End-to-end IoT device security with Azure Sphere | Azure Friday


>>Hey friends. Back at Build 2018, we did a quick episode
on Azure Sphere and I promised we’d do a regular
Azure Friday episode. Well, this is that episode. Now that Azure Sphere is GA, Caitie is here xto give
me an updated overview of IoT device security and
how Azure Sphere delivers comprehensive end-to-end
device security that protects devices for over a decade
today on Azure Friday. [MUSIC]. Hey friends, it’s me, I’m Scott Hanselman,
and it’s Azure Friday. I’m here with Caitie McCaffrey,
Engineer, Architect, Engineering Manager, all-star,
generally cool person, talking to me about Azure Sphere.>>Yes.>>Now, I’m going to have to
speak from a place of ignorance.>>Sure.>>I appreciate your patience as
you always have been with me. Why would I not just
use a Raspberry Pi or some off the shelf chip
that I can buy for a dollar>>Yeah, totally.>>When I want to do an IoT system.>>So Azure Sphere is an end-to-end solution to
secure your IoT devices, and so this project was actually started at
Microsoft Research for how do we secure the 9
billion connected devices or 9 billion MCUs that
are coming online, and a large percentage of that
are connected to the internet.>>MCUs.>>Microcontroller. Thank you. So we started from
research principles, we produced a paper called The Seven Properties of
Highly Secure Devices, and then we set out to build
a product around that, and that product is Azure Sphere. So there is basically
some lessons learned from being at Microsoft in Windows and best practices
in the industry. We’ve decided there’s these seven
properties and some of them require silicon things like
a hardware root of trust, and so we have our Pluton run-time, which is in every Azure Sphere chip. Then we have things that require an operating system and the hardware, so we actually have our own
Azure Sphere operating system that runs on these microcontrollers, and it’s based off of a
modified Linux kernel. Then we actually have
security services, which is the piece that I’m
personally responsible for, that guard every Azure
Sphere device and do things like authentication. So it issues certificates to
every single device to use, talking to not only our services, but whatever services you would
like your IoT devices to be doing. We do update the software. So we’ve already shipped thousands of Linux patches to the existing
Azure Sphere devices in the wild today. Then we also do error reporting, which is thinking
about like looking at telemetry from the devices, how they’re running,
are they crashing, what software are they running, and trying to detect vulnerabilities as well to protect them that way.>>So you just listed a bunch of things that support those principles.>>Yes.>>Does the average MCU, microcontroller and you get not a microprocessor like a Raspberry Pi, but a small microcontroller like the ones that run all
the little stuff; my smart lights, and my thermostat. Do they have any of those things?>>There are bits and pieces, but we believe that we’re
uniquely positioned at Microsoft to offer a really end-to-end solution
that works together. So because we have this
vertically integrated solution, we have a much higher
security bar overall. So part of the reason we frame it as The Seven Properties
is then you can go take these seven properties and look at Azure Sphere compared to whatever solution you’re
looking at and saying, does it meet the bar, does it meet the criteria?>>So I’ve got, let’s
say smart light bulb, or smart camera, or refrigerator. I’ve bought a number
of those things at a local bookstore based website
that delivers things very fast, and frankly a couple of the
companies don’t even exist anymore.>>So are you getting
software updates, right? No.>>Yeah. In the past, how do you update the firmware like
the light needs firmware.>>Right.>>You visit an unsecure local
website and post a bin file, and just dumps it into
storage and then flashes.>>So probably not the most secure
way to update your software.>>Wild west.>>Things even providing update is, like a lot of IoT devices didn’t
even provide a way to update, and when was the last
time your router software updated, probably like never.>>There’s billions of unsecured MCUs out there running and they’re
going to live like that forever.>>Yeah. So you see things, and one of the other big
principles is we only do certificate based
authentication on these devices; there’s no passwords anywhere. So one of the big attacks
was the Mirai botnet attack, which was a 100,000 devices that were compromised via an unsecure password. There was no means to update these
devices quickly or securely, and so they ended up DDoS-ing a major part of the East
Coast Data centers. That caused a ton of damage
for only a 100,000 devices, and so we want everyone
to be able to build great solutions and do digital transformation with their
businesses and come up with, and we’ll take care of
the security for you.>>So this is security as
a service at the IoT Edge?>>Yes.>>I don’t think about these things. I just write my business logic.>>Yeah.>>You provide the best practices?>>Yes. Really all you have to think about is
writing your application, and one of the other great
things we’ve done with Azure Sphere is really focus
on the developer experience. So when you’re writing
your application, there are samples up
on GitHub that you can use to get started with. You just have to think
about your application. It runs in a secure sandbox, and so even if you have
a security vulnerability in your application, it would be much
harder to compromise.>>It’s a microcontroller, but there’s still a sandbox of sorts.>>Yes. Our operating system is still a high level operating system. We have pieces from
our security monitor, which that’s the piece that
interacts with our secure hardware. We have the Linux kernel and then
we have our OS applications that take care of things like update
and other device operations. Then you run your application
in the top of that sandbox, and so it provides much stronger security
guarantees than something like an RTOS where you just compile your application
into the firmware. So if there’s an exploit
