Microsoft Makes Azure Sphere GA To Secure IoT Devices

'Our mission is to empower every organization on the planet to connect and create secured and trustworthy IoT devices,' Microsoft's Halina McMaster says of the company's Azure Sphere solution for securing IoT devices powered by microcontroller units.


Microsoft has made its Azure Sphere IoT security solution generally available, giving channel partners and developers a new way to secure a pervasive class of power-constrained connected devices.

The Redmond, Wash.-based computer giant announced general availability of Azure Sphere Monday, nearly two years after the company first revealed the new solution for microcontroller unit (MCU) devices as part of its $5 billion IoT investment plan.

[Related: IoT Startup FogHorn Raises $25 Million Series C Funding As Edge AI Takes Off]

Sponsored post

The market for IoT devices powered by IoT devices is massive. According to research firm Reports and Data, the IoT MCU market is expected to reach $4.6 billion by 2026, thanks to a rising demand in smart home devices, wearables, smartphones and computers of varying form factors. MCU chips are also seeing demand across the industrial IoT landscape, including verticals like chemicals and oil and gas.

"Our mission is to empower every organization on the planet to connect and create secured and trustworthy IoT devices," Halina McMaster, principal group program manager at Microsoft, said in a blog post. "General availability is an important milestone for our team and for our customers, demonstrating that we are ready to fulfill our promise at scale."

Azure Sphere consists of three technology components: Azure-certified MCU chips that go into every device and provides a hardware root of trust among other advanced security measures, the Linux-based Azure Sphere operating system that will be continually upgraded with new protections and the cloud-based Azure Sphere Security Service that monitors for threads and brokers device communication.

Unlike other Azure services, the only cost associated with Azure Sphere is the one-time cost of the Azure Sphere-certified MCU chips, which can go into new devices under development or existing devices. The first certified MCU chip available is MediaTek's MT3620 chip, which will cost less than $8.65 and receive ongoing operating system and security updates through July 2031.

With the purchase of a certified MCU chip, Microsoft provides the Azure Sphere OS and Azure Sphere Security Service at no extra cost. In addition to Azure Sphere's ability to receive continuous updates, it can also restore the health of the device should an attack ever happen. Azure Sphere Security Service, on the other hand, serves as a broker for device-to-cloud and device-to-device communication.

With all three components, Microsoft said Azure Sphere covers the seven properties of highly secured devices: a hardware-based root of trust that guarantees that only genuine software is running, multiple layers of defense to make it harder for attacks to succeed, a small trusted computing base designed to minimize the attack surface, dynamic compartmentalization between software components, certificated-based authentication, error reporting and renewable security through ongoing updates.

"Any organization can use the seven properties as a roadmap for device security, but Azure Sphere is designed to give our customers a fast track to secured IoT deployments by having all seven properties built-in," McMaster said in the blog post. "It makes achieving layered, renewable security for connected devices an easy, affordable, no-compromise decision."

Among the partners supporting Azure Sphere is Avnet, which has released the Avnet Azure Sphere MT3620 Starter Kit for rapid prototyping.

"I think this will go a long way to accelerate the proliferation of IoT devices," Lou Lutostanski, Avnet's vice president of IoT, told CRN when Azure Sphere was first announced.