Microsoft’s integrated IoT security platform becomes generally available

Microsoft announces general availability of Azure Sphere, the company’s integrated security solution for IoT devices and equipment 

Azure Sphere, the all-in-one platform to secure IoT devices that Microsoft has been developing for nearly two years, is launching this week in general availability.

Eligible UK customers keen to get their hands on the platform will be able to sign up for a one-off fee starting at £6.45.

Azure Sphere combines a hardware chip, a Linux OS and a cloud security service. The one-time fee effectively covers the price of the chip, with Microsoft bundling licenses, the OS, the security service and free updates for the lifetime of the chip in for free.

Azure Sphere

Microsoft describes Azure Sphere as an “end-to-end” solution that has “the very best about what we know about making internet-connected devices secure”.

At the heart of the platform are integrated chips that secure, power and connect IoT devices, built by partners including MediaTek, Qualcomm, and NXP.

There are two flavours of Azure Sphere, each requiring different chips to implement. On the lower-end, “guardian” modules, largely developed by Avnet and AI-link, enable existing IoT devices to hook up to the platform.

Then there are chips that enable Azure Sphere IoT devices to be built from scratch, what Microsoft calls “greenfield” implementation. MediaTek’s greenfield MT3620 chip is now available in volume today. NXP is developing one with larger compute capabilities for AI and vision verticals, while Qualcomm has announced plans to produce a “cellular-native” greenfield chip.

On the software side, the Linux-based Azure Sphere OS run on the chips to create a “secure software environment” for IoT app development.

Then, the cloud-based Azure Sphere Security Service connects with every single Azure Sphere chip and OS to enable maintenance, updates, and control throughout certified chips’ lifetimes. This service is underpinned by continuous monitoring performed by Microsoft’s own security pros, who work to identify new types of IoT attacks based on global analysis of the whole Azure Sphere network.

“As we identify new types of attacks and new emerging security vulnerabilities, we will upgrade our operating system and the cloud services to mitigate against those new kinds of attacks,” explained Galen Hunt, distinguished engineer and product leader of Azure Sphere. “Then we will deploy updates to every Azure Sphere-based device, globally.”

Customers seeking to deploy Azure Sphere won’t be locked into Azure. The chips are compatible with other public, private, and hybrid cloud environments including Amazon Web Services and Google Cloud.

Microsoft’s own data centre team has fitted Azure Sphere guardian modules to add remote-connectivity and control to facility systems. Starbucks plans to launch Azure Sphere across its existing equipment in stores globally using guardian modules.