in your application, then there’s no
compartmentalization to protect the underlying
operating system and perhaps be able to
update your way out of it.>>So you said RTOS,
real-time operating system.>>Yeah. You can think about
it like these are really tiny, but you can think about
it in a similar way, we provide a lot of the nice things like when you’re in.NET you’re
not running on the metal and no one’s writing
assembly language code to write your.NET
applications anymore. The CLR and.NET does a lot
of the nice things for you.>>Low level is relative.>>So this is still low level. You’re writing C code, but you don’t have to
worry about a lot of these things like how do
I update my application, and how do I obtain certificates to authenticate securely
and things like that. We just provide them for you.>>How do you balance
that because I’m doing some low-level work right now and I’m literally writing C code that
says make that pin high. Which is pretty low level, I’m setting voltage on a pin.>>You still will be able to do that here like if you play
with our dev kit, there’s GPIO pins that we support a bunch of
different other peripherals on the Seeed dev
board that Seeed made running the Media Tech MT3620 chip. There’s a couple other
dev boards that we’ve announced since build two years ago. Last year, two years ago time?>>Yeah. Been a while.>>So you’re still
able to control that. You’re still doing, like
working with your pins. There’s just a supported set of APIs, and one of the guarantees we make is that you’re absolutely backwards compatible through all of
the OS updates we apply.>>Really?>>Yes.>>So that’s interesting. So
you can update this thing. Do you force it to update?>>We force the OS to update. We require, as part of the
terms of using these devices, is that you will get
operating system updates. You can defer it for
a period of time, say like your dishwasher’s running.>>Because you promised it’s
not going to break things, so then you get the
best of both worlds.>>Yeah. This is really important because you look at
in the real world when people can opt into updates things
like WannaCry and NotPetya, which were two big attacks. We’re basically done through exploits in operating systems that were fixed and
patched years ago, years before the attacks happened, and the places that got attacked didn’t update
their operating system. So this is why we believe if you can respond quickly and if you can update the operating system, you’re much less
likely to be targeted.>>I see. So it’s
less about zero days and it’s more about 7,000 days. Like this is a 10-year-old
bug you never patched.>>It definitely raises the bar
for a compromise to happen.>>That’s a really good way to put, raises the bar for a compromise. So up on the screen here we’ve got a number of the
different development kits. You said that there’s a
couple of more coming. I can just go and buy one of these?>>You can. Yeah. So
Seeed makes two of them, and Avnet made another one. So you can go buy them
and play with them today.>>Then I can go and walk through a complete quickstart up here on
docs, and it walks me through it. I noticed that it says
install Azure Sphere. I can use Windows or Linux, and it says I can use
Visual Studio Code.>>Yes. So this is new, we used to only support
full-blown Visual Studio, and now we support
Visual Studio Code. You can run on Windows or Linux, and so you can develop wherever you feel most comfortable now,
which is really exciting.>>I can actually debug my system. I’m going to be using things
like CMake and Build, and stuff that I’m familiar with if I have done any kind of
embedded work before. It won’t feel foreign.>>No. The debug is
the really fun thing. If you actually hook up
your Azure Sphere device to your laptop just via a USB port, then you can actually
hit F5 in Visual Studio and start line stepping through your code and you see it
running on the device. So that’s awesome, and it just
makes app development a lot easier.>>Yeah. I have been actually working on a project
right now with the 6502 trying to learn how programming
was in the 70’s and 80’s. I’m flashing EEPROM and then
phishing them off of the board. So being able to step through would be a step up for what I’m
trying to do right now. Then if we go up here to Azure
Sphere samples up on GitHub, we’ve got all kinds of samples. I’m looking here at the
HelloWorld high-level app. But there’s actually a
ton of samples, a lot.>>Yeah. So we have examples from
everything like using GPIO pins to getting hooked up with Azure IoT if you want to start sending
telemetry event that way. So there’s a lot of
places to go play around, clone the solution, get started, experiment, and have
fun with Azure Sphere.>>So Azure Sphere is
out, it’s happening. I think we can get a shot
of the board here from Seeed’s Studios that
we put on our desk. This is the MT3620 development kit, and the board is quite small. But this is the development board, I assume that in production they can actually be even smaller than that.>>Yeah. So the piece
that’s very specific, this little chip right here is the Azure Sphere MT3620
chip from Media Tech.>>Okay. That is the magic, and then the board here is this size because we want buttons and
development stuff on it. So then when you go to production
you might design your own board, and then put that chip on it.>>Yeah. You can take
the chip and put it on whatever module and make
it as small as you like, and only add the pins that
are necessary to reduce cost.>>And hide it in a light bulb
that will then be secure, promising for how many years?>>13 years from the creation
of the stock of the chip.>>13 years?>>Yeah.>>That’s fantastic.
I cannot think of a device in my house that
has lasted that long. So that is a nice promise to have. So folks can go and check that
out at Azure.com/Azure-Sphere. Go ahead and search for
Azure Sphere, check it out. They are getting started
where they’ve got a whole series of devices
that you can go and buy. I’m having a blast learning about secure IoT solutions
today on Azure Friday. [MUSIC]

Leave a Reply

Your email address will not be published. Required fields are marked *