Table of contents
- What is Microsoft Azure Sphere?
- Azure Sphere security structure
- Azure Sphere MCU
- Azure Sphere OS
- Azure Sphere Security Service
- Azure Sphere security measures
- Anti-malware
- Buffer overflow protection
- Measures against supply chain attacks
- summary
What is Microsoft Azure Sphere?
“Microsoft Azure Sphere” is a solution for increasing and unifying the security level of IoT devices. It consists of three components: hardware, OS, and cloud services, each of which has a mechanism to ensure security.
First of all, the hardware is a board called “MCU”, which is connected to a PC, set up, and used. This includes a Linux OS, which is used by connecting it to the cloud service Microsoft Azure.
Although the three-layer structure may seem difficult at first glance, Azure Sphere is the interface between IoT devices and related cloud services and support. For example, it would be easier to understand if you consider that a security system called Azure Sphere can be installed on IoT devices, just as each home is equipped with a security service such as HOME ALSOK.
Azure Sphere security structure
Azure Sphere consists of three components: MCU, OS, and cloud service, each of which works together to ensure its own security, creating multi-layered security. Let’s take a look at how each works.
Azure Sphere MCU
Azure Sphere MCU is an abbreviation for “microcontroller unit” and is the core hardware of Azure Sphere. Based on the MCU, it connects IoT and the cloud service “Azure Sphere Security Service” provided by Azure . This allows you to remotely control, update, monitor, and maintain IoT devices.
Furthermore, inside the hardware, “Pluton”, ” ARM Cortex-A”, “ARM Cortex-M”, “Wi-Fi wireless function”, “RAM/flash memory”, etc. are installed. Among these, Pluton is a security subsystem developed by Microsoft and has its own encryption and certificate management functions. Furthermore, Cortex-A with a memory management unit and Cortex-M with high real-time performance make communication with IoT even more sophisticated.
It also has a built-in firewall that constantly monitors IoT devices for security threats. Even if an IoT device is attacked, this will prevent malware from spreading to other devices.
Azure Sphere OS
Azure Sphere OS consists of a custom Linux kernel and application containers. The OS is built into the MCU and runs in bootloader and supervisor mode. Additionally, applications run in isolated containers, making communication more secure.
Azure Sphere Security Service
Azure Sphere Security Service is a cloud-based security service. Connect IoT devices and internet communication more securely. Communication is done via certificates and the software runs in such a way that it only uses what you are using.
Additionally, OS updates are performed automatically. By eliminating the gap for third party intervention, security holes are eliminated and the risk of cyber attacks is reduced.
Azure Sphere security measures
IoT devices are exposed to a variety of risks, including malware, buffer overflows, and supply chain attacks. By implementing Azure Sphere, you can protect IoT devices from various cyber attacks.
Anti-malware
IoT malware attacks involve software modification through unauthorized access. The tampered software uses the infected IoT device as a springboard to attack other IoT devices and PCs. To prevent such attacks, set passwords and apply updates to fix vulnerabilities.
Additionally, when Azure Sphere is introduced, signature authentication is used to thoroughly verify that the software is genuine. Furthermore, in order to check that the software is the latest, it is designed to prevent tampered software from running.
Buffer overflow protection
A “buffer overflow” is an attack that destroys or controls a program by overflowing a buffer in the memory stack area. Because they can change the behavior of software, they are considered one of the attacks that pose a particularly high security risk.
Because it is a program-based vulnerability, there is no major countermeasure that users can take other than updating the software. Azure Sphere uses Stack Guard to protect against such attacks and protect your software from overflow. Additionally, even if the attack is successful, sandboxing and layered defenses can prevent other devices from being compromised.
Measures against supply chain attacks
A supply chain attack is a method of infiltrating the supply chain and conducting an attack. This method has two main attack patterns. One method is to install malware during the manufacturing process of devices and other equipment, or to obtain private keys. Since the devices used by users are vulnerable or have viruses installed, they are easily attacked.
They can also infiltrate the target company’s network by infiltrating one of the attacking company’s supply chains. Attackers find related companies with low security levels and use them as springboards.
In Azure Sphere, public and private keys are generated on silicon, so they cannot be obtained without breaking the chip. Furthermore, this public/private key is not disclosed to software, making it safe to use.
summary
Azure Sphere increases the security level with three tools: hardware, OS, and cloud services. It is difficult for crackers to break through this barrier, making IoT devices safer to use. As attacks targeting IoT devices are expected to increase in the future, it is essential to introduce Azure Sphere.
