Microsoft today announced a new program called Azure Sphere to better secure the millions of microcontroller-powered devices coming online as part of the internet of things (IoT). With Azure Sphere, Microsoft has made a previously unthinkable move: launching a custom Linux kernel.
The system comes in three parts: a set of certified microcontrollers made by the company’s partners that include custom silicon to create a hardware root of trust. On top of that, Microsoft announced a Linux-based Azure Sphere operating system that’s supposed to have multiple layers of security baked into the code powering a microcontroller chip. Finally, Microsoft is launching an Azure Sphere Security Service that’s supposed to handle security and management of those chips.
Microcontrollers are an important piece of the hardware ecosystem that powers billions of devices. While only a small fraction of them are currently connected to the internet, the growth of IoT workloads means more will be coming online soon. Companies that don’t secure those devices could be in big trouble. One key proof point in that realm was the Mirai botnet, which used infected IoT devices to launch massive denial-of-service attacks. Mirai is dead, but its reign of terror showed how low-power devices could be used to wreak havoc.
This deeply integrated approach could give Microsoft an edge in a growing market. More companies are trying to expand their IoT workloads and using cloud providers like Microsoft Azure and Amazon Web Services to power that work. Microsoft president Brad Smith said during a press conference that the chips will work with services from AWS, Google Cloud, and other competitors in addition to Azure.
Microsoft is working with a group of hardware partners to create Azure Sphere-compatible chips. MediaTek is working on getting its first compatible chip, the MT3620, ready for broad availability on the market this year. The tech titan will provide Azure Sphere silicon technology to other companies royalty-free so they can more easily build it into their hardware.
Microsoft expects that the first wave of Azure Sphere-compatible devices will be available by the end of this year, with development kits arriving during the middle of 2018. The service is currently in private preview.
Correction April 16, 3 p.m. Pacific: This article previously said Microsoft is releasing a custom Linux distribution. It’s releasing a custom Linux kernel.