It was bound to happen sooner and later! Fortunately, it has happened sooner than expected: Microsoft has built a custom Linux kernel which powers Azure Sphere, a system that combines a secure version of the popular open source OS, secure microcontrollers and a secure cloud service that can patch IoT devices automatically.
Everything started back in 2015, when a team of Microsoft researchers identified the top seven properties of highly secure devices. You can read the entire report here, but these are the key points:
1. Secure devices use complex cryptographic keys which are generated and protected by hardware.
2. Private keys are stored in a hardware-based vault.
3. In-depth defense mechanisms guarantee that the device is protected even if one of its security layers is compromised.
4. Software components are isolated using hardware-enforced barriers.
5. Signed certificates (and not passwords) are used to verify the device's identity and authenticity.
6. Renewable security mechanisms allow the infected devices to be automatically updated, and thus restored to a secure state, fixing any compromised sub-systems.
7. Software failures are reported to a cloud-based analysis system, which can determine if a certain type of IoT devices are targeted by cyber attackers.
So far, conscious IoT developers have struggled to keep their software patched, but that was pretty much it. Often, things didn't work out as expected by only patching applications, because the CPUs themselves had security-related issues (think Meltdown, for example). Also, the data that was exchanged by the IoT devices and their target servers was often unencrypted, allowing hackers to intercept it.
Microsoft wanted to change all of that by creating an environment which fixes all these issues and (surprisingly) can be used with any of the top cloud service providers, such as Google Cloud, Amazon Web Services, or Oracle Cloud. It is true that Microsoft Azure will probably be the preferred solution by most companies, because it can automatically update all the IoT apps that are hosted on the platform whenever Azure Sphere gets a new patch.
This is a crucial feature, especially for businesses who utilize lots of Internet of Things devices. The Mirai malware has proven that a single vulnerable IoT device can spread the infection across the entire company network.
Azure Sphere OS utilizes a custom-built Linux kernel, which provides several security layers. It's a premiere; for the first time in its history, Microsoft has built chips that run using Linux, and not Windows! There is a logical explanation for that: you can't run a full-sized version of Windows, at full speed, on a device that's got the size of a coin.
Azure Sphere's certified microcontrollers have also been designed by Microsoft, and can be licensed for free. They include "Pluton" subsystems, which are guaranteed to increase the security of the next generation of IoT devices.
The Pluton subsystem includes a security processor CPU, support for several cryptographic engines (AES, SHA, RSA, ECC), a hardware-based random number generator, a key store, and a cryptographic operation engine. The built-in random number generator randomizes the execution of the boot firmware and helps generate complex cryptographic codes, making it almost impossible for malware to attach itself to the booting sequence.
The last piece of the puzzle is the cloud-based security service, which manages the microcontroller chips. Devices that use Azure Sphere will be able to communicate securely with each other and with the cloud, using certificate-based authentication.
In a nutshell, Azure Sphere offers a solid software foundation that runs using secure hardware and connects to a secure cloud service. It's a holistic security mechanism which should be able to detect and successfully fight any threats. I don't know about you, but I look forward to seeing it in action.