Getting Started with Azure Sphere

Microsoft Azure Sphere is a comprehensive solution for IoT that includes layered security within microcontroller technology. By building state-of-the-art security into all aspects, Azure Sphere significantly streamlines security design, implementation and testing for a solution overall, expediting integration and delivery. Bsquare is one of the first solutions integrators for Azure Sphere.

Contact us to learn more about Azure Sphere technology and how Bsquare can help you design and implement your secure, dedicated device.

Why Azure Sphere

Microsoft’s long experience securing Windows and Xbox against hackers helped it identify the seven features required for a highly secure network-connected system. These foundational elements are:

  1. Hardware-based Root of Trust Crypto keys generated and protected by hardware
  2. Small Trusted Computing Base Private keys stored securely, self-protecting software layers
  3. Defense in Depth Multiple mitigations against each threat
  4. Compartmentalization Hardware-enforced barriers between software components
  5. Certificate-based Authentication Signed certificate proving device authenticity
  6. Renewable Security Software update mechanism, revocation of compromised assets
  7. Failure Reporting: Device reports failures and attacks to cloud-based analysis system

This formed the basis for the Azure Sphere system and secured microcontroller solutions. The Azure Sphere system offers:

  • Secured microcontroller design: This consists of multiple cores on a single die, the OS and applications run in an ARM Cortex-A core, and there are one or more ARM Cortex-M cores for real-time applications (either an RTOS such as ThreadX or “bare-metal” code). Hardware firewalls enforce separation between software components. Microsoft’s “Pluton” security system runs as part of the secure boot of the device and provides the hardware root of trust.
  • Secured Linux operating system: The application platform (Cortex-A core) runs the Azure Sphere OS, based around a secured Linux kernel using the Pluton security system.
  • Cloud security service: This provides device attestation and authentication and software updates to operating system and application software

Bsquare Engineering and Operations Services

Bsquare has been involved in the Azure Sphere program since early in its inception. As one of the first solution integrators to use the technology, we have been able to provide feedback to Microsoft and build expertise on best practices in real-world situations.

As specialists in working with constrained devices, our engineering team can help accelerate integrating Sphere into your product. We can help at any stage of the development, from requirements gathering and design to implementation and testing.

Why Bsquare

Bsquare is a pure software company that offers more than twenty years of Windows IoT and Windows Embedded experience. With our specialized embedded engineering skills, we help you deploy Azure Sphere technology in your device and help you connect legacy systems with Sphere devices. Contact us to learn more about the necessary security offered by Azure Sphere.