explains that Azure Sphere comprises a secured and certified pool of MCUs, a custom Linux based OS (Wow! Microsoft and Linux, that is something!) and cloud-based security services to keep your fleet of IoT devices up to date with latest security measures.
Continue to original Article >

Ioterra – Where you go for IoT Development

Find the right solutions and services for your needs from the most comprehensive marketplace for IoT projects